6.5 Create a Custom VPC Part 4
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
3 hours 27 minutes
hello and welcome back to the course.
In our last video, we successfully logged into our private server from our public server
using SS H agent forwarding.
We quickly discovered, however,
that we were unable to perform a U. M update on the server
because it has no gateway to the Internet.
In this video,
we will add in that gateway and then attempt to update our private server again.
So, just as a quick review, what is it that giggling
the network address? Translation. Gateway is a highly available AWS managed service
that makes it easy for us to connect to the Internet. For Marty, see two instances
that are located within our private sub net.
Prior to the introduction of the Net Gateway in 2015
we would have to configure a monitor at least two E. C. Two instances in the cluster for high availability toe actors are in that gateway.
It just added additional complexity and monitoring to R V P. C.
With the Nat Gateway,
it WS handles all of the netting for us.
The gateway has built in redundancy for high availability.
Each gateway that we create can handle up to 10 gigabytes per second of bursting
T C P u T P
and I see MP traffic.
All that we need to do
is a sign an elastic I p address when we create our gateway
which I will show you how to do shortly.
let's connect today W s consul
then pullup are easy to dashboard.
We should have two running instances
our public and private servers.
So now let's go back to the console
and pull a power. Vpc dashboard
didn't select Nat Gateways from the menu on the left
Quick create Nat Gateway
Let's assign it to our public sub net.
We've never created an elastic I p to this point. So select create new E i p
and then click created that gateway
while are not ***, was spinning up.
Let's quick close
the net Gatewaycan take a few minutes toe become available so I will speed up the video a little
So now it's available in AWS has assigned us in the last guy p
One thing that I will mention is that the I p addresses and that gateways do encourage charges.
So make sure that you delete the gateway when you complete this lap
next we will need to edit our route table in our private sudden it
so select the private, sudden it
and then click edit routes.
We were at a default route that will send all traffic to the Net Gateway
and then save the route
So we're now ready to test.
Let's go back to the AWS Council and pull up the EEC to dashboard
and get the address of our public. Easy to instance.
Then let's go back to my limits. Instance.
Let's add the private key again to memory,
then verified that it's there.
Cool. It's a memory.
I'll clear my screen
and let's log into our public instance using sssh!
Awesome! So we have successfully logged into our public instance.
let's log into our private instance.
Let's go back to the easy to dashboard to get the private I P address,
copy it to the clipboard
and try to log in.
Great. So we have authenticated successfully.
Now let's make ourselves route
and attempt the Yum update again
and awesome are not. Gateway is working like a charm.
Our private instance can reach out to the Internet for its updates.
Great job. Everyone
in our final video. In this section,
we will create an A C L for a private summit
and then launch our first D B server.
So see you in the next video.