Difference between revisions of "Create Custom NAT Instance in AWS VPC"
Jump to navigation
Jump to search
(Created page with "== Purpose == Build a NAT instance using CentOS to propose internet access for private subnet in AWS VPC. <br>In this tutorial, we assume that we already have a VPC with pub...") |
|||
| Line 38: | Line 38: | ||
[centos@nat-server ~]$ cat /proc/sys/net/ipv4/ip_forward | [centos@nat-server ~]$ cat /proc/sys/net/ipv4/ip_forward | ||
1 | 1 | ||
| + | </pre> | ||
| + | |||
| + | == Set Iptables for Masquerade == | ||
| + | |||
| + | Issue iptables command below : | ||
| + | |||
| + | <pre> | ||
| + | [centos@nat-server ~]$ iptables -t nat -A POSTROUTING -o eth0 -s 172.31.158.0/24 -j MASQUERADE | ||
| + | </pre> | ||
| + | |||
| + | Edit the /etc/rc.local file to make masquerade will automatically enable at boot time : | ||
| + | |||
| + | <pre> | ||
| + | [centos@nat-server ~]$ vi /etc/rc.local | ||
| + | </pre> | ||
| + | |||
| + | And add this iptables command before "exit 0" : | ||
| + | |||
| + | <pre> | ||
| + | ... | ||
| + | |||
| + | iptables -t nat -A POSTROUTING -o eth0 -s 172.31.158.0/24 -j MASQUERADE | ||
| + | exit 0 | ||
| + | |||
| + | ... | ||
| + | </pre> | ||
| + | |||
| + | Run 'chmod +x /etc/rc.d/rc.local' to ensure the script will be executed during boot : | ||
| + | |||
| + | <pre> | ||
| + | [centos@nat-server ~]$ chmod +x /etc/rc.d/rc.local | ||
</pre> | </pre> | ||
Revision as of 12:35, 14 November 2019
Contents
Purpose
Build a NAT instance using CentOS to propose internet access for private subnet in AWS VPC.
In this tutorial, we assume that we already have a VPC with public and prvate subnet like belo picture.
Preparation
[root@nat-server ~]# yum update
Dissable Source/Dest. Check for the NAT Server
Configure System
In /etc/sysctl.conf enable ip forwarding :
[root@nat-server ~]# vi /etc/sysctl.conf
Add this :
# For NAT Server net.ipv4.ip_forward = 1
Reboot now for good measure :
[root@nat-server ~]# reboot
Test our config :
[centos@nat-server ~]$ cat /proc/sys/net/ipv4/ip_forward 1
Set Iptables for Masquerade
Issue iptables command below :
[centos@nat-server ~]$ iptables -t nat -A POSTROUTING -o eth0 -s 172.31.158.0/24 -j MASQUERADE
Edit the /etc/rc.local file to make masquerade will automatically enable at boot time :
[centos@nat-server ~]$ vi /etc/rc.local
And add this iptables command before "exit 0" :
... iptables -t nat -A POSTROUTING -o eth0 -s 172.31.158.0/24 -j MASQUERADE exit 0 ...
Run 'chmod +x /etc/rc.d/rc.local' to ensure the script will be executed during boot :
[centos@nat-server ~]$ chmod +x /etc/rc.d/rc.local
