Creating a Virtual Cloud Network

Before you can launch an instance, you need to have a virtual cloud network (VCN) and subnet to launch it into. A subnet is a subdivision of your VCN. The subnet directs traffic according to a route table . For this tutorial, you'll access the instance over the internet using its public IP address, so your route table will direct traffic to an internet gateway. The subnet also uses a security list to control traffic in and out of the instance.

For information about VCN features, see Networking Overview.

Before You Begin

Create a Cloud Network Plus Related Resources

Tip

The Console offers two choices when you create a VCN: to create only the VCN, or to create the VCN with several related resources that are necessary if you want to immediately launch an instance. To help you get started quickly, the following procedure creates the VCN plus the related resources.
  1. Open the navigation menu, click Networking, and then click Virtual cloud networks.

    Ensure that the Sandbox compartment (or the compartment designated for you) is selected in the Compartment list on the left.

  2. Click Start VCN Wizard.
  3. Select Create VCN with Internet Connectivity, and then click Start VCN Wizard.
  4. Enter the following:
    • VCN Name: Enter a name for your cloud network. The name is incorporated into the names of all the related resources that are automatically created. Avoid entering confidential information.
    • Compartment: This field defaults to your current compartment. Select the compartment you want to create the VCN and related resources in, if not already selected.
    • VCN CIDR Block: Enter a valid CIDR block for the VCN. For example 10.0.0.0/16.
    • Public Subnet CIDR Block: Enter a valid CIDR block for the subnet. The value must be within the VCN's CIDR block. For example: 10.0.0.0/24.
    • Private Subnet CIDR Block: Enter a valid CIDR block for the subnet. The value must be within the VCN's CIDR block and not overlap with the public subnet's CIDR block. For example: 10.0.1.0/24.
    • Accept the defaults for any other fields.
  5. Click Next.
  6. Review the list of resources that the wizard will create for you. Notice that the wizard will set up security list rules and route table rules to enable basic access for the VCN.
  7. Click Create to create the components.
  8. After the components are created, click View Virtual Cloud Network.

The cloud network has the following resources and characteristics:

  • Internet gateway.
  • NAT gateway.
  • Service gateway with access to the Oracle Services Network.
  • A regional public subnet with access to the internet gateway. This subnet uses the VCN's default security list and default route table. Instances in this subnet may optionally have public IP addresses.
  • A regional private subnet with access to the NAT gateway and service gateway. This subnet uses a custom security list and custom route table that the workflow created. Instances in this subnet cannot have public IP addresses.
  • Use of the Internet and VCN Resolver for DNS.
Important

This simple cloud network is designed to make it easy to launch an instance when trying out Oracle Cloud Infrastructure. When you create your production instances, ensure that you create appropriate security lists and route table rules to restrict network traffic to your instances.

Edit the Default Security List to Allow Traffic to Your Windows Instance

To enable network traffic to reach your Windows instance, you need to add a security list rule to enable Remote Desktop Protocol (RDP) access. Specifically, for the default security list (which is used by the public subnet), you need a stateful ingress rule for TCP traffic on destination port 3389 from source 0.0.0.0/0 and any source port.

To edit the VCN's security list:

  1. Click the name of the VCN that you just created. Its details are displayed.
  2. Under Resources, click Security Lists.
  3. Click the default security list for your VCN.

    Its details are displayed.

  4. Click Add Ingress Rules.
  5. Enter the following for your new rule:
    1. Source Type: CIDR
    2. Source CIDR: 0.0.0.0/0
    3. IP Protocol: RDP (TCP/3389)
    4. Source Port Range: All
    5. Destination Port Range: 3389
  6. When done, click Add Ingress Rules.