DEV Community

Cover image for NAT Gateway Implementation
Clinton Ogechi
Clinton Ogechi

Posted on • Edited on

NAT Gateway Implementation

#aws #cloud #cloudcomputing

A NAT Gateway is a key component in AWS networking, that allows instances in a private subnet to connect to the internet or other AWS services while preventing inbound traffic from the internet. Below are steps on how to implement it;

Aim

To provide a comprehensive guide on implementing a NAT Gateway in AWS, detailing the necessary steps to set up a secure and efficient networking environment.

Objectives

  • To demonstrate the configuration and attachment of an Internet Gateway to facilitate internet connectivity for the public subnet.
  • To provide step-by-step instructions for creating and configuring a NAT Gateway.
  • To verify the configuration by launching instances in both public and private subnets, confirming their respective connectivity requirements are met.

Steps

1. Create a VPC

  1. Log in to the AWS Management Console.
  2. Navigate to the VPC Dashboard.
  3. Click on Your VPCs in the left-hand menu.
  4. Click on Create VPC.
  5. Fill in the following details: Name tag: MyVpc IPv4 CIDR block: 10.0.0.0/16
  6. Click on Create VPC.

Image description

2. Create Subnets

Create Public Subnet

  1. In the VPC Dashboard, click on Subnets.
  2. Click on Create subnet.
  3. Enter the following details: Name tag: PublicSubnet, VPC: Select MyVpc, Availability Zone: Choose one (e.g., af-south-1a ), IPv4 CIDR block: 10.0.1.0/24.
  4. Click on Create subnet.

Image description

Create Private Subnet

  1. In the VPC Dashboard, click on Subnets.
  2. Click on Create subnet again.
  3. Fill in the following details: Name tag: PrivateSubnet VPC: Select MyVpc Availability Zone: Choose one (e.g., af-south-1b ) IPv4 CIDR block: 10.0.2.0/24
  4. Click on Create subnet.

Image description

3. Create and Attach an Internet Gateway

  1. Go to the Internet Gateways section in the VPC Dashboard.
  2. Click on Create internet gateway.
  3. Fill in the following details: Name tag: MyInternetGateway
  4. Click Create internet gateway.
  5. Select the newly created Internet Gateway and click Actions > Attach to VPC.
  6. Select MyVpc and click Attach internet gateway.

Image description

Image description

4. Create a NAT Gateway

  1. Go to the NAT Gateways section in the VPC Dashboard.
  2. Click on Create NAT gateway.
  3. Fill in the following details: Name tag: MyNatGateway Subnet: Select PublicSubnet Elastic IP allocation ID: Click on Allocate Elastic IP and then Allocate.
  4. Click Create a NAT Gateway.

Image description

5. Create Route Tables

  1. Go to the Route Tables section in the VPC Dashboard.
  2. Click on Create route table.
  3. Fill in the details for the public route table: Name tag: PublicRouteTable VPC: Select MyVpc
  4. Click Create route table.
  5. Select the newly created route table PublicRouteTable and click on the Routes tab.
  6. Click Edit routes > Add route.
  7. Set the Destination to 0.0.0.0/0 and Target to the Internet Gateway ( MyInternetGateway ).
  8. Click Save routes.

Image description

Image description

  1. Go back to Route Tables and create another route table for the private subnet: Name tag: PrivateRouteTable VPC: Select MyVpc
  2. Click Create route table.
  3. Select the newly created route table PrivateRouteTable and click on the Routes tab.
  4. Click Edit routes > Add route.
  5. Set the Destination to 0.0.0.0/0 and Target to the NAT Gateway ( MyInternetGateway ).
  6. Click Save routes.

Image description

Image description

6. Associate Route Tables with Subnets

  1. Select the PublicRouteTable route table.
  2. Click on the Subnet associations tab.
  3. Click Edit subnet associations.
  4. Select the PrivateRouteTable and click Save.
  5. Select the PrivateRouteTable route table.
  6. Click on the Subnet associations tab.
  7. Click Edit subnet associations.
  8. Select the PrivateRouteTable and click Save.

Image description

Image description

7. Launch Instances

  1. Go to the EC2 Dashboard in the AWS Management Console.
  2. Click on Launch Instance.
  3. Fill in the following details: Name: public-instance AMI: Select an AMI, e.g., Amazon Linux 2 Instance type: t2.micro (or any other type you prefer) Key pair: Create a new key pair or select an existing one
  4. Network settings: VPC: Select MyVpc Subnet: Select PublicSubnet Auto-assign Public IP: Enable
  5. Click Launch instance.
  6. Repeat the steps to launch another instance in the private subnet: Name: private-instance AMI: Select an AMI, e.g., Amazon Linux 2 Instance type: t2.micro (or any other type you prefer) Key pair: Create a new key pair or select an existing one Network settings: VPC: Select MyVpc Subnet: Select PrivateSubnet Auto-assign Public IP: Disable

Verify the Configuration

Public Instance: Should have internet access directly.
Private Instance: Should have internet access through the NAT Gateway.

Conclusion

A NAT Gateway is essential for allowing instances in a private subnet to securely access the internet or other AWS services while preventing inbound traffic. This setup ensures the privacy of your internal resources and effective management of outbound connections, enhancing the security and functionality of your AWS environment.

Top comments (0)

Read next

iseecodepeople profile image

Amazon FSx for NetApp ONTAP - Expert Storage for any workload

Varun S -

sakshi360 profile image

Efficiently Deleting Multiple Lakhs of Records from DynamoDB Using Lambda: A Comprehensive Guide

Sakshi Agarwal -

aws-cloudsec profile image

Issue 67 of AWS Cloud Security Weekly

AJ -

mrcaption49 profile image

Terraform - Infrastructure as a Code

Pranav Bakare -