Scenario 3: Deploying the Gateway on a Wholly Customer-Managed Network
This deployment scenario is defined as follows:
Deploying the Gateway on a Wholly Customer-Managed Network
| Gateway location: | Customer tenant |
| Gateway compartment: | Provided by the customer |
| Network managed by: | Customer |
| VCN location: | Customer compartment |
| Gateway subnet location: | Customer compartment |
Scenario 3 Deployment Requirements
Make sure you meet the following requirements for successfully deploying the gateway in this scenario:
- Import the gateway image to the customer tenant using the instructions provided below.
- Create a new subnet in the customer compartment where the gateway will reside (/29 will suffice.)
- Configure the customer VCN to allow traffic to the specified addresses by generating a security list based on the firewall requirements listed in Oracle Advanced Services Gateway Security Guide.
- Set up an internet gateway or NAT gateway to allow traffic to the internet on the customer VCN.
Note:
If you opt to use a NAT gateway, Oracle assumes that the customer is responsible for building and activating the gateway up to the point when SSLVPN is connected. - Generate a route table incorporating rules pointing the required traffic to the internet on the customer VCN.
- (Optional) Set up a local peering gateway and establish a peering connection if the customer has assets in a separate VCN.