professional-service/examples/vpn-usecases/stackit-stackit
Mauritz Uphoff 20dd7ec314
All checks were successful
Default CI / Check for Open TODOs (pull_request) Successful in 43s
Default CI / Secret Scanner (TruffleHog) (pull_request) Successful in 1m7s
Default CI / Pre-Commit Hooks (pull_request) Successful in 2m30s
example(vpn): remove my mail
2026-05-13 13:53:46 +02:00
..
docs example(vpn): implement usecases 2026-05-13 13:21:22 +02:00
.terraform.lock.hcl example(vpn): implement usecases 2026-05-13 13:21:22 +02:00
010-provider.tf example(vpn): implement usecases 2026-05-13 13:21:22 +02:00
020-variables.tf example(vpn): remove my mail 2026-05-13 13:53:46 +02:00
030-stackit-stackit-vpn.tf example(vpn): remove my mail 2026-05-13 13:53:46 +02:00
MAINTAINERS.md example(vpn): implement usecases 2026-05-13 13:21:22 +02:00
README.md example(vpn): implement usecases 2026-05-13 13:21:22 +02:00

STACKIT-to-STACKIT VPN Gateway

This example leverages the STACKIT VPN service to establish a secure, Highly Available (HA) connection between two separate STACKIT Network Areas (SNAs).

The connection utilizes BGP (Border Gateway Protocol) to automatically propagate and learn routing information between the two networks.

Note: Currently, native SNA peering is not available in STACKIT. Therefore, provisioning a VPN connection is the required method to interconnect two SNAs. This will change in the future once native SNA peering is released.

Architecture Diagram

How to Test the Connection

Once the deployment is complete, you can verify the VPN tunnel using the provisioned debug machines:

  1. SSH into the first debug machine using its public IP (vpn01_public_ip).
  2. Ping the private IP of the second debug machine (vpn02_private_ip) across the tunnel.
# Example test command once connected to the vpn01 machine via SSH
ping <vpn02_private_ip>