OpenVPN on Google Compute Engine – what route am I missing?

I have installed OpenVPN on other VPS providers, and wanted to try out Google’s. I like Googles price/performance, and especially because I can spin up the machines from my phone without logging in every time.

I’ve got it to the point where the client connects but can’t get out to the internet.

I have opened up the firewall to the OpenVPN port.
I have enable IP forwarding on the virtual machine.
The client gets an IP, Gateway, DNS – all the right stuff – when connected.

I suspect I have to build a router and/or a route in order for the packets to get from the OpenVPN instance to the world. I have read the documentation very well, but I’m stuck – I’m not a network guru yet, still learning as I go.
Through reading it looks like I can transform the network into what they call the “legacy” structure, but I’d like to be able to overcome this challenge and understand what’s going on. I think it’s because the network is broken into many different subnets; compared to just 1 network behind the firewall (ie Legacy).

Looking at a map in my mind, my OpenVPN is sending the data to it’s subnet’s Gateway, but from there I think the packets get dropped. I must need a route from the subnet gateway to the internet? Or even a full router between subnet and internet?

Like I said, I’ve used OpenVPN Virtual machines before, no problem. So I’m very confident that the issue lies within configuring the Google Cloud network.

Thanks for any tips.


One thought to “OpenVPN on Google Compute Engine – what route am I missing?”

  1. Hi, I encountered exactly the same problem as you. This issue is caused by the default behavior of ip forwarding in GCE. It was turned off by default. You need to turn on this setting when you create the vps. For existing instance, you can save a snapshot and recreate your instance with “ip forward” option is on. Please refer to this post of detail:

Leave a Reply