DIY a cheap VPN IPsec tunnel between your home and Oracle Cloud Infra


In this post we are creating a tunnel between your home and OCI. For that purpose we have bought a TP-LINK TL-R600VPN – Router VPN

STEP 0: Connect the WAN port of the VPN router to a LAN port of your internet router

STEP1: Open the admin portal of the VPN router and grab the IP assigned to the WAN port

STEP 2: Open the admin portal of the internet router and put the IP assigned to the WAN port in step 1 in the DMZ

STEP 3: Grab your public ip executing the following from command line

curl ifconfig.me

STEP 4: Go to OCI dashboard networking section and create a CPE

STEP 5: Create a VCN with a private subnet

STEP 6: Create a DRG and attach it to the VCN

STEP 7: Create an IPSec connection with static route to the LAN associated to the VPN router (factory default is 192.168.0.0/24)

Typo error: Static route cdr must be 192.168.0.0/24

STEP 8: Grab the public IP of one of the tunnels created and the presahed key

STEP 9: Edit IPsec connection and put as CPE IKE Identifier the IP of the WAN port grabbed in STEP1

STEP 10: Create VPN IPsec in VPN router with the public IP of Oracle endpoint and preshared key

Step 11: Set the advanced settings

STEP 12: Chek logs

STEP 13: Verify tunnel is up

STEP 14: Create a vm in the private subnet, grab the internal IP, create a route

STEP 15: try with ssh

STEP 16: try with sftp

STEP 17: verify upload

CONSIDERATIONS

You’ll notice a high cpu consumption in vpn router when transferring data ever the tunnel, that is because this router doesn’t have acceleration hence cypher operations are made by software using the main cpu

If you don’t have a fixed public IP provided by your ISP, if the IP changes, you’ll have to recreate CPE and IPsec connection in Oracle side and reconfigure VPN IPsec connection in the VPM router in your home side

That’s all, hope it helps! đŸ™‚

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.