As per recent industry studies, several customers open up firewalls to access their cloud platform without following proper security policies and procedures. This exposes businesses to high risks, and some companies take several years to recover from such security attacks or are unable to recover at all. Applying intrusion detection and prevention rules without having basic security in place increases your security maintenance costs.

Since 2004, Vast Edge has been assisting companies in effectively securing their businesses by following security policies and procedures using proven industry-standard tools and methods.

Vast Edge recommends using a combination of IPSec (Internet Protocol Security) and Dynamic VPN to ensure secure data transfer by encrypting the entire IP traffic before the packets are transferred from the source to the destination. In this discussion, we will cover how to securely connect your on-premises network with your Oracle cloud network using IPSec.

Advantages of IPSec VPN Site-to-Site Tunnels

Things to Remember

IPSec VPN Components

You will need to create the following Networking components to configure IPSec. You can create the components with either the Console or the API.

CPE Object

The CPE (Customer Premises Equipment) Object is a virtual representation of your actual router in your on-premises network (whether hardware or software). The CPE object contains basic information about your router, such as its IP address.

Dynamic Routing Gateway (DRG)

A Dynamic Routing Gateway is a virtual router at Oracle's end. It acts as the gateway into your VCN from your on-premises network. After creating a DRG, you must attach it to your VCN and add one or more route rules that direct traffic from the VCN to the DRG. You can detach the DRG from your VCN but maintain all the remaining VPN components. You can then reattach the DRG or attach it to another VCN.

Your Vision, Our Expertise

Elevating Your Software Product Engineering Journey with Vast Edge

IPSec Connection

After creating the CPE object and DRG, connect them by creating an IPSec connection, which results in multiple redundant IPSec tunnels. It's best practice to configure your on-premises router to support all the tunnels in case one fails.

Access Control for the Components

You can configure access control by specifying the compartment where you want each of the components to reside. Alternatively, you can put all the components in the same compartment as the VCN.

Component Names and Identifiers

Optionally, assign a descriptive name to each component when you create them.

Static Routes

When creating the IPSec connection for your VPN, specify one or more static routes for the network that needs to communicate with the VCN.

How to Set Up an IPSec VPN

You can create the components using either the Console or the API.

ABOUT VAST EDGE

Vast Edge has been empowering businesses since 2004 with tailored cloud solutions that go beyond regular IT management. As a Cloud Solution Provider (CSP), we specialize in delivering fully managed services that combine implementation, integration, and ongoing support - positioning us as your trusted IT partner, not just a vendor.
Our Offerings:
- Azure, GCP, AWS, OCI Cloud Services: Security, DevOps, Data Analytics, Warehousing, AI/ML, and Seamless Integrations
- ERP Migration & Implementation: Expertise across Dynamics, SAP, Sage, Oracle EBS, JDE, & NetSuite
We deliver complete solutions. Our CSP model is built around value-added services, ensuring customers receive expert implementation, optimization, and support alongside their Cloud investments.
Read more about us

QUICK LINKS

TECHNOLOGY PARTNERS

CONTACT US

Copyrights © July 30 , 2025 All Rights Reserved by Vast Edge Inc.