Search code examples
vpnopenvpnoracle-cloud-infrastructure

How to connect to on-premise OpenVPN server from OCI (Oracle Cloud Infrastructure) Compute instance?

My company has an on-premise network which is opened by OpenVPN server.

In the ordinary scenarios, I used to connect to that server very easily.

However, when I tried to that server from the OCI compute instance which I connected by SSH from my laptop, there exist some problems. As soon as I try to connect VPN server, my SSH connection is closed.

IMHO, this may occurred because VPN connection changes network information and so my SSH connection might be lost.

I tried to look around to find out how to connect to VPN from OCI, but almost everything was using IPSec protocol which Oracle provided, others were about builting OpenVPN Server on the OCI instance.

I'm very novice for the network structure. So, please give me some hint to resolve this problem. Thanks,

Solution

  • I get the following:

    • You have Ubuntu 18.04 VM on a Public Subnet in OCI
    • You have OpenVPN Server running on On-Prem.
    • You would like to access your On-Prem from Ubuntu VM on OCI.

    If I understood it correctly, the best way is to set up IPSec VPN. It isn't that hard if you hit right steps. At the high level, you will be doing the following steps. I have used IKEv1 in my attempts in the past.

    OCI:

    1. Create a DRG
    2. Attach/Associate it to your VCN
    3. Create a CPE (Customer Premise Equipment) and mark the IP Address of OpenVPN server to it.
    4. Create an IPSec Connection on the DRG. It will create two Tunnels with its own Security Information.
    5. Set up Routing on associated subnet (i.e., one that hosts Ubuntu VM) so traffic associated to On-Prem CIDR are routed to DRG.

    On-Prem:

    1. Create necessary configuration to create the Tunnels upto OCI (Using the configuration information from previous steps such as VPN Server IP Addresses and Shared Secrets)
    2. Set up Routing so that the Traffic destined for OCI CIDR ranges are sent to associated Tunnel Interface

    This ensures that you can create multiple VMs on the OCI Subnet all of which can connect to your On-Prem infrastructure. OCI Documentation has sufficient information in setting up this VPN Connection.

    Alternatively if your only requirement is to establish connectivity between Ubuntu VM on OCI to OpenVPN server On-Prem, you might use any VPN Client software and set it up. This doesn't need any of the configuration steps mentioned above.