diff --git a/modules/net-ipsec-over-interconnect/README.md b/modules/net-ipsec-over-interconnect/README.md
index 507c7e54..5cadae32 100644
--- a/modules/net-ipsec-over-interconnect/README.md
+++ b/modules/net-ipsec-over-interconnect/README.md
@@ -28,10 +28,9 @@ resource "google_compute_router" "encrypted-interconnect-overlay-router" {
 }
 
 resource "google_compute_external_vpn_gateway" "default" {
-  name            = "peer-vpn-gateway"
-  project         = "myproject"
-  description     = "Peer IPSec over Interconnect VPN gateway"
-  redundancy_type = "TWO_IPS_REDUNDANCY"
+  name        = "peer-vpn-gateway"
+  project     = "myproject"
+  description = "Peer IPSec over Interconnect VPN gateway"
   interface {
     id         = 0
     ip_address = "10.0.0.1"
@@ -58,7 +57,7 @@ module "vpngw-a" {
   }
   router_config = {
     create = false
-    name   = google_compute_router.encrypted-interconnect-overlay-router.id
+    name   = google_compute_router.encrypted-interconnect-overlay-router.name
   }
   tunnels = {
     remote-0 = {
@@ -102,7 +101,6 @@ module "vpngw-a" {
 # tftest modules=1 resources=16
 ```
 <!-- BEGIN TFDOC -->
-
 ## Variables
 
 | name | description | type | required | default |
@@ -110,11 +108,11 @@ module "vpngw-a" {
 | [interconnect_attachments](variables.tf#L17) | VLAN attachments used by the VPN Gateway. | <code title="object&#40;&#123;&#10;  a &#61; string&#10;  b &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
 | [name](variables.tf#L25) | Common name to identify the VPN Gateway. | <code>string</code> | ✓ |  |
 | [network](variables.tf#L30) | The VPC name to which resources are associated to. | <code>string</code> | ✓ |  |
-| [peer_gateway_config](variables.tf#L35) | IP addresses for the external peer gateway. | <code title="object&#40;&#123;&#10;  create          &#61; optional&#40;bool, false&#41;&#10;  description     &#61; optional&#40;string, &#34;Terraform managed IPSec over Interconnect VPN gateway&#34;&#41;&#10;  name            &#61; optional&#40;string, null&#41;&#10;  id              &#61; optional&#40;string, null&#41;&#10;  redundancy_type &#61; optional&#40;string&#41;&#10;  interfaces      &#61; optional&#40;list&#40;string&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
-| [project_id](variables.tf#L55) | The project id. | <code>string</code> | ✓ |  |
-| [region](variables.tf#L60) | GCP Region. | <code>string</code> | ✓ |  |
-| [router_config](variables.tf#L65) | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | <code title="object&#40;&#123;&#10;  create    &#61; optional&#40;bool, true&#41;&#10;  asn       &#61; optional&#40;number&#41;&#10;  name      &#61; optional&#40;string&#41;&#10;  keepalive &#61; optional&#40;number&#41;&#10;  custom_advertise &#61; optional&#40;object&#40;&#123;&#10;    all_subnets &#61; bool&#10;    ip_ranges   &#61; map&#40;string&#41;&#10;  &#125;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
-| [tunnels](variables.tf#L80) | VPN tunnel configurations. | <code title="map&#40;object&#40;&#123;&#10;  bgp_peer &#61; object&#40;&#123;&#10;    address        &#61; string&#10;    asn            &#61; number&#10;    route_priority &#61; optional&#40;number, 1000&#41;&#10;    custom_advertise &#61; optional&#40;object&#40;&#123;&#10;      all_subnets          &#61; bool&#10;      all_vpc_subnets      &#61; bool&#10;      all_peer_vpc_subnets &#61; bool&#10;      ip_ranges            &#61; map&#40;string&#41;&#10;    &#125;&#41;&#41;&#10;  &#125;&#41;&#10;  bgp_session_range               &#61; string&#10;  ike_version                     &#61; optional&#40;number, 2&#41;&#10;  peer_external_gateway_interface &#61; optional&#40;number&#41;&#10;  peer_gateway_id                 &#61; optional&#40;string, &#34;default&#34;&#41;&#10;  router                          &#61; optional&#40;string&#41;&#10;  shared_secret                   &#61; optional&#40;string&#41;&#10;  vpn_gateway_interface           &#61; number&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [peer_gateway_config](variables.tf#L35) | IP addresses for the external peer gateway. | <code title="object&#40;&#123;&#10;  create      &#61; optional&#40;bool, false&#41;&#10;  description &#61; optional&#40;string, &#34;Terraform managed IPSec over Interconnect VPN gateway&#34;&#41;&#10;  name        &#61; optional&#40;string, null&#41;&#10;  id          &#61; optional&#40;string, null&#41;&#10;  interfaces  &#61; optional&#40;list&#40;string&#41;, &#91;&#93;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
+| [project_id](variables.tf#L54) | The project id. | <code>string</code> | ✓ |  |
+| [region](variables.tf#L59) | GCP Region. | <code>string</code> | ✓ |  |
+| [router_config](variables.tf#L64) | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | <code title="object&#40;&#123;&#10;  create    &#61; optional&#40;bool, true&#41;&#10;  asn       &#61; optional&#40;number&#41;&#10;  name      &#61; optional&#40;string&#41;&#10;  keepalive &#61; optional&#40;number&#41;&#10;  custom_advertise &#61; optional&#40;object&#40;&#123;&#10;    all_subnets &#61; bool&#10;    ip_ranges   &#61; map&#40;string&#41;&#10;  &#125;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
+| [tunnels](variables.tf#L79) | VPN tunnel configurations. | <code title="map&#40;object&#40;&#123;&#10;  bgp_peer &#61; object&#40;&#123;&#10;    address        &#61; string&#10;    asn            &#61; number&#10;    route_priority &#61; optional&#40;number, 1000&#41;&#10;    custom_advertise &#61; optional&#40;object&#40;&#123;&#10;      all_subnets          &#61; bool&#10;      all_vpc_subnets      &#61; bool&#10;      all_peer_vpc_subnets &#61; bool&#10;      ip_ranges            &#61; map&#40;string&#41;&#10;    &#125;&#41;&#41;&#10;  &#125;&#41;&#10;  bgp_session_range               &#61; string&#10;  ike_version                     &#61; optional&#40;number, 2&#41;&#10;  peer_external_gateway_interface &#61; optional&#40;number&#41;&#10;  peer_gateway_id                 &#61; optional&#40;string, &#34;default&#34;&#41;&#10;  router                          &#61; optional&#40;string&#41;&#10;  shared_secret                   &#61; optional&#40;string&#41;&#10;  vpn_gateway_interface           &#61; number&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
 
 ## Outputs
 
@@ -128,5 +126,4 @@ module "vpngw-a" {
 | [router_name](outputs.tf#L45) | Router name. |  |
 | [self_link](outputs.tf#L50) | HA VPN gateway self link. |  |
 | [tunnels](outputs.tf#L55) | VPN tunnel resources. |  |
-
 <!-- END TFDOC -->
diff --git a/modules/net-ipsec-over-interconnect/main.tf b/modules/net-ipsec-over-interconnect/main.tf
index 1c3b8b4b..89c775b0 100644
--- a/modules/net-ipsec-over-interconnect/main.tf
+++ b/modules/net-ipsec-over-interconnect/main.tf
@@ -35,7 +35,7 @@ locals {
 }
 
 resource "google_compute_ha_vpn_gateway" "default" {
-  name    = var.name
+  name    = "vpn-gw-${var.name}"
   network = var.network
   project = var.project_id
   region  = var.region
@@ -51,10 +51,10 @@ resource "google_compute_ha_vpn_gateway" "default" {
 
 resource "google_compute_external_vpn_gateway" "default" {
   count           = var.peer_gateway_config.create ? 1 : 0
-  name            = var.name
+  name            = coalesce(var.peer_gateway_config.name, "peer-vpn-gw-${var.name}")
   project         = var.project_id
   description     = var.peer_gateway_config.description
-  redundancy_type = var.peer_gateway_config.redundancy_type
+  redundancy_type = length(var.peer_gateway_config.interfaces) == 2 ? "TWO_IPS_REDUNDANCY" : "SINGLE_IP_INTERNALLY_REDUNDANT"
   dynamic "interface" {
     for_each = var.peer_gateway_config.interfaces
     content {
@@ -66,7 +66,7 @@ resource "google_compute_external_vpn_gateway" "default" {
 
 resource "google_compute_router" "default" {
   count   = var.router_config.create ? 1 : 0
-  name    = coalesce(var.router_config.name, "vpn-${var.name}")
+  name    = coalesce(var.router_config.name, "router-${var.name}")
   project = var.project_id
   region  = var.region
   network = var.network
diff --git a/modules/net-ipsec-over-interconnect/variables.tf b/modules/net-ipsec-over-interconnect/variables.tf
index dceeecd0..25cf0cf2 100644
--- a/modules/net-ipsec-over-interconnect/variables.tf
+++ b/modules/net-ipsec-over-interconnect/variables.tf
@@ -35,20 +35,19 @@ variable "network" {
 variable "peer_gateway_config" {
   description = "IP addresses for the external peer gateway."
   type = object({
-    create          = optional(bool, false)
-    description     = optional(string, "Terraform managed IPSec over Interconnect VPN gateway")
-    name            = optional(string, null)
-    id              = optional(string, null)
-    redundancy_type = optional(string)
-    interfaces      = optional(list(string))
+    create      = optional(bool, false)
+    description = optional(string, "Terraform managed IPSec over Interconnect VPN gateway")
+    name        = optional(string, null)
+    id          = optional(string, null)
+    interfaces  = optional(list(string), [])
   })
+  nullable = false
   validation {
     condition = anytrue([
       var.peer_gateway_config.create == false && var.peer_gateway_config.id != null,
-      var.peer_gateway_config.create == true && try(var.peer_gateway_config.redundancy_type, "") == "SINGLE_IP_INTERNALLY_REDUNDANT" && try(length(var.peer_gateway_config.interfaces) == 1, false),
-      var.peer_gateway_config.create == true && try(var.peer_gateway_config.redundancy_type, "") == "TWO_IPS_REDUNDANCY" && try(length(var.peer_gateway_config.interfaces) == 2, false),
+      var.peer_gateway_config.create == true && (try(length(var.peer_gateway_config.interfaces) == 1, false) || try(length(var.peer_gateway_config.interfaces) == 2, false))
     ])
-    error_message = "When using an existing gateway, an ID must be provided. SINGLE_IP_INTERNALLY_REDUNDANT requires exactly 1 interface, TWO_IPS_REDUNDANCY requires exactly 2."
+    error_message = "When using an existing gateway, an ID must be provided. When not, the gateway can have one or two interfaces."
   }
 }