EC2 (private subnet) cannot connect to the Internet through a NAT instance (public subnet).
/sbin/iptables-t nat-A POSTROUTING-oeth0-s 0.0.0.0/0-j MASQUERADE
What are some ways to isolate a problem?From the AWS console screen, both Internet ACLs and security groups appear fine.
aws amazon-ec2
How about capturing packets with tcpdump or something on a NAT instance?
EC2 (private subnet) packets are entering the NAT instance or
Verify that you are trying to export packets from the NAT instance.
I think it would be better to try separating them.
In addition, if the EC2 (private subnet) packet does not appear to be flying,
You need to review the route table in EC2 (private subnet) and the route table in the VPC.
To review the VPC route table, use the
Is the route table for that VPC configured with the gateway as a NAT instance?
Specifically,
(I'm sorry for the other article on my site below)
https://hrkworks.com/it/cloud/aws-azure/
Is it configured as shown in Settings - AWS Web Console in ?
If EC2 (private subnet) packets are flying in, I think the rest is a NAT instance configuration issue.
When I wrote the article, I made the Windows server a NAT instance, so
I don't know how to make it a NAT instance on Linux.
As I remember when I created a router with 2 NICs on Linux in the past, it seems that forward settings were necessary...
https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/6/html/load_balancer_administration/s1-lvs-forwarding-vsa
There has been a function called NAT Gateway for quite some time, but does that mean you are trying to set up a NAT instance because it doesn't meet the requirements?
If there is a reason, I think it would be better to reconfirm how to stand it as it is in the document below.
https://docs.aws.amazon.com/ja_jp/vpc/latest/userguide/VPC_NAT_Instance.html
Have you disabled the source/destination check listed above?
© 2024 OneMinuteCode. All rights reserved.