To make your guest Compute Classic instances accessible over VPN, you should attach them to the same IP network that the Corente Services Gateway instance is attached to.

1. Download the sample orchestration, csg-sdn-guestinstance.json, which is included in the greconf_orchsamples.zip file at the following location: http://www.oracle.com/technetwork/topics/cloud/downloads/network-cloud-service-2952583.html.
2. Open csg-sdn-guestinstance.json in a plain-text editor, and make the following changes:
   • Replace all occurrences of myidentitydomain with the ID of your identity domain.
   • Change all occurrences of john.doe@example.com to your user name.
3. Under the launchplan object type, update the following attributes:
   • Change the name, ha_policy, label, imagelist, and shape attributes to values of your choice. See Instance Attributes in Using Oracle Cloud Infrastructure Compute Classic.
   • Change ipnetwork to the name of the IP network that you created earlier and attached the Corente Services Gateway instance to. See Creating an IP Network.
     Here’s a partial example of an instance orchestration showing the networking attribute.

     {
     "networking": {
       ...
       "eth1": {
         ipnetwork": "/Compute-acme/john@example.com/ipnet1",
         ...
        } 
      }
     }
     

4. Save and close the orchestration JSON file.
5. Upload the orchestration to Compute Classic.
   See Uploading an Orchestration in Using Oracle Cloud Infrastructure Compute Classic.
6. Start the orchestration.
   See Starting an Orchestration in Using Oracle Cloud Infrastructure Compute Classic.
7. (Optional) If you specified multiple interfaces for the guest instance, and if one of those interfaces is attached to the Oracle-provided shared network, then you must explicitly configure the Corente Services Gateway as the gateway to the on-premises subnet. You don’t have to perform this additional step for instances that are only connected to the IP network and are not connected to the Oracle-provided shared network.
   Here’s a partial example of an instance orchestration showing the networking attribute with two interfaces: eth1 attached to the IP network that the cloud gateway is attached to, and eth0 attached to the Oracle-provided shared network with the IP address you had reserved earlier.

   ...
   "networking": {
      "eth0": {
       "seclists": [
         "/Compute-acme/john@example.com/mySecList"
       ],
       "nat": "ipreservation:/Compute-acme/john@example.com/ipres1"
      },
      "eth1": {
        "ipnetwork": "/Compute-acme/john@example.com/ipnet1",
        ...
      }
   }

   On your guest instance, to configure the Corente Services Gateway as the gateway to the on-premises subnet, complete the following steps:

   1. Log in to the instance.
   2. Add a route:

      Note:

      You may need root or administrator privileges for this step.

      • Linux:

        Command syntax: ip route add onprem_subnet via cloud_gateway_ip

        Example: ip route add 10.248.64.176/28 via 172.31.200.1

      • Windows:

        Command syntax: route add onprem_subnet mask subnet_mask cloud_gateway_ip

        Example: route add 192.168.49.0 mask 255.255.255.0 172.31.200.1

      When you run this command, set cloud_gateway_ip to the first address in the IP network that the cloud gateway instance is attached to, and set onprem_subnet to the subnet address of the on-premises network. For example, if 172.31.200.0/24 is the IP address prefix of the IP network that is attached to the cloud gateway instance, then the cloud_gateway_ip is 172.31.200.1. If 192.168.0.128/25 is the IP address prefix of the IP network that is attached to the cloud gateway instance, then the cloud_gateway_ip is 192.168.0.129.

   Note:

   You must add this route every time the instance is rebooted or re-created. You can also configure the route to persist across reboots. For detailed instructions to configure the route to persist across reboots, refer to documentation for your operating system.