How to Access GCP Private Endpoint for All Google APIs from Azure VM over Classic VPN?

Nikp · January 13, 2025, 10:03pm

I have a classic VPN setup between Azure and Google Cloud Platform (GCP), and I can successfully access VMs on both sides.

In GCP, I created a Private Service Connect endpoint that targets all Google Cloud APIs, allowing private access to these APIs, via the endpoint (e.g., storage-myendpoint.p.googleapis.com). From a VM in GCP, I can connect to this private endpoint without any issues.

However, when I try to connect to the same endpoint from a VM in Azure, it doesn’t work.

Details:

The VPN gateway is connected to the same VPC where the Private Service Connect endpoint is located.
I expected the Azure VM to access the Google APIs via the private endpoint through the VPN, but it fails.

Questions:

Are there specific configurations or additional steps needed to allow Azure VMs to access GCP’s private endpoint over the VPN?
Could there be any network routing or DNS resolution issues preventing Azure VMs from reaching the GCP private endpoint?
Any insights into troubleshooting this setup would be helpful.

Thank you!

ammett · January 20, 2025, 9:43pm

Check out this documentation and remember to export the IP of the endpoint as a custom export from the cloud router. Ensure you can see the IP of the endpoint in your Azure route table.

https://cloud.google.com/vpc/docs/configure-private-service-connect-apis#on-premises
https://cloud.google.com/network-connectivity/docs/router/how-to/advertising-custom-ip

Topic		Replies	Views
How to configure api proxy for APIs hosted in VPN Apigee integration	0	7	June 7, 2016
AZURE and GCP VPN tunnel with BGP Compute Infrastructure cloud-vpn	3	35	February 16, 2022
Setup Tunnelling between two Cloud VPN using Classic Router Compute Infrastructure cloud-vpn	1	3	June 17, 2024

How to Access GCP Private Endpoint for All Google APIs from Azure VM over Classic VPN?

AI Suggested topics