In this post we are creating a tunnel between your home and OCI. For that purpose we have bought a TP-LINK TL-R600VPN – Router VPN


STEP 0: Connect the WAN port of the VPN router to a LAN port of your internet router


STEP1: Open the admin portal of the VPN router and grab the IP assigned to the WAN port

STEP 2: Open the admin portal of the internet router and put the IP assigned to the WAN port in step 1 in the DMZ
STEP 3: Grab your public ip executing the following from command line
curl ifconfig.me
STEP 4: Go to OCI dashboard networking section and create a CPE

STEP 5: Create a VCN with a private subnet

STEP 6: Create a DRG and attach it to the VCN

STEP 7: Create an IPSec connection with static route to the LAN associated to the VPN router (factory default is 192.168.0.0/24)

STEP 8: Grab the public IP of one of the tunnels created and the presahed key


STEP 9: Edit IPsec connection and put as CPE IKE Identifier the IP of the WAN port grabbed in STEP1

STEP 10: Create VPN IPsec in VPN router with the public IP of Oracle endpoint and preshared key

Step 11: Set the advanced settings

STEP 12: Chek logs

STEP 13: Verify tunnel is up

STEP 14: Create a vm in the private subnet, grab the internal IP, create a route

STEP 15: try with ssh

STEP 16: try with sftp

STEP 17: verify upload

CONSIDERATIONS
You’ll notice a high cpu consumption in vpn router when transferring data over the tunnel, that is because this router doesn’t have acceleration, hence cypher operations are made by software using the main cpu:

If you don’t have a fixed public IP provided by your ISP, if the IP changes, you’ll have to recreate CPE and IPsec connection in Oracle side and reconfigure VPN IPsec connection in the VPM router in your home side.
That’s all, hope it helps! đŸ™‚