Oracle Cloud Infrastructure Documentation

Creating a CPE

Create a CPE object that represents the device an on-premises network uses for Site-to-Site VPN connection to Oracle Cloud Infrastructure.

Before you create a CPE object, review Setting Up Site-to-Site VPN and plan the Site-to-Site VPN implementation. Also, review Working with Site-to-Site VPN.

After you configure Site-to-Site VPN a network engineer needs to update the configuration of the actual edge device for the on-premises network to match the configuration of the CPE object. The CPE configuration helper is available to make this task easier.

    1. On the Customer-premises equipment list page, select Create CPE. If you need help finding the list page, see Listing CPEs.
    2. Enter a descriptive name for the CPE (this is required). It doesn't have to be unique, and it can't be changed later in the Console (but you can change it with the API or CLI). Avoid entering confidential information.
    3. (Optional) Check the Enable IPSec over FastConnect option only when configuring the IPSec over FastConnect feature.
      When this option is enabled, the IP Address provided in the next field can be either public or private because the IP address used as the CPE IKE identifier can be either public or private. Checking this option signals to Oracle that the CPE IP address isn't reachable over the internet and is reachable over private peering only. If the CPE object isn't created to allow IPSec over FastConnect, you can't change that decision later.
    4. Enter the public IP address of the actual CPE device at the on-premises end of the VPN (see the list of information to gather in Before You Get Started). If you plan to set up IPSec over FastConnect this can be a private IP address.
    5. Select the CPE vendor information of the actual CPE device at the on-premises end of the VPN (see the list of information to gather in Before You Get Started). This might also include a hardware platform and software version. If you're not sure which vendor makes the CPE, or it's not in the list, select Other.
    6. If prompted, select a value for Platform/Version. Use these guidelines:
      • We recommend using a route-based configuration if possible.
      • If you don't see a specific CPE platform or version in the list, select the closest platform/version that predates the CPE version.
    7. Select Create CPE.

    The CPE object you created appears in the Customer-premises equipment list page.

  • Use the network cpe create command and required parameters to create a CPE object:

    oci network cpe create --compartment-id compartment-ocid --ip-address ip-address ... [OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the CreateCpe operation to create a CPE object.