Without creating a tunnel from your VPN to the VPC, you will probably need to go over the internet. Create a security group that allows traffic from your IP(s) through the ports that are required for Goldengate. Start by adding rules to the security group for ping (ICMP) and attempt to ping the instance. From there, add rules on an as needed basis as you discover which ports you will need.
If you already have a tunnel create, you will need to create the instance you would like to connect to within the same VPC that the tunnel uses, and still open the ports on the instance using the security group.