In this post we are creating a tunnel between your home and OCI. For that purpose we have bought a TP-LINK TL-R600VPN – Router VPN
STEP 0: Connect the WAN port of the VPN router to a LAN port of your internet router
STEP1: Open the admin portal of the VPN router and grab the IP assigned to the WAN port
STEP 2: Open the admin portal of the internet router and put the IP assigned to the WAN port in step 1 in the DMZ
STEP 3: Grab your public ip executing the following from command line
curl ifconfig.me
STEP 4: Go to OCI dashboard networking section and create a CPE
STEP 5: Create a VCN with a private subnet
STEP 6: Create a DRG and attach it to the VCN
STEP 7: Create an IPSec connection with static route to the LAN associated to the VPN router (factory default is 192.168.0.0/24)
STEP 8: Grab the public IP of one of the tunnels created and the presahed key
STEP 9: Edit IPsec connection and put as CPE IKE Identifier the IP of the WAN port grabbed in STEP1
STEP 10: Create VPN IPsec in VPN router with the public IP of Oracle endpoint and preshared key
Step 11: Set the advanced settings
STEP 12: Chek logs
STEP 13: Verify tunnel is up
STEP 14: Create a vm in the private subnet, grab the internal IP, create a route
STEP 15: try with ssh
STEP 16: try with sftp
STEP 17: verify upload
CONSIDERATIONS
You’ll notice a high cpu consumption in vpn router when transferring data ever the tunnel, that is because this router doesn’t have acceleration hence cypher operations are made by software using the main cpu
If you don’t have a fixed public IP provided by your ISP, if the IP changes, you’ll have to recreate CPE and IPsec connection in Oracle side and reconfigure VPN IPsec connection in the VPM router in your home side
That’s all, hope it helps! đŸ™‚
