Corente VPN for PaaS and IaaS -...

Oracle Cloud Platform Corente VPN for PaaS & IaaS Step-by-Step Deployment Version 1 03.06.2016

Oracle Cloud Platform - Corente VPN for PaaS & IaaS

Copyright © 2016, Oracle and/or its affiliates. All rights reserved 2

TABLE OF CONTENTS

Introduction ............................................................................................................................................... 3

Chapter 1. Understanding the Architecture ................................................................................................ 5 1.1 Architecture of the solution .................................................................................................................... 5 1.2 Key components of the solution ............................................................................................................. 5

Chapter 2. Setting up Corente Services Gateway on-premise ..................................................................... 7 2.1 Accessing the APP Net Manager Lite ...................................................................................................... 7 2.2 Login to the APP Net Manager Lite ......................................................................................................... 8 2.3 Creating the location for the on-premise gateway ................................................................................. 8 2.4 Creating the Corente VPN virtual machine ........................................................................................... 19

Chapter 3. Setting up Corente Services Gateway on Oracle Cloud ............................................................ 29 3.1 Creating the Corente VPN virtual machine ........................................................................................... 29 3.2 Creating the location for the on-cloud gateway ................................................................................... 32 3.3 Creating the Corente VPN instance ...................................................................................................... 55

Chapter 4. Configure the partnership between gateways......................................................................... 62 4.1 Enabling partnership for the on-cloud gateway ................................................................................... 62 4.2 Enabling partnership for the on-premise gateway ............................................................................... 67

Chapter 5. Testing the VPN connection .................................................................................................... 73

Appendix .................................................................................................................................................. 77

Oracle Cloud Platform - Corente VPN for PaaS & IaaS

Copyright © 2016, Oracle and/or its affiliates. All rights reserved 3

INTRODUCTION

This paper describes how to set up Corente Services Gateway for secure access to your Oracle Compute Cloud Service, Oracle Java Cloud Service and Oracle Database Cloud Service instances.

Oracle’s Corente Cloud Services Exchange (Corente CSX) is a cloud-based software-defined networking (SDN) solution that enables distributed enterprises to deliver trusted connectivity services to and from any location with less complexity, in significantly less time, and at a greatly reduced cost, when compared to more-traditional approaches. Corente CSX enables organizations to transform their wide area network (WAN) into a cost-effective, agile network.

Corente CSX relies on the Oracle-hosted Service Control Point (SCP), which is a centralized service management platform that provides secure policy-based service brokering, mediation, and virtual network orchestration.

Companies want to connect applications securely into private networks over the internet and facilitate hybrid cloud services to seamlessly connect applications running locally into the cloud. Today many of these tasks require significant planning, acquisition, and integration efforts, often requiring expensive networking technology and equipment that are often difficult to manage.

A component of Corente CSX, the Corente Services Gateway (CSG) is a distributed virtual appliance located at the network edge that provides secure endpoints for virtual private networks over any IP networks with zero-touch installation. A Services Gateway is installed at each branch or partner location, and creates a secure end-to-end connection for application traffic. The Services Gateways also maintain separate out-of-band connections with the SCP database for monitoring, administration, and logging.

Services Gateway software can be installed on commodity x86 bare metal hardware, on supported hypervisor virtual machines (VMs), or on local Oracle VM VirtualBox VMs (Windows, Linux, and Solaris) where local applications can be deployed, managed, and monitored.

The App Net Manager service-portal in Corente CSX is a web-based application that provides centralized, role-based access to service lifecycle management tools for service subscribers, including provisioning, managing, and monitoring of their global private networks. The network infrastructure including gateway configuration and deployment is managed from a single interface through App Net Manager. In addition, the portal allows administrators to configure system policies; create fine-grained access policies for users, applications, servers, and other network resources; manage all connections through the simplicity of a drag-and-drop user interface; set thresholds for alerts; monitor real-time status of resources; and view historical reports.

Oracle Cloud Platform – Corente VPN for PaaS & IaaS

4 Copyright © 2016, Oracle and/or its affiliates. All rights reserved

App Net Manager portal for consolidated service management and monitoring:



Chapter 1. Understanding the Architecture

1.1 Architecture of the solution

Here is a quick overview of the architecture of the VPN solution being offered to Oracle Compute Cloud Service, Oracle Java Cloud Service, and Oracle Database Cloud Service (DBCS) customers.

1.2 Key components of the solution

• App Net Manager Service Portal: App Net Manager is a secure web portal that you use to create, configure, modify, delete, and monitor the components of your Corente-powered network.

• Corente Services Gateway: Corente Services Gateway acts as a proxy that facilitates secure access and data transfer in the VPN solution.

The solution consists of two separate installations of Corente Services Gateway:

• The first gateway (referred to as on-premise gateway) is installed on a host in your on-premises data center. The gateway may be run as a guest VM on your physical host.

Note: you should set up the on-premises gateway manually on a host with Internet access in your data center. One edge of this on-premises gateway connects to the Internet to establish connectivity with the Corente Services Gateway (the first one) installed in Oracle Cloud and the other edge of the on-premises gateway communicates with hosts or virtual machines of your users and administrators in your private network.



Your administration can access the App Net Manager service portal only via a computer connected to the Corente Services Gateway installed in your data center. Direct access to App Net Manager — without the Corente Services Gateway in your data center — is not permitted.

• The second gateway (referred to as cloud gateway) is installed on an Oracle Compute Cloud Service instance running on Oracle Cloud.

Note: you should manually set up and configure a Generic Routing Encapsulation (GRE) tunnel from your Oracle Compute Cloud Service instances (virtual machines) to the Corente Services Gateway running on another Oracle Compute Cloud Service instance.



Chapter 2. Setting up Corente Services Gateway on-premise

2.1 Accessing the APP Net Manager Lite

In order to create a location of a Corente VPN Gateway you will have to use a web-browser that meets the requirements for Corente network administration (see below) and access the administration homepage: http://www.corente.com/web/

To access the administration homepage you will need Oracle’s Java Web Start and version 1.5.0_10 or later of Java Runtime Environment (JRE).

Note: version 1.6.0 of the JRE may not be compatible with older versions of Linux. If your OS does not support 1.6.0 or does not appear to be compatible, you must download an earlier version (1.5.0_10 or 1.5.0_11).

If you do not yet have an active location in your Corente network, click the hyperlink for App Net Manager Lite. App Net Manager Lite will not allow you enable more than the basic location gateway options; however you can add additional functionality to your gateway once it has been activated.

If you already have an active location gateway, click the hyperlink App Net Manager. After the first location gateway has been activated in your Corente network, all administrative activities must take place across a secure tunnel using App Net Manager.

http://www.corente.com/web/

http://www.oracle.com/technetwork/java/javase/javawebstart/index.html



2.2 Login to the APP Net Manager Lite

Login to the APP Net Manager Lite using the Corente VPN credentials you’ve received.

2.3 Creating the location for the on-premise gateway

Navigate to File - Wizards - Location in order to create the location of the first Corente VPN Gateway.



Selecting Location Wizard form the File menu launches the location wizard which takes you step by step through the process of creating a location gateway with basic functionality.

Click Next to start configuring the location.



Enter the alphanumeric identifier for the location gateway that you are creating (in our case it is “corentegw-onprem”) and click Next.

Enter the address and time zone of the physical location of this location gateway and click Next.



Select your automatic reboot preferences for the location gateway and click Next.

Select your maintenance time preferences for the location gateway and click Next.



Choose the appropriate configuration option for your location gateway:

• A Peer configuration for a location gateway requires the use of only one Ethernet port.

• An Inline configuration for a location gateway requires the use of two Ethernet ports – one facing your internal network and one facing the external network (i.e. Internet). All traffic between the internal and external network flows through the location gateway.

For the on-premise gateway the configuration has to be set to “Inline Configuration”. Click Next.



Select how the Inline location gateway’s IP address, Subnet Mask and Default Gateway will be assigned:

• DHCP – select this option to allow a DHCP server to automatically assign and IP address, Subnet Mask and Gateway address to this location.

• Static – when this option is selected you must manually enter addressing information for the location gateway’s Ethernet interface.

• PPPOE – select this option if your location gateway will use PPPOE to connect to the Internet.

In our case we will select DHCP. Click Next.



Some ISPs require a particular name be present when a request for a DHCP address is made. If applicable you may enter that name here.

If you don’t have a DHCP client name leave the field empty and click Next.



Enter the IP address and Subnet Mask that you want to assign to the LAN interface of the location gateway and click Next.



Select the “Get DNS Dynamically” option if the IP address of the DNS servers will be provided by a DHCP server when it serves the location gateway’s IP address, Subnet Mask and Default Gateway address. Click Next.

Review the information provided and click Next.



Click Finish in order to finalize the configuration of the on-premise Corente VPN Gateway.



Expand the Locations tab and you will see the location of the on-premise Corente VPN Gateway. The orange arrow means the configuration file is ready to be downloaded by the virtual machine with Corente VPN Gateway installed.

To continue installing the new gateway in your domain, you must download the location gateway. Until the icon turns green your location is not yet ready to create secure tunnels to other locations.

Note: Do not download the location configuration from the App Net Manager Lite otherwise you won’t be able to download it again during the gateway installation.



2.4 Creating the Corente VPN virtual machine

Download the Corente Services Gateway software (Corente Gateway Image) from one of the following URLs:

http://www.oracle.com/technetwork/topics/cloud/downloads/network-cloud-service-2952583.html

http://www.corente.com/web



http://www.corente.com/web



Create a new virtual machine in Virtual Box for the on-premise Corente VPN Gateway using as an example the following configuration settings.



Configure the network adapters for the on-premise Corente VPN Gateway (the virtual machine should have two network adapters: one for Internet connection and one the internal communication with the Corente guest virtual machines).

Select Adapter 1 and configure the appropriate connectivity type (in our example it will use the wireless adapter of the laptop and a bridged connection (VirtualBox connects to your installed network card and exchanges network packets directly, circumventing your host operating system's network stack).



Select Adapter 2 and set it to perform internal connectivity inside the LAN (select Internal Network)



Edit the virtual machine settings by adding the downloaded image (.iso) to the optical drive in order to boot from it.

Power-on the virtual machine to start the installation of the Corente VPN Gateway and type yes.



Wait for the installation to complete and remove the .iso image from the optical drive of the virtual machine. Reboot the machine after that.

Highlight Download Config and click Enter.



Type in the download site (www.corente.com) and select the appropriate connection type that best suits your infrastructure (DHCP, PPPoE or Manual Configuration). Click Next.

Type in the Corente VPN Gateway credentials and click Continue.

http://www.corente.com/



Switch to the APP Net Manager Light Service Portal and observe that the location has modified its icon to a grey background which means the configuration has been downloaded by the on-premise Corente VPN Gateway.



When the Corente virtual machine has completed downloading the configuration from the APP Net Manager the login screen appears.

Note: The Corente Gateway is a blackbox. You won’t be able to log into it.



Switch to the APP Net Manager Service Portal and see that the location has disappeared. This is the expected behavior.



Chapter 3. Setting up Corente Services Gateway on Oracle Cloud The following steps will be done from a Linux machine connected to the internal LAN of the on-premise Corente location.

3.1 Creating the Corente VPN virtual machine

Create a new virtual machine in Virtual Box. This VM will play the role of the Corente guest.

Navigate to the VM Settings - Network and choose the same adapter settings as you have used for the Corente VPN Gateway machine as depicted in the pictures below.

Select Adapter 1 and configure it to perform internal communication inside the LAN (select Internal Network).



Select Adapter 2 and configure it to perform external communication (in this case we used a bridged adapter).

Download an Oracle Linux distribution from https://edelivery.oracle.com/linux and mount it to the optical drive of the newly created virtual machine.

Power-on the virtual machine and perform the installation of the operating system.

https://edelivery.oracle.com/linux



When the installation process completes, log in to the virtual machine and check the following:

a. Type ifconfig eth0 and make sure that the machine is on the same subnet as the Corente VPN Gateway

b. Type netstat –nr and confirm the default gateway is the IP address of the Corente VPN Gateway



3.2 Creating the location for the on-cloud gateway

Download the App Net Manager from http://corente.com/web

http://corente.com/web



Login to the App Net Manager with the same Corente VPN credentials used when you configured the on-premise gateway.



Expand the Locations tab and see that the on-premise gateway is already configured.

Navigate to File - Wizards - Location and configure the second gateway (corentegw-oncloud).



Enter the alphanumeric identifier for the location gateway that you are creating (in our case it is “corentegw-oncloud”) and click Next.



Enter the address and time zone of the physical location of the new location gateway and click Next.



Select your automatic reboot preferences for the location gateway and click Next.



Select your maintenance time preferences for the location gateway and click Next.



For the on-cloud gateway the configuration has to be set to “Peer Configuration”. Click Next.



Select the type of the interface that is going to be used for the WAN connection and click Next.



Some ISPs require a particular name be present when a request for a DHCP address is made. If applicable you may enter that name here.

If you don’t have a DHCP client name leave the field empty and click Next.



Select the “Get DNS Dynamically” option if the IP address of the DNS servers will be provided by a DHCP server when it serves the location gateway’s IP address, Subnet Mask and Default Gateway address. Click Next.



User Groups let you identify groups of machines on the local network (computers, servers, printers) that will be allowed to participate in your Corente network.



If you would like you can choose an optional Firewall Policy that will apply to all traffic to and/or from the Default User Group. Click Next.



Click Add to configure the address range for the Default User Group.



Default User Group Configuration:

• Include – select this option to specify a range that will be included in the group

• Exclude – if there are IP addresses or ranges of addresses within the subnets that you have already Included that you do not want to be in your Default User Group, you can use the Exclude Range option to remove these addresses.

Select the Include Subnet and click Next.



Type in the subnet range for the cloud instances that are going to use this gateway.



You must now set the appropriate Oubound NAT settings for this subnet. In this case we will use Permitted. Click Next.



Review the configuration details and click Next.



Click Finish to complete the configuration of the Corente VPN on-cloud gateway.



Click on each of the two gateways and see that the both have to connections (one for the internal connection to the guest VMs/instances and one for the Internet access).



Open a terminal window and enter the following command: uuidgen

Return to the APP Net Manager Service Portal and edit the on-cloud gateway in order to enter the above generated UUID.



Enable “Zero Touch Configuration” and enter your own UUID in the Unique Identified field.

Click OK button at the bottom of the Add Location screen. You will return to the main App Net Manager screen, and the Save button at the top of the screen will be active. Note that the red square with yellow center to the upper left of the location icon; it indicates that there are unsaved changes.

The UID HAS TO BE UNIQUE for each OPC Corente Gateway. One on-prem Corente Gateway can have X number of OPC GW partners. You will have to use this UUID in the csglaunchplan.json JSON file that you will create in a later step.



Click Save at the top of the App Net Manager screen. A Save All Changes pop-screen is displayed. Click Start at the bottom of this screen to save the configuration.



3.3 Creating the Corente VPN instance

Download the orchestration examples from http://www.oracle.com/technetwork/topics/cloud/downloads/network-cloud-service-2952583.html

Sign in to the Oracle Cloud using the following address: https://computeui.us.oraclecloud.com/



https://computeui.us.oraclecloud.com/



Create an IP reservation for the gateway.

\



Notes:

• Update the ID and username above in ALL files to match your current OPC environment. • Update csg-nat-ip secipentries to match your RESERVED NAT IP • Make sure you run “uuidgen” and update the uid info above as well. The UID needs to be

unique for each OPC gateway you’re provisioning. • DO NOT start the JSON Orch files till you have created a Corente OPC gateway and

inserted its unique ID into the gateway configuration with App Net Manager utility. Suggest using the ANM Wizard for it. Once the new OPC Gateway is created along with its unique UUID and you are seeing the download icon then you can go ahead and start the JSON Orchs

Edit the secrule.json file that you previously downloaded with the reserved IP address and with your identity domain and username.



Upload the orchestration.



Edit the storage_vol1.json file that you previously downloaded with your identity domain, username and location of the Corente gateway image.




Edit the csglaunchplan.json file you previously downloaded with your identity domain, username, location of the Corente gateway image and the UUID you used when configured the corentegw-oncloud.




Start the orchestration in the following order:

secrule.json

storage_vol1.json

csglaunchplan.json



Chapter 4. Configure the partnership between gateways

4.1 Enabling partnership for the on-cloud gateway

Once the Cloud gateway has been started, the Corente configuration file will be downloaded and the GW icon will be changed in the App Net Manager. Now, you’re ready to start the Partnership configuration and it should be done ONLY after both gateways icons are GREEN.



Click on the cloud gateway and select “Approve Partner Connections”.



Expand the location of the on-premise gateway, select Partners and click on “Add Partner”.



Click Add and accept the default options.



Click OK to complete the partnership configuration.



4.2 Enabling partnership for the on-premise gateway

Observe that only half of the configuration is done (we have configured the partnership between the corentegw-onprem and the corentegw-oncloud. We will also have to configure the partnership between the corentegw-oncloud and the corentegw-onprem).



Expand the location of the corentegw-oncloud, select Partners and click on “Add Partner”.



Click Add and accept the default options.



Click OK to complete the partnership configuration.



Now the partnership between the two gateways is complete (see the green connection between them).



Click on Locations to see the details for both gateways (when they were creating, IP addressing etc).



Chapter 5. Testing the VPN connection

Create a Corente guest instance using two orchestrations (one for creating the boot volume and the other one for creating the actual instance). Edit the orchestrations using your identity domain, username, IPs, SSH key etc.

Boot volume orchestration:



Instance launchplan:

Download the GRE configuration script from the following location on any directory on your running Compute Service guest instance:


After downloading it make sure the script is executable before running it. If it is not run the following command as root:

chmod +x oc-config-corente-tunnel

Run the following commands after changing the IP addresses with your own:

sudo bash

nohup ./oc-config-corente-tunnel --local-tunnel-address=172.16.1.1 --csg-hostname=csg.compute-gse00000632.oraclecloud.internal --csg-tunnel-address=172.16.254.1 --onprem- subnets=192.168.1.0/24 &



Note: The csg-tunnel-address is hardcoded to 172.16.254.1, you cannot change it!

Add the following entry to the /etc/rc.local file.

bash /usr/bin/oc-config-corente-tunnel --local-tunnel-address=172.16.1.1 --csg-hostname=csg.compute-gse00000632.oraclecloud.internal --csg-tunnel-address=172.16.254.1 --onprem- subnets=192.168.1.0/24

Note: Customize the command-line parameters, as needed (same syntax as the corente-tunnel-args user data attribute). You must run the script in background, as the script won’t exit.

Open a new terminal console and run the following command:

sudo bash oc-config-corente-tunnel

Check the interface configuration by issuing the ifconfig command and see that a gre1 interface was created as a result of running the above script.



Test the connection between the Cloud guest instance and the on-premise guest virtual machine by issuing the ping command.

Successful ping between 172.16.1.1 (Cloud guest instance) and 192.168.1.2 (on-premise guest virtual machine) using the GRE tunnel.

If you want to add an existing PAAS instance as VPN guest you will have to download the script onto that instance, run it as you’ve seen above and also adding that instance to the internal security list used by the Corente gateway (in our case csg-internal) in order to facilitate the communication between the instance and the gateway.



Appendix

1. Orchestrations used for the corentegw-oncloud.

a. storage_vol1.json

{

"name" : "/Compute-gse00000632/cloud.admin/orch-csg-vol",

"description" : "The bootable volume for a compute instance hosting Corente Gateway",

"oplans" : [

{

"obj_type" : "storage/volume",

"label" : "csg-boot-vol",

"objects" : [{

"name" : "/Compute-gse00000632/cloud.admin/csg-boot-vol",

"size" : "44G",

"properties" : ["/oracle/public/storage/default"],

"bootable" : "true",

"imagelist" : "/oracle/public/gateway9.3.165-nimbula-6"

}

]

}

]

}



b. secrule.json

{

"name": "/Compute-gse00000632/cloud.admin/orch-secrules",

"relationships" : [

{

"oplan" : "secrule-1",

"to_oplan" : "seclist-1",

"type" : "depends"

},

{


"to_oplan" : "seciplist-1",

"type" : "depends"

},

{


"to_oplan" : "secapplication-1",

"type" : "depends"

}

],

"description": "Secure Rules for Corente Gateway",

"oplans": [

{

"obj_type": "seclist",

"label": "seclist-1",

"objects": [

{

"name": "/Compute-gse00000632/cloud.admin/csg-external"

},



{

"name": "/Compute-gse00000632/cloud.admin/csg-internal",

"policy": "permit"

}

]

},

{

"obj_type": "seciplist",

"label": "seciplist-1",

"objects": [

{

"name": "/Compute-gse00000632/cloud.admin/csg-nat-ip",

"secipentries": ["140.86.0.91/32"]

}

]

},

{

"obj_type": "secapplication",

"label": "secapplication-1",

"objects": [

{

"name": "/Compute-gse00000632/cloud.admin/csg-tcp",

"dport": 551,

"protocol": "tcp"

},

{

"name": "/Compute-gse00000632/cloud.admin/csg-udp",

"dport": 551,

"protocol": "udp"

},



{

"name": "/Compute-gse00000632/cloud.admin/csg-gre",

"protocol": "GRE"

}

]

},

{

"obj_type": "secrule",

"label": "secrule-1",

"objects": [

{

"name": "/Compute-gse00000632/cloud.admin/Public-CSG-TCP-Rule",

"application": "/Compute-gse00000632/cloud.admin/csg-tcp",

"src_list": "seciplist:/oracle/public/public-internet",

"dst_list": "seclist:/Compute-gse00000632/cloud.admin/csg-external",

"action": "PERMIT"

},

{

"name": "/Compute-gse00000632/cloud.admin/Public-CSG-UDP-Rule",

"application": "/Compute-gse00000632/cloud.admin/csg-udp",



"action": "PERMIT"

},

{

"name": "/Compute-gse00000632/cloud.admin/Public-CSG-SSH-Rule",

"application": "/oracle/public/ssh",



"action": "PERMIT"



},

{

"name": "/Compute-gse00000632/cloud.admin/CSG-Internal-GRE-Rule",

"application": "/Compute-gse00000632/cloud.admin/csg-gre",

"src_list": "seciplist:/Compute-gse00000632/cloud.admin/csg-nat-ip",

"dst_list": "seclist:/Compute-gse00000632/cloud.admin/csg-internal",

"action": "PERMIT"

}

]

}

]

}

c. csglaunchplan.json

{

"name" : "/Compute-gse00000632/cloud.admin/orch-launchplan",

"description" : "Launch plan for Cloud Corente Gateway",

"oplans" : [

{

"obj_type" : "launchplan",

"label" : "csg-launchplan-1",

"objects" : [

{

"instances" : [

{

"shape" : "oc3",

"imagelist" : "/oracle/public/gateway9.3.165-nimbula-6",

"name" : "/Compute-gse00000632/cloud.admin/cloud-csg",



"storage_attachments" : [

{

"index" : 1,

"volume" : "/Compute-gse00000632/cloud.admin/csg-boot-vol"

}

],

"label" : "cloud-csg",

"networking" : {

"eth0" : {

"model" : "e1000",

"dns" : ["csg"],

"seclists" : [

"/Compute-gse00000632/cloud.admin/csg-external",

"/Compute-gse00000632/cloud.admin/csg-internal"

],

"nat" : "ipreservation:/Compute-gse00000632/cloud.admin/corentegw-ip-reservation"

}

},

"boot_order" : [1],

"virtio" : false,

"attributes" : {

"csg" : {

"uid" : "350ecefc-a546-4be2-bb71-d9262629f45c"

}

}

}



]

}

]

}

]

}

2. Orchestrations used for the Corente guest instance.

a. corente-guest-bootvol.json

{ "name" : "/Compute-gse00000632/cloud.admin/corente-guest-bootvol", "description" : "The bootable volume for a Corente guest instance", "oplans" : [ { "obj_type" : "storage/volume", "label" : "corente-guest-vol", "objects" : [{ "name" : "/Compute-gse00000632/cloud.admin/corente-guest-vol", "size" : "25G", "properties" : ["/oracle/public/storage/default"], "bootable" : "true", "imagelist" : "/oracle/public/OL-6.6-20GB-x11-RD" } ] } ] }



b. corente-guest-launchplan2.json { "name" : "/Compute-gse00000632/cloud.admin/corente-guest-instance", "label" : "corente-guest", "description" : "The Corente guest instance", "oplans" : [ { "obj_type" : "launchplan", "label" : "corente-guest-launchplan-1", "objects" : [ { "instances" : [ { "name" : "/Compute-gse00000632/cloud.admin/corente-guest" , "networking" : { "eth0" : { "model" : "e1000", "dns" : ["corente-guest"], "seclists" : ["/Compute-gse00000632/cloud.admin/csg-internal" ], "nat" : "ippool:/oracle/public/ippool" } }, "boot_order" : [1], "storage_attachments" : [ { "index" : 1, "volume" : "/Compute-gse00000632/cloud.admin/corente-guest-vol" } ], "label" : "corente-guest", "shape" : "oc3", "imagelist" : "/oracle/public/OL-6.6-20GB-x11-RD", "attributes" : { "userdata": { "corente-tunnel-args": "--local-tunnel-address=172.16.1.1 --csg-hostname=csg.compute-gse00000632.oraclecloud.internal --csg-tunnel-address=172.16.254.1 --onprem-subnets=192.168.1.0/24"



} }, "sshkeys": [ "/Compute-gse00000632/cloud.admin/iaas"] } ] } ] } ] }

Corente VPN for PaaS and IaaS -...

Documents

Transcript of Corente VPN for PaaS and IaaS -...