The Private Endpoint

Based on the information you provide (source environment, target VCN OCIDs, etc), and using the access security policy statements you execute, Oracle sets you up with a Private Endpoint within your nominated VCN private subnet. For example:

PE Name: UGBUDEMOS_IAD_PE1
PE IP: 10.0.1.10
RCE NAT CIDR: 172.25.55.0/24
Customer DNS zone: vcnccsgoldengat.oraclevcn.com
DNS Proxy IP: 10.19.9.66
DNS Proxy Subnet: <NAME> (10.19.9.64/29)

Note that the Private Endpoint IP address (10.0.1.10) is within the private subnet CIDR block.

Your GoldenGate deployment (target) will use this Private Endpoint to communicate with the source GoldenGate deployment (such as CCS Production).

Ingress/Egress Rules

You need to ensure that you establish the correct network traffic ingress/egress rules so that required traffic is allowed to flow. This is another area in which you should engage your IT network experts to assist, as your requirements may vary significantly.

At a basic level, you need to allow ingress rules in the Security List for the VCN Private Subnet for Bastion ingress (to access the GoldenGate Admin portal) on port 443.