Scribd Logo
Upload

Welcome to Scribd!

  • 4 - NAT Instance

    Uploaded by

    naveen.anjeri
    10 views2 pages
    A NAT instance is placed in the public subnet to allow private instances to access the internet. The NAT instance uses a NAT AMI and has its source/destination check disabled. The route table of the private subnet is updated to route internet traffic (0.0.0.0/0) through the NAT instance. Private instances can then access the internet through the NAT instance but are not publicly accessible themselves.

    Original Description:

    Original Title

    4+-+NAT+Instance

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    A NAT instance is placed in the public subnet to allow private instances to access the internet. The NAT instance uses a NAT AMI and has its source/destination check disabled. The route table of the private subnet is updated to route internet traffic (0.0.0.0/0) through the NAT instance. Private instances can then access the internet through the NAT instance but are not publicly accessible themselves.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views2 pages

    4 - NAT Instance

    Uploaded by

    naveen.anjeri
    A NAT instance is placed in the public subnet to allow private instances to access the internet. The NAT instance uses a NAT AMI and has its source/destination check disabled. The route table of the private subnet is updated to route internet traffic (0.0.0.0/0) through the NAT instance. Private instances can then access the internet through the NAT instance but are not publicly accessible themselves.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Using NAT Instance

    Internet

    VPC 10.200.0.0/16
    IGW
    Public Subnet A
    10.200.0.0/24 Private Subnet Route Table
    Public IP,
    Private IP EC2-A NAT Destination Target
    Instance
    10.200.0.0/16 local
    AZ1
    0.0.0.0/0 NAT-INSTANCE-ID
    Private Subnet B
    10.200.1.0/24
    Private IP
    EC2-B

    AZ2
    NAT Instance
    Continuing with the Lecture 2 setup (VPC Public and Private Subnets)

    1. Create a NAT EC2 Instance in public subnet using NAT AMI amzn-ami-vpc-nat
    2. Security group to allow traffic on port 80 from private subnet CIDR
    3. Disable source/destination check
    4. Update route table of private subnet and add route for internet traffic (0.0.0.0/0) using
    NAT instance id
    5. Login to EC2-A and from there login to EC2-B over ssh
    6. Now try to access internet from EC2-B instance. Should be successful
    a. ping google.com

    You might also like