1. Setting Up VPN from a Third-Party Gateway On-Premises to the Shared Network
  2. Creating a Cloud Gateway

2 Creating a Cloud Gateway

If you want to establish a VPN connection to your Compute Classic instances, start by creating a Corente Services Gateway instance.

Prerequisites

  • You must have already reserved the public IP address that you want to use with your gateway instance. See Reserving a Public IP Address in Using Oracle Cloud Infrastructure Compute Classic.

  • To complete this task, you must have the Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud Infrastructure Classic Console. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Procedure

  1. Sign in to the Compute Classic console. If your domain spans multiple sites, select the appropriate site. To change the site, click the Site menu near the top of the page.
  2. Click the Network tab.
  3. In the Network drop-down list, expand VPN, expand Corente, and then click VPN Gateways.
  4. Click Create VPN Gateway.
  5. Select or enter the required information:
    • Name: Enter a name for the Corente Services Gateway instance.
    • IP Reservation: Select the IP reservation that you want to use with this instance. This is the public IP address of your VPN gateway.
    • Image: Select the machine image that you want to use to create the instance. You must select the most recent Corente Gateway image.
    • Interface Type: Select Single-homed.
    • Subnets: Enter a comma-separated list of subnets (in CIDR format) that should be reachable using this gateway.

      Note:

      You must also add the subnets that you specify here to the list of destination IP addresses that you specify in your third-party device.

  6. Click Create.

A Corente Services Gateway instance is created. The required orchestrations are created and started automatically. For example, if you specified the name of the Corente Gateway instance as CSG1, then the following orchestrations are created:

  • vpn–CSG1–launchplan: This orchestration creates the instance using the specified image, and associates the instance with the shared network.

  • vpn–CSG1–bootvol: This orchestration creates the persistent bootable storage volume.

  • vpn–CSG1–secrules: This orchestration creates the required security list, security applications, and security rules.

  • vpn–CSG1–master: This orchestration specifies relationships between each of the nested orchestrations and starts each orchestration in the appropriate sequence.

While the Corente Services Gateway instance is being created, the instance status displayed in the Instance column on the VPN Gateways page is Starting. When the instance is created, its status changes to Ready.

To use this gateway in a VPN connection, add a third-party device and then create a connection. See Registering a Third-Party VPN Device and Connecting the Cloud Gateway with the Third-Party Device.

You can also update the gateway instance to modify the reachable routes, or delete the gateway instance if you no longer require this gateway. See Modifying the Reachable Subnets for a VPN Gateway or Deleting a VPN Gateway.

Note:

You can list the gateway instance and view details on the Instances page, or view the corresponding orchestrations on the Orchestrations page. However, it is recommended that you always use the VPN Gateways page to manage your gateway instances.