4 Connecting the Cloud Gateway with the Third-Party Device

After you’ve created a Corente Services Gateway instance and added a third-party device, to establish a VPN connection between your data center and your Compute Classic instances you must connect the cloud gateway with the third-party VPN device.

Prerequisites

• You must have already created the cloud gateway that you want to use. See Creating a Cloud Gateway.

• You must have already configured your third-party VPN device in your data center. See Certified Third-Party VPN Device Configurations.

• You must have already added the third-party VPN device that you want to connect to in your data center. See Registering a Third-Party VPN Device.

• To complete this task, you must have the Compute_Operations role. If this role isn’t assigned to you or you’re not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud Infrastructure Classic Console. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Procedure

1. Sign in to the Compute Classic console. If your domain spans multiple sites, select the appropriate site. To change the site, click the Site menu near the top of the page.
2. Click the Network tab.
3. In the Network drop-down list, expand VPN, expand Corente, and then click Connections.
4. Click Create VPN Connection.
5. Select or enter the required information:
   • Gateway: Select the Corente Services Gateway that you want to use. Each Corente Services Gateway can be used in multiple connections. However, each connection must reach distinct destination subnets.
   • Device: Select the third-party device that you want to use. Each device can be used in multiple connections. However, each connection must reach distinct destination subnets.

   • IKE ID: The Internet Key Exchange (IKE) ID. Only IKE v1 in Main Mode is supported. The IKE ID can be the name or IP address used to identify the Corente Services Gateway on the third-party device. Alternatively, you can specify a string that you want to use as the IKE ID.

     Select one of the following:

     Note:

     The third-party device that you use might not support all of the following options for IKE ID. Select the appropriate option for your device.

     • Gateway Name: The name of the Corente Services Gateway instance in the format Corente_Domain_name.Corente_Services_Gateway_instance_name. The name is auto-populated when you select this option.

     • Gateway IP Address: The private IP address (on the shared network) of the instance hosting the Corente Services Gateway. The IP address is auto-populated when you select this option. Note, however, that this address will change each time the instance is re-created.

     • User-Defined IKE ID: Enter text that you want to use as the IKE ID. You can specify either an alternative IP address, or any text string. If you specify a text string, you must prefix the string with @. For example, if you want to specify the text IKEID-for-VPN1, enter @IKEID-for-VPN1. If you specify an IP address, don’t prefix it with @. The IKE ID is case sensitive and can contain a maximum of 255 ASCII alphanumeric characters including special characters, period (.), hyphen (-), and underscore (_). The IKE ID can’t contain embedded space characters.

       Note:

       If you specify the IKE ID, ensure that you specify the Peer ID type as Domain Name on the third-party device in your data center. Other Peer ID types, such as email address, firewall identifier or key identifier, aren’t supported.

   • Shared Secret: The shared secret, also called the pre-shared key (PSK) on some devices, is used while setting up the VPN connection to establish the authenticity of the Corente Services Gateway that is requesting the VPN connection. You must enter the same shared secret here and on your third-party device. The shared secret must contain only alphanumeric characters.

   The VPN connection is created.