You need to design a connection between your on-premises data center and a Google Cloud VPC using an IPsec VPN. The solution must meet a minimum SLA of 99.99%, support a single VPN termination device with only one public IP address, and require minimal setup effort. What is the recommended approach?