Creating VPC with a NAT Instance

Creating VPC with a NAT Instance

In Custom VPC, instances created in Private Subnet will not have internet connectivity by default. In this tutorial we will learn how to use NAT instance to enable Internet for all the instances created in Private subnet.

Read more about NAT instances on official AWS page  https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html

Prerequisites:

  1. Custom VPC with Private and Public subnet
  2. A NAT instance
  3. EC2 Instances

1. Custom VPC with Private and Public subnet

Kindly follow this tutorial to create a VPC with Private and Public subnet.

2. Create a NAT Instance

Points to remember
  1. NAT instance should be launched from Public Subnet
  2. NAT instance should have Public IP
  3. Add a route from Private subnet to NAT instance

Now login to EC2 console and click “Launch Instance”  in EC2 Dashboard.  In EC2 launch wizard, select “Community AMI’s” and search for NAT instances by entering keyword “nat” in the search box. Select the first search result and then click “Select”.

Now select “t2.micro” instance and click NEXT.

We should launch NAT instance in Public subnet to make the instances created in private subnet are internet accessible.

In Step 3, select the custom VPC that you have created and choose  subnet with name “PublicNet“. Also make sure that “Auto-assign Public IP” is in “enable” state.

Click on Next, “Add storage” , leave the settings as it is and click Next again to “Add tags“.

Now click Next to Configure Security Group (SG).  You could use existing SG or create a new one.

Let us create a new SG that will “Allow” all traffic from Private subnet 10.0.2.0/24.  In production environment, it is recommended to allow only specific ports that are required by the application.

Now “Review” everything and Launch the instance.

3. Disable Source/Destination Check

Once the NAT instance is ready, select it and click  “Networking” under “Actions” menu.

In ” Enable Source/Destination Check for the instance” pop up window, click “Yes,disable” button.

4. Create new Route table for Private subnet

In VPC console, select “Route tables” from side bar and click “Create route table“.  Select your custom VPC from dropdown  and tag a name. Finally, click “Yes, Create” button.

Once the route table is created,  click  “Edit” route table to add a route to our NAT instance

Add entries as given below and click “Save

Destination: 0.0.0.0/0

Target: NAT instance ID

5. Associate with Subnet

In the same window, we need to associate our newly created Private route table “PrivateRT” with Private subnet “PrivateNet“.

Select “Subnet Association” tab and click “Edit

Select “PrivateNet” Subnet and click “Save

6. Verify

SSH into your instance in Private subnet via  instance in Public subnet that has publicly accessible IP (Bastion host/ Jump host servers normally).  Then try PING any external domain and see if it responds.

As you can see, It is responding to PING! You may now perform system update, install, patch etc.

Please comment if you face any difficulty  in setting up NAT instance.

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn
More Interested Related Posts
zfs pool usage

ZFS Pool and Dataset Usage

ZFS Pool and Dataset Usage   I am back with another blog to provide the useful script to the Freebsd users to determine the zpool

Assistanz Networks

Installing Zabbix Agent in FreeBSD 12.0

Zabbix Agent Installation and Configuration Guide on FreeBSD 12.0   Zabbix is an open-source monitoring software tool for diverse IT components, including networks, servers, virtual

DirectAdmin Server Management Plans

Premium Support

24/7 End User Support from your Helpdesk
$ 99 Monthly / Server
  • Unlimited Support Plan
  • 24/7 Emergency Phone
  • Chat Support for Admin
  • Separate Account Manager
  • NDA & SLA
  • SLA Review Meetings
  • FREE Consultancy Services
  • Simple SignUp Process
  • Instant Account Activation
  •  

Platinum Support

24/7 Proactive Support
$ 49 Monthly / Server
  • Unlimited Support Plan
  • 24/7 Emergency Phone
  • Chat Support for Admin
  • Separate Account Manager
  • Advance Proactive Monitoring
  • Guaranteed SLA
  • SLA Review Meetings
  • 3rd Party Application Support
  • FREE Consultancy Services
  • Server Migration Support
  • Weekly Status Report
  • No End User Support
Popular

Unlimited Support

24/7 Support

$ 30 Monthly / Server
  • Unlimited Support Plan
  • 24/7 Support
  • Basic Monitoring
  • 30 Minutes Response Time
  • 4 Hours Resolution time for the Possible Issues
  • Security and Performance Optimization
  • React to Customers queries
  • Simple SignUp Process
  • Instant Account Activation
  • No Third party application support
  • No Migration and End User Support

Cpanel Server Management Plans

Premium Support

24/7 End User Support from your Helpdesk

$ 99 Monthly / Server
  • 24/7 End User White Label Support
  • Unlimited Number of Tickets
  • Chat Support for Admin
  • Separate Account Manager
  • Guaranteed SLA
  • Weekly Status Reports
  • FREE Consultancy Services
  • Simple SignUp Process
  • Instant Account Activation

Platinum Support

24/7 Proactive Server Management
$ 49 Monthly / Server
  • Unlimited Support Plan
  • 24/7 Emergency Phone
  • Chat Support for Admin
  • Separate Account Manager
  • Advance Proactive Monitoring
  • Guaranteed SLA
  • SLA Review Meetings
  • 3rd Party Application Support
  • FREE Consultancy Services
  • Server Migration Support
  • Weekly Status Report
  • No End User Support
Popular

Unlimited Support

24/7 Server Management

$ 29 Monthly / Server
  • Unlimited Admin Tasks
  • 24/7 Support
  • Basic Monitoring
  • 30 Minutes Response time
  • 4 hours Response time for possible issues
  • Security and Performance Optimization
  • React to Customers queries
  • No Third party application support
  • No Migration and End User Support

Cpanel Server Management Plans

Premium Support

24/7 End User Support from your Helpdesk

$ 99 Monthly / Server
  • 24/7 End User White Label Support
  • Unlimited Number of Tickets
  • Chat Support for Admin
  • Separate Account Manager
  • Guaranteed SLA
  • Weekly Status Reports
  • FREE Consultancy Services
  • Simple SignUp Process
  • Instant Account Activation

Platinum Support

24/7 Proactive Server Management
$ 49 Monthly / Server
  • Unlimited Support Plan
  • 24/7 Emergency Phone
  • Chat Support for Admin
  • Separate Account Manager
  • Advance Proactive Monitoring
  • Guaranteed SLA
  • SLA Review Meetings
  • 3rd Party Application Support
  • FREE Consultancy Services
  • Server Migration Support
  • Weekly Status Report
  • No End User Support
Popular

Unlimited Support

24/7 Server Management

$ 29 Monthly / Server
  • Unlimited Admin Tasks
  • 24/7 Support
  • Basic Monitoring
  • 30 Minutes Response time
  • 4 hours Response time for possible issues
  • Security and Performance Optimization
  • React to Customers queries
  • No Third party application support
  • No Migration and End User Support