AWS with EIP public ip address setup

birdperson — Wed, 24 Feb 2021 20:32:31 GMT

Hi All, pretty dumb question here. I've setup the VM-series in AWS and attached three interfaces to the box. The intention here is to setup NAT (due to overlapping IP space) over a site-to-site VPN.

* management, I can get to this just fine and use the web console etc (call this 10.0.0.2/24)

* "inside" attached to eth1/1, is connected to our private network ( call this 10.0.0.3/24)

* "outside" attached to eth1/2, is connected to our public network in AWS and has an EIP associated (associated address is 10.1.0.2/24)

eth1/1 and eth1/2 are setup using DHCP in AWS, with eth1/2 having un-checked the "Automatically create default route to default gateway provided by server" box.

The question is where/how does one configure the "public or outside" interface to reach the internet via the EIP? I can't seem to get traffic to flow out that interface (using the EIP) no matter what set of routes I put in place.

Re: AWS with EIP public ip address setup

Gladstone — Thu, 25 Feb 2021 21:12:33 GMT

To egress the internet from your 'public' interface, you'll need to put it into a Public AWS subnet. For this subnet in the aws route tables you'll route 0.0.0.0 to the Internet Gateway (IGW). Also set an EIP on your Eth1/2 ip address. The IGW does the nat translation as it leaves to the internet.

topic Re: AWS with EIP public ip address setup in VM-Series in the Public Cloud

AWS with EIP public ip address setup

Re: AWS with EIP public ip address setup