Reputation: 1
Internet access for EC2 private instance
We would like to know if its possible to make our on-premise firewall the NAT instance for the private instance in AWS VPC for outbound internet access (to get updates for example)?
We currently have AWS VPC scenario 4 implemented.
Thanks!!
Upvotes: 0
Views: 622
Answers (1)
Reputation: 52393
For Scenario 4: VPC with a Private Subnet Only and Hardware VPN Access, all outbound (non-VPC) traffic has to go through the customer gateway to on-prem. So if you want to access internet, the traffic goes through on-prem and then outbound from on-prem/corporate network.
In short: From AWS VPC, if you want to access any AWS endpoint, you have to go through the corporate/customer network. You have to allow outbound in your on-prem firewall. There is no other option.
If you really want to access internet through NAT, you should have created Scenario 3: VPC with Public and Private Subnets and Hardware VPN Access
Upvotes: 2
Related Questions
- Connecting to internet through VPC peering
- AWS VPC can't access Internet despite configuring NAT, Internet Gateway according to rules
- NAT Gateways-how do you go about SSH'ing into the private EC2?
- How to make EC2 instance in private subnet accessible from the internet? (as in being able to visit the website)
- Providing internet access to private Ec2 instance using NAT instance
- Getting issue while trying to access internet from private-subnet instance via nat intance in aws?
- AWS Public Subnet Internet Access for Non Public IP Instances
- How to access internet from an EC2 instance running Amazon Linux that is in a VPC?
- Access Internet from AWS VPC instance without public IP address
- How to access the internet from VPC private subnet