Create a VPN Endpoint
/vpnendpoint/
Creates a VPN tunnel between your data center and your Compute Classic site. You can create up to 20 VPN tunnels to your Compute Classic site.
Before you create a VPN tunnel, you must complete the following tasks:
- Request the Oracle Cloud Infrastructure Networking Classic - VPN for Dedicated Compute service. For more information, see Requesting Oracle Cloud Infrastructure Networking Classic - VPN for Dedicated Compute in Using Oracle Cloud Infrastructure Compute Classic.
- Configure your VPN gateway to connect to the Oracle Cloud VPN gateway after the Oracle Cloud Infrastructure Networking Classic - VPN for Dedicated Compute service is provisioned. For more information, see Configuring Your VPN Gateway - VPN for Dedicated Compute in Using Oracle Cloud Infrastructure Compute Classic.
Required Role: To complete this task, you must have the Compute_Operations role. If this role isn't assigned to you or you're not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.
Request
- application/oracle-compute-v3+json
-
Cookie: string
The Cookie: header must be included with every request to the service. It must be set to the value of the set-cookie header in the response received to the POST /authenticate/ call.
object-
customer_vpn_gateway:
string
Specify the IP address of the VPN gateway in your data center through which you want to connect to the Oracle Cloud VPN gateway. Your gateway device must support policy-based VPN and IKE (Internet Key Exchange) configuration using pre-shared keys.
-
enabled(optional):
boolean
Enables the VPN endpoint. To start a VPN connection, set to
true. A connection is established immediately, if possible. If you do not specify this option, the VPN endpoint is disabled and the connection is not established. -
name:
string
Three-part name of the object (
/Compute-acme/object).Object names can contain only alphanumeric, underscore (_), dash (-), and period (.) characters. Object names are case-sensitive. -
psk:
string
Pre-shared VPN key. Enter the pre-shared key. This must be the same key that you provided when you requested the service. This secret key is shared between your network gateway and the Oracle Cloud network for authentication. Specify the full path and name of the text file that contains the pre-shared key. Ensure that the permission level of the text file is set to 400. The pre-shared VPN key must not exceed 256 characters.
-
reachable_routes:
array reachable_routes
Specify a list of customers subnets (CIDR prefixes) that are reachable through this VPN tunnel. You can specify a maximum of 20 IP subnet addresses. Specify IPv4 addresses in dot-decimal notation with or without mask.
arrayResponse
- application/oracle-compute-v3+json
201 Response
-
set-cookie: string
The cookie value is returned if the session is extended
object-
customer_vpn_gateway(optional):
string
IP address of the VPN gateway in your data center through which you want to connect to the Oracle Cloud VPN gateway.
-
enabled(optional):
boolean
trueindicates that the VPN endpoint is enabled and a connection is established immediately, if possible. -
name(optional):
string
Two-part name of the object (
/Compute-acme/object) -
psk(optional):
string
Pre-shared VPN key.
-
reachable_routes(optional):
array reachable_routes
List of subnets (CIDR prefixes) that are reachable through this VPN tunnel.
-
status(optional):
string
Current status of the VPN tunnel.
-
status_desc(optional):
string
Describes the current status of the VPN tunnel.
-
uri(optional):
string
Uniform Resource Identifier
-
vpn_statistics(optional):
object vpn_statistics
Additional Properties Allowed: additionalPropertiesStatistics of VPN tunnels
arrayobjectobjectExamples
cURL Command
The following example shows how to create a VPN endpoint by submitting a POST request on the REST resource using cURL. For more information about cURL, see Use cURL.
Enter the command on a single line. Line breaks are used in this example for readability.
curl -i -X POST
-H "Cookie: $COMPUTE_COOKIE"
-H "Content-Type: application/oracle-compute-v3+json"
-H "Accept: application/oracle-compute-v3+json"
-d "@requestbody.json"
https://api-z999.compute.us0.oraclecloud.com/vpnendpoint/
-
COMPUTE_COOKIEis the name of the variable in which you stored the authentication cookie earlier. For information about retrieving the authentication cookie and storing it in a variable, see Authentication. -
api-z999.compute.us0.oraclecloud.comis an example REST endpoint URL. Change this value to the REST endpoint URL of your Compute Classic site. For information about finding out REST endpoint URL for your site, see Send Requests.
Example of Request Body
The following shows an example of the request body content in the requestbody.json file.
{
"psk": "********",
"name": "/Compute-acme/vpn-to-LA",
"reachable_routes": [
"192.168.155.2/24",
"192.168.135.0/24"
],
"enabled": true,
"customer_vpn_gateway": "192.168.111.2"
}
Example of Response Body
The following example shows the response body in JSON format.
{
"status": "UP",
"psk": "********",
"name": "/Compute-acme/vpn-to-LA",
"reachable_routes": [
"192.168.155.2/24",
"192.168.135.0/24"
],
"enabled": true,
"uri": "http://api.oc.example.com/vpnendpoint/Compute-acme/vpn-to-LA",
"status_desc": "",
"customer_vpn_gateway": "192.168.111.2"
}