Score:1

How to connect VM Migrate Connector to Google APIs by VPN?

cn flag

In our environment we are trying to connect "Migrate Connector" (https://cloud.google.com/migrate/compute-engine/docs/5.0/how-to/migrate-connector) to Google Cloud for migration VMs from VMware. We have established VPN channel to Google Cloud.

The Migrate Connector when command "m4c register" is executed, sends packets only to public addresses on port 443, like 91.189.92.* and many unknown others IPs (of course every packets are blocked by firewall). I have not seen in documentation any configuration options to change destination IPs.

For security reasons we cannot permit access via public Internet or proxy, traffic must be directed to the VPN channel.

But how to achieve this goal? Which specific traffic?

Score:0
cn flag

It doesn't matter which traffic is generated by connector.

To achieve the goal I had to create DNS zones "googleapis.com and gcr.io" in our DNS server for mapping subdomains to private.googleapis.com and resolving private.googleapis.com to IPs.

Then IPs 199.* which belong to private.googleapis.com are directed to VPN by routing config and connection can be established successfully.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.