Policy-based routing: When you set up the IPSec connection to the DRG, you.These routes are not learned dynamically. You also must configure your CPE device with static routes to the VCN's subnets. Static routing: When you set up the IPSec connection to the DRG, you specify the particular routes to your on-premises network that you want the VCN to know about.Oracle side, the DRG advertises the VCN's subnets. The DRG dynamically learns the routes from your on-premises network. BGP dynamic routing: The available routes are learned dynamically throughīGP.Separately for each tunnel in the Site-to-Site VPN: The following three routing types are available, and you choose the routing type In the past, Oracle created IPSecĬonnections that had up to four IPSec tunnels. Oracle encourages you to configure your CPE to useīoth tunnels (if your CPE supports it). When you create a Site-to-Site VPN IPSec connection, it has Tunnels on geographically redundant IPSec headends. For each IPSec connection, Oracle provisions two Oracle Console and create a separate IPSecĬonnection between your dynamic routing gateway (also known as customer-premises equipment (CPE)). Have Redundant CPEs in Your On-Premises Network LocationsĮach of your sites that connects with IPSec to Oracle Cloud Infrastructure should have redundant edge devices Oracle recommendsĬonfiguring all available tunnels for maximum redundancy. Headends are on different routers for redundancy purposes. Oracle deploys two IPSec headends for each of your connections to provide highĪvailability for your mission-critical workloads. Configure All Tunnels for Every IPSec Connection
0 kommentar(er)
