1.1 Create an EC2 instance
1.2 Security group: SSH 10.0.0.0/16 (Effectively making it private)
1.3 Launch it with new key pair
2 Create a NAT instance
2.1 Search 'NAT' when choosing AMI -> Community AMIs -> Select first one
2.2 Security group:
SSH from 0.0.0.0/0
HTTP from 10.0.0.0/16 (my-vpc)
HTTPS from 10.0.0.0/16 (my-vpc)
2.3 Disable Source/Destination check
ssh from the public instance to private instance using the new key pair. ping google.com or curl google.com doesn't work
3 Create a new rule in private route table
Destination=0.0.0.0/0, target=nat instance
curl google.com works, but ping google.com still doesn't work.
4 Add a new security group in the NAT instance
All ICMP - IPv4 from 10.0.0.0/16 (my-vpc)
1.1 Create an EC2 instance 1.2 Security group: SSH 10.0.0.0/16 (Effectively making it private) 1.3 Launch it with new key pair
2 Create a NAT instance 2.1 Search 'NAT' when choosing AMI -> Community AMIs -> Select first one 2.2 Security group: SSH from 0.0.0.0/0 HTTP from 10.0.0.0/16 (my-vpc) HTTPS from 10.0.0.0/16 (my-vpc) 2.3 Disable Source/Destination check
ssh from the public instance to private instance using the new key pair.
ping google.com
orcurl google.com
doesn't work3 Create a new rule in private route table Destination=0.0.0.0/0, target=nat instance
curl google.com
works, butping google.com
still doesn't work.4 Add a new security group in the NAT instance All ICMP - IPv4 from 10.0.0.0/16 (my-vpc)