1. Migrate an IBM Db2 to an Oracle Autonomous Database
  2. Set up the Network

Set up the Network

You'll need to create and configure a Virtual Cloud Network (VCN) to allow for private endpoint access.

You can use one of the following options to connect to a DB System with private endpoints:

  • Create a Compute instance from which to connect to your DB System. Compute instances, attached to public subnets, can use public IP addresses. Use SSH or RDP, depending on your platform, to connect to the Compute instance and, from there, to interact with your DB System.
  • Create a Bastion Session, enabling SSH access from your local network to your DB System.
  • Create a VPN connection, bridging your local network with your Oracle Cloud Infrastructure VCN.

Create a VPN Connection

Use VPN Connect to create a site-to-site IPSec VPN between your on-premises network and your virtual cloud network (VCN) over a secure, encrypted connection.

Alternatively, you can use Oracle Cloud Infrastructure FastConnect to create a dedicated, private connection between your data center and Oracle Cloud Infrastructure. FastConnect provides higher-bandwidth options, and a more reliable and consistent networking experience compared to internet-based connections. For more information on FastConnect, see FastConnect Overview

The Site-to-Site VPN wizard is the quickest way to set up a site-to-site VPN between your on-premises network and your VCN. The wizard is a guided, step-by-step process in the Console that sets up the VPN. It also sets up and configures several Networking service components. The wizard performs the following:
  1. Creates a virtual representation of your customer-premises equipment (CPE) device. This enables you to generate configuration content for a network engineer to use when configuring your CPE device. You can use an existing CPE.
  2. Creates two IPSec tunnels. The tunnels are created automatically, each with specific configuration information for your network engineer.
  3. Creates an dynamic routing gateway (DRG), which is a virtual representation of the physical router on the Oracle said of your site-to-site VPN, or you can use an existing DRG.
  4. (Optional) Create an internet gateway. You can use an existing internet gateway.
  1. Gather your network information.
  2. In the Oracle Cloud Infrastructure Console, click the Oracle Cloud icon at the top of the page to go to the Console home page.
    The page has a Quick Actions section to take you directly to common tasks.
  3. Click Networking: Set up a network with a wizard.
  4. Select Add Internet Connectivity and Site-to-Site VPN to a VCN, and then click Start VPN Wizard.
  5. Use the wizard to enter your network information.
  6. Use the CPE Configuration Helper to generate content for the network engineer.
  7. Supply the information to your network engineer and have the engineer configure the CPE device.
  8. Test the connection.

Create a Network Security Group for Private Endpoint Access

Network security groups (NSGs) let you define a set of security rules that apply to a group of VNICs (or resources) of your choice. When you provision the resource, such as Oracle Autonomous Data Warehouse, you can assign the network security group. Not all services support NSGs.

  1. In the navigation menu. Under Core Infrastructure, go to Networking and click Virtual Cloud Networks.
  2. Click the VCN.
  3. Under Resources, click Network Security Groups.
  4. Click Create Network Security Group.
    1. In the Name field, enter a descriptive name for the network security group.
      The name doesn't have to be unique, and you can change it later. Avoid entering confidential information.
    2. In the Create in Compartment field, select the compartment where you want to create the security list, if different from the compartment you're currently working in.
    3. Click Next.
  5. For the first security rule, enter the following items:
    1. Stateless: Leave unselected.
      Connection tracking is used for traffic matching the rule.
    2. Direction: Select Ingress (inbound traffic to the VNIC).
    3. Source Type: Select CIDR.
    4. Source CIDR: Specify the CIDR block for the private subnet that contains the service, such as Oracle Autonomous Data Warehouse.
    5. IP Protocol: Select TCP.
    6. Source port range: Specify 1521.
    7. Destination port range: Leave blank (denotes all ports).
  6. Click Create.