Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 2 subscribers
  • Views 4571 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Number of network interfaces required in AWS EC2 Instance to rouut multiple subnets

vmsiyer
We are currently using UTM 9 software appliance in an AWS EC2 instances. Our environments has development, staging and production web servers which are required to access the internet from the private subnet.

To achieve this do I need to create:
- 4 interfaces in UTM for External (public), Internal1(development private), Internal2 (Staging private) and Internal3(Production private) in UTM Interfaces and Routing tab

- Corresponding to that do I need have an EC2 instance with 4 network interfaces in AWS EC2. This means I can select only a c3.xlarge instance.

Any help on this configuration details is highly appreciated. Please let me know.

Thanks
-vmsiyer


This thread was automatically locked due to age.
Parents
  • 0
    Yes, if you want to keep the subnets isolated via the VPC subnet mechanism, you will need an instance type that supports the proper number of interfaces.

    You can also "fake" this and use a smaller instance type, possibly, if you just add an additional address to an existing VPC subnet interface for the UTM instance, and isolate the instances on that subnet interface from each other with AWS Security Groups.  I've done this in a pinch, but the "correct" way to do this is via an instance with a sufficient number of interfaces.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0
    Yes, if you want to keep the subnets isolated via the VPC subnet mechanism, you will need an instance type that supports the proper number of interfaces.

    You can also "fake" this and use a smaller instance type, possibly, if you just add an additional address to an existing VPC subnet interface for the UTM instance, and isolate the instances on that subnet interface from each other with AWS Security Groups.  I've done this in a pinch, but the "correct" way to do this is via an instance with a sufficient number of interfaces.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML