I have been fighting with setting up a VPC NAT install for the last 2 days and cannot make the system work. I believe I have created and setup everything correctly but I am unable to access the internet from my "Internal" network server or have an Inbound NAT connect to an "Internal" service. Any thoughts or suggestions would be greatly appreciated.
I created a VPC using the wizard (with Public and Private Subnets) using 192.168.0.0/16 as the IP CIDR block, 192.168.200.0/24 as the Public Subnet, and 192.168.0.0/24 as the Private Subnet. I then Launched the 9105 Sophos instance with eth0 on the Public (dhcp 192.168.200.90) and added eth1 on the Private (static 192.168.0.253). Both interfaces appear to work properly and I can access the Web Admin, ssh, and the internet all on that system. I then launched a second instance (SuSE linux) on the Private network with only eth0 (static 192.168.0.252).
At the moment I have 2 Firewall rules:
1 - Internal (address) and Internal (Network) -> ssh -> Internal (Network)
2 - Internal (Network) -> Any -> Any
1 NAT rule:
SNAT
Internal (Network) -> Any -> Any
External (Address)
Automatic Firewall rule (Yes)
I can ssh to the Firewall and from there ssh to my internal server (.0.252). From .0.252 I can ping 0.253 (the firewall) but no further. I also cannot access web or ssh past the firewall (only ones I have checked so far).
I have 2 VPC routes associated with this VPC:
1 has local with DG to igw-*** associated with the firewall
2nd has local with DG to eni-*** / i-*** pointing to the Internal interface of the Firewall
I never see any traffic in the live log of the Firewall from the internal server unless it is a ping or ssh to .0.253 (Internal address of the Firewall)
Again I have tried creating the entire setup several times now but I just cannot get it to work. I am sure there is a basic config step I am missing but as I am new to VPC I am having issues with the proper config.
Thanks for any help,
Jimmy
This thread was automatically locked due to age.
