The following procedure applies to tunnels connected to either Classic VPN or HA VPN gateways.
To delete an existing Cloud VPN tunnel, complete the following steps.
Console
To delete the tunnel, follow these steps:
In the Google Cloud console, go to the VPN page.
Select the checkbox next to the VPN tunnel that you want to remove.
At the top of the page, click Delete.
When you use the Google Cloud console to delete a VPN tunnel, Google Cloud also deletes any Border Gateway Protocol (BGP) sessions associated with the VPN tunnel.
To confirm deletion, click Delete again.
Optional: To confirm that the BGP sessions associated with the VPN tunnel are deleted, go to the Cloud Router details page. For more information, see View Cloud Router details.
gcloud
In the following commands, replace the following:
PROJECT_ID
: the ID of your projectTUNNEL_NAME
: the name of your tunnelREGION
: the region where your tunnel resides
To delete the tunnel, follow these steps:
Identify the name and region of the VPN tunnel that you want to delete, and then use that information in the next step. To list all VPN tunnels in your project, run the following command:
gcloud compute vpn-tunnels list --project=PROJECT_ID
To delete the VPN tunnel, run the following command:
gcloud compute vpn-tunnels delete TUNNEL_NAME \ --region=REGION \ --project=PROJECT_ID
When you use Google Cloud CLI to delete a VPN tunnel, the command does not automatically delete the BGP sessions that are configured for the VPN tunnel.
Optional: To delete the BGP sessions associated with the VPN tunnel, use the
gcloud compute routers remove-bgp-peer
command. For instructions, see Remove a BGP session.To verify that the BGP sessions are deleted, go to the Cloud Router details page in the Google Cloud console, or run the
gcloud compute routers describe
command for a Cloud Router. For instructions, see View Cloud Router details.
API
To delete the tunnel, follow these steps:
Make a DELETE request by using the
vpnTunnels.delete
method:DELETE https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/vpnTunnels/TUNNEL_NAME
When you use the Cloud VPN API to delete a VPN tunnel, the API command does not delete any BGP sessions that are associated with the VPN tunnel.
Optional: To delete the BGP sessions associated with the VPN tunnel, use the
routers.patch
method to update thebgpPeers[]
field. For instructions, see Remove a BGP session.To verify that your BGP sessions are deleted, go to the Cloud Router details page in the Google Cloud console, or run the
gcloud compute routers describe
command for a Cloud Router. For instructions, see View Cloud Router details.
Recommended follow-up
After deleting a VPN tunnel, consider the following:
Review your firewall rules and delete the rules that you no longer need.
If the tunnel used Classic VPN policy-based routing or was a route-based VPN, review the routes in your Google Cloud network. Delete any static routes that you no longer need.
If you used the Google Cloud console to delete the tunnel for a Classic VPN gateway, static routes that were automatically created should already be removed. If you used the Google Cloud CLI to remove the tunnel, or if you created custom static routes for it, delete those tunnels manually.
If no more tunnels exist for the associated VPN gateway, you can delete the VPN gateway.
What's next
- To view Cloud Logging and Monitoring information, see View logs and metrics.
- To use high-availability and high-throughput scenarios or multiple subnet scenarios, see Advanced configurations.
- To help you solve common issues that you might encounter when using Cloud VPN, see Troubleshooting.