1 About Setting Up VPN Using Corente Services Gateway

You can set up VPN access to Oracle Cloud Service instances by installing Corente Service Gateway, which is an Oracle-provided IPSec solution, in both your data center as well as in Oracle Cloud.

Topics

• Understanding the Architecture and Key Components of the Solution

• Workflow for Setting Up VPN Using Corente Services Gateway

Note:

The following other VPN solutions are available for instances in multitenant sites:

VPN access through a third-party gateway or Corente Services Gateway in your data center to instances attached to the Oracle-provided shared network. See the following documentation:

• VPN access through a third-party gateway in your data center to instances attached to the Oracle-provided shared network. See Setting Up VPN from a Third-Party Gateway On-Premises to the Shared Network.

• VPN access through a third-party gateway or Corente Services Gateway in your data center to instances attached to an IP network defined by you in the cloud. See the following documentation:

  • Setting Up VPN From a Corente Services Gateway to an IP Network in Oracle Cloud

  • Setting Up VPN From a Third-Party Gateway to an IP Network in Oracle Cloud

Understanding the Architecture and Key Components of the Solution

• Corente Services Gateway: Corente Services Gateway acts as a proxy that facilitates secure access and data transfer in the VPN solution.

  The solution consists of two separate installations of Corente Services Gateway:

  • The first gateway (referred to as on-premises gateway) is installed on a host in your on-premises data center. The gateway may be run as a guest VM on your physical host.

    Note that you should set up the on-premises gateway manually on a host with Internet access in your data center. One edge of this on-premises gateway connects to the Internet to establish connectivity with the Corente Services Gateway (the first one) installed in Oracle Cloud and the other edge of the on-premises gateway communicates with hosts or virtual machines of your users and administrators in your private network.

    You should manually set routes in your on-premises environment to direct packets with Oracle Cloud GRE tunnel subnets (for example, 172.16.1.0/25 specified in Creating a New Linux Instance and Configuring a GRE Tunnel) to the Corente Services Gateway installed in your data center.

  • The second gateway (referred to as cloud gateway) is installed on a Compute Classic instance running on Oracle Cloud.

    Your Compute Classic account can contain multiple sites. You must set up the cloud gateway on each site.

    After setting up the cloud gateway, manually set up and configure a Generic Routing Encapsulation (GRE) tunnel from your OCompute Classic instances (virtual machines) to the Corente Services Gateway running on another Compute Classic instance.

    On each site, create a GRE tunnel between Compute Classic instances and the cloud gateway on the same site.

• App Net Manager Service Portal: App Net Manager is a secure web portal that you use to create, configure, modify, delete, and monitor the components of your Corente-powered network. You can also use the Compute Classic web console to manage the cloud gateway.

Workflow for Setting Up VPN Using Corente Services Gateway

Task	Component in the Architectural Diagram	For more Information
Create and configure your account on Oracle Cloud	It’s a prerequisite.	See Getting an Oracle.com Account in Getting Started with Oracle Cloud.
Obtain a trial or paid subscription to Compute Classic After you subscribe to Compute Classic, you will get your Corente credentials through email after you receive the Compute Classicwelcome email. Note down the Corente account credentials that you received by email.	It’s a prerequisite.	See How to Begin with Compute Classic Subscriptions in Using Oracle Cloud Infrastructure Compute Classic.
Set up a Corente Services Gateway (on-premises gateway) in your data center	Corente Services Gateway running in your data center, as shown in the architecture diagram.	See Setting Up Corente Services Gateway in Your Data Center.
Set up Corente Services Gateway (cloud gateway) on Oracle Cloud	Corente Services Gateway running on a Compute Classic instance, as shown in the architecture diagram.	See Creating a Cloud Gateway.
Establish partnership between your on-premises gateway and cloud gateway	This is the dashed line between the two gateways, as shown in the architecture diagram.	See Establishing Partnership Between Your On-Premises Gateway and Cloud Gateway.
Configure a GRE tunnel on your guest instances in Oracle Cloud	GRE tunnel from Compute Classic instances 1, 2, and 3 as shown in the architecture diagram.	See: Creating a New Linux Instance and Configuring a GRE Tunnel Configuring a GRE Tunnel on Running Linux Instances Configuring a GRE Tunnel on a Windows Instance