2021-07-27: Quick and Secured Connectivity to OCI over the Internet

Once, you have procured OCI Credits, you would like to start building resources from day one. But, the challenge is to keep the connectivity secure, as you will be opening ports to the Internet. I got this scenario while working on Proof of Concept, wherein I have don’t have the option of FastConnect or IPSec VPN Tunnel. Whatever connectivity I have to give is through Internet Gateway. Additionally, I have to make sure secure connectivity to three different parties:

  • Third-Party Vendor: For Installing required Application
  • End Users: To perform testing on installed Application
  • OCI Admin: My Team, who will have to manage the OCI Tenancy.

I went with the below architecture:

Let me explain:

  • Jump Server: It will be a Windows Based Virtual Machine, where End Users and Third-Party Vendor will land.
  • OpenVPN: The OpenVPN platform with free license option. With free license of OpenVPN, two concurrent users can login at single point of time.
  • Dynamic Routing Gateway: This can be surprise here, but we used DRG V2 option to connect two VCN (Hub and App). Alternatively, Local Peering Gateway can also be used.
  • Internet Gateway: The Gateway to internet.

The below table explains how everyone is connecting to Jump Server.

UserConnectivity Type
Third-Party VendorUses OpenVPN to connect
End-UserWhitelist Company’s VPN Public IP
OCI AdminWhitelist the Public IP for an individual’s ISP

The above setup is not an ideal one for you to use but can help to provide quick connectivity to the team to jump-start the development work.