Internet Gateway Setup

To configure an internet gateway on Compute Cloud@Customer, start by setting up the IGW.

There are certain considerations that need to be assessed before setting up and using an IGW:

• There are public subnets in the VCN that need internet access. (Only public subnets can use the IGW successfully.)
• Because the default condition is to deny access, the types of ingress and egress internet traffic that are allowed must be determined. These include ingress HTTPS connections, ingress ICMP pings, or other types of traffic. The IGW primarily responds to ingress network protocol requests.

To set up an IGW, see Providing Public Access through an Internet Gateway.

After the IGW is created, there are two additional steps needed to make the IGW work properly with route tables and security list for the VCN or instance port Network Security Groups (NSGs). First, route table entries for the subnet must be configured to direct authorized traffic to the proper gateway destination. Second, the VCN containing to IGW must have the correct security rules to prevent unauthorized access and yet allow users to access resources they need.