Verified CPE Devices

The following devices or software have been verified for use with Site-to-Site VPN.

Note

Oracle provides configuration instructions for the vendors and devices in the following table. Make sure to use the configuration instructions for the correct vendor.

If your vendor, device, or software version is not in the following table, your device might still work with Oracle Cloud Infrastructure Site-to-Site VPN. Consult your vendor's documentation for configuration assistance and refer to supported IPSec parameters for supported phase 1 and phase 2 configurations parameters for Site-to-Site VPN.

Vendor Device Minimum Verified Software Version Configuration Video
Check Point Software Technologies 2200 or Open Server R80.20 Check Point Configuration Options Check Point: Native Policy Based Routing support on OCI
Cisco Systems ASA 9.7.1 (recommended) Cisco ASA Configuration Options

Cisco ASA: Route-Based VPN

Cisco ASA: Native Policy Based Routing support on OCI

Cisco Systems 2921 IOS version 15.4(3)M3 Cisco IOS Cisco IOS BGP over IPSec CPE Configuration
Fortinet FortiGate-VM 6.0.4 FortiGate FortiGate: Native Policy Based Routing support on OCI
Furukawa Electric FITELnet-F220/F221 01.00(00)[0]00.00.0 [2019/07/05 15:00] Furukawa Electric  
Juniper Networks MX 240 JunOS 15.1 Juniper MX Juniper: Native Policy Based Routing support on OCI  
Juniper Networks SRX 240

JunOS 11.0

Juniper SRX Juniper SRX CPE Configuration
Libreswan   3.18 Libreswan Libreswan: Native Policy Based Routing support on OCI
Strongswan 5.x Strongswan
NEC IX3315 10.2.16 NEC IX Series  
NEC IX2106 10.2.16 NEC IX Series  
Openswan Openswan
Palo Alto Networks PA-500 PanOS version 8.0.0 Palo Alto Palo Alto: Native Policy Based Routing support on OCI
WatchGuard Technologies Firebox Fireware v12 WatchGuard  
Yamaha RTX1210 Firmware Rev.14.01.28 Yamaha RTX Series  
Yamaha RTX830 Firmware Rev.15.02.03 Yamaha RTX Series