For the creation of NAT Instance, we are going to follow the below steps 1. Creating the VPC. 2. Creating the Subnet(public and private). ...
For the creation of NAT Instance, we are going to follow the below steps
1. Creating the VPC.
2. Creating the Subnet(public and private).
3. Creating the IGW(internet gateway).
4. Creating the route table for public and private subnets.
5. Adding the IGW and associating the public subnet in the public route table.
6. Creating the NAT instance using VPC and public subnet.
7. Creating the private instance using VPC and private subnet.
8. Adding the NAT instance Id and associating the private subnet in the private route table.
9. Enabling the Natting in the NAT instance.
10. Check the private instance connection from a public instance.
To create the NAT instance and Public instance you need a VPC, Subnet, and Route table
If you are not already created VPC, Check out our blogs
What is VPC and how to create VPC?
How to create the Subnet, Route tables, and IGW in AWS.
To create the NAT instance go to ec2 console click instance and click launch instance. It goes to the next page, where you need to click the community AMI and type NAT in the search bar, it will give you the available NAT instance, you can choose any NAT instance.
Next step Choose an Instance Type, as per your requirement you need to choose the instance type for the free tier and need to choose t2.micro. After choosing the instance type click to configure instance details.
The next step is the storage option. Here we need to choose the volume size, and type, if you want two volumes you can add them by using the option Add New Volume.
If you do not know about the volume type checkout the blog What is EBS volume and types of volumes.
If you want to add Tag for instance you can add the tag by clicking the add tags option.
Now we need to create the private instance here same above steps we need to follow only two changes
1. You need to choose the Normal community AMI instance instead of NAT.
2. Choose the private subnet in the network part.
Once a private instance is created you can name it as private.
Now, All set, need to route the traffic to the private instance from the NAT, so go to the private instance route table and add the NAT instance id in the routes.
In the Instance option, we can see many instances, we need to choose the correct NAT instance. Save the changes
Now ready to check, before that, we need to do one more step, NAT instance needs to NAT the connection to the private, so choose the NAT instance from the ec2 console, right-click or click Actions you will see the networking click that will see change source/destination check.
Click S/D check it will prompt another window, Need to give the source and destination check as stop and save the changes. then only the instance acts as a NAT instance
Now, all set finally we need to check the connectivity by login the private instance from the public instance.
You must need to enable protocols in the NAT instance’s Security Group.
You need to access all protocols from the private instance needed to enable all traffic in the NAT instance’s security group.
If you want to ping google and DNS from the private instance you must need to enable the ICMP protocol in the NAT instance’s security group same for Http, Https other protocols.
Now you can see the private instance it must connect to the internet.
Now we can able to connect by using the ssh command: ssh -i "testing.pem" ec2-user@172.16.128.168