1. Setting Up VPN from a Corente Services Gateway to an IP Network in Oracle Cloud
  2. Creating a Cloud Gateway

4 Creating a Cloud Gateway

If you want to establish a VPN connection to your Compute Classic instances, start by creating a Corente Services Gateway instance.

Prerequisites

  • You must have already reserved the public IP address that you want to use with your gateway instance. See Reserving a Public IP Address in Using Oracle Cloud Infrastructure Compute Classic.
  • You must have already created the IP network that you want to add your gateway instance to. See Creating an IP Network in Using Oracle Cloud Infrastructure Compute Classic.

  • To complete this task, you must have the Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud Infrastructure Classic Console. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Procedure

  1. Sign in to the Compute Classic console. If your domain spans multiple sites, select the appropriate site. To change the site, click the Site menu near the top of the page.
  2. Click the Network tab.
  3. In the Network drop-down list, expand VPN, expand Corente, and then click VPN Gateways.
  4. Click Create VPN Gateway.
  5. Select or enter the required information:
    • Name: Enter a name for the Corente Services Gateway instance.
    • IP Reservation: Select the IP reservation that you want to use with this instance. This is the public IP address of your VPN gateway.
    • Image: Select the machine image that you want to use to create the instance. You must select the most recent Corente Gateway image.
    • Interface Type: Select Dual-homed. Your gateway instance is added to an IP network as well as to the shared network. All instances that are on the same IP network as the Corente Services Gateway instance, as well as instances on IP networks that are connected to that IP network through an IP network exchange, can be accessed using VPN.
    • IP Network: Select the IP network that you want to add the Corente Services Gateway instance to.
    • IP Network Address: Select the IP address for your gateway instance. The IP address that you specify must belong to the subnet of the specified IP network. An available IP address is allocated by default. You can specify a different LAN IP address, if required.
    • Subnets: Enter a comma-separated list of subnets (in CIDR format) that should be reachable using this gateway. The subnet of the IP network specified in the IP Network field is added by default. Don’t modify or delete this subnet in this field.
    • Add reachable IP networks: (Optional) You can select additional IP networks that should be reachable using this gateway. Ensure that the IP networks that you specify here, and the IP network that the Corente Services Gateway is added to, all belong to the same IP network exchange. See Adding an IP Network to an IP Network Exchange in Using Oracle Cloud Infrastructure Compute Classic.

      You must also add a route on the gateway to the subnet of each additional IP network. You can’t do this using the web console. Use App Net Manager to add this route.

      Note:

      You must also add the subnets that you specify here to the list of destination IP addresses that you specify in your third-party device.

  6. Click Create.

A Corente Services Gateway instance is created. The required orchestrations are created and started automatically. For example, if you specified the name of the Corente Gateway instance as CSG1, then the following orchestrations are created:

  • vpn–CSG1–launchplan: This orchestration creates the instance using the specified image, and associates the instance interfaces with the shared network and the specified IP network.

  • vpn–CSG1–bootvol: This orchestration creates the persistent bootable storage volume.

  • vpn–CSG1–secrules: This orchestration creates the required security list, security applications, and security rules.

  • vpn–CSG1–master: This orchestration specifies relationships between each of the nested orchestrations and starts each orchestration in the appropriate sequence.

While the Corente Services Gateway instance is being created, the instance status displayed in the Instance column on the VPN Gateways page is Starting. When the instance is created, its status changes to Ready.

You can also list the VPN gateways, update the gateway instance to modify the reachable routes, or delete the gateway instance if you no longer require this gateway. See Listing VPN Gateways, Modifying the Reachable Subnets for a VPN Gateway, or Deleting a VPN Gateway in Using Oracle Cloud Infrastructure Compute Classic.

Note:

You can list the gateway instance and view details on the Instances page, or view the corresponding orchestrations on the Orchestrations page. However, it is recommended that you always use the VPN Gateways page to manage your gateway instances.