Once, you have procured OCI Credits, you would like to start building resources from day one. But, the challenge is to keep the connectivity secure, as you will be opening ports to the Internet. I got this scenario while working on Proof of Concept, wherein I have don’t have the option of FastConnect or IPSec VPN Tunnel. Whatever connectivity I have to give is through Internet Gateway. Additionally, I have to make sure secure connectivity to three different parties:
- Third-Party Vendor: For Installing required Application
- End Users: To perform testing on installed Application
- OCI Admin: My Team, who will have to manage the OCI Tenancy.
I went with the below architecture:
Let me explain:
- Jump Server: It will be a Windows Based Virtual Machine, where End Users and Third-Party Vendor will land.
- OpenVPN: The OpenVPN platform with free license option. With free license of OpenVPN, two concurrent users can login at single point of time.
- Dynamic Routing Gateway: This can be surprise here, but we used DRG V2 option to connect two VCN (Hub and App). Alternatively, Local Peering Gateway can also be used.
- Internet Gateway: The Gateway to internet.
The below table explains how everyone is connecting to Jump Server.
|Third-Party Vendor||Uses OpenVPN to connect|
|End-User||Whitelist Company’s VPN Public IP|
|OCI Admin||Whitelist the Public IP for an individual’s ISP|
The above setup is not an ideal one for you to use but can help to provide quick connectivity to the team to jump-start the development work.