OCI Network Configuration

The customer must also configure networking within OCI:

• Security Lists

  Update the subnet’s security lists to allow inbound and outbound traffic between the private endpoint and other OCI resources.

• Route Tables

  Ensure that the VCN’s route tables are updated to direct traffic correctly to and from the ADW instance.

• VCN Association

  Verify that the private endpoint VCN is correctly associated with the DRG (FastConnect/IPSec).

• Subnet Association

  Verify that the subnet containing the private endpoint has sufficient address space to accommodate Database Private Endpoint IPs — 1/db instance and 1/reverse connection.

• Reverse Connectivity from ADW Instance

  Reverse connection endpoint refers to any customer-hosted or third-party private service that needs to be accessed by RDS. Ensure that the private endpoint subnet allows inbound traffic from its own CIDR to allow reverse connection. You can ignore this aspect of network configuration if you do not anticipate needing a reverse connection endpoint.

• Credential Exchange Service

  To access the Credential Exchange Server (CES), your PE subnet’s VCN must be attached to a service gateway that forwards traffic to Oracle Services Network. The credential CES API only accepts the traffic from the Private Network. Access from a Public Network will result in a HTTP 401 Status (Forbidden).