I am using two public subnets in two availability zones, and then two private subnets in those same availability zones. I have an elastic load balancer that forwards traffic to my EC2 instances in the private subnets.
I have a bastion server in the public subnet and that is how I can reach the instances in the private subnets.
I can SSH to the bastion server, SSH into the servers from there on the private subnets, and on those servers I can successfully run sudo yum update, my load balancer can talk to them, etc, BUT I cannot git pull from Bitbucket (it just hangs)…
I even tried updating the Network ACL on the private subnets to allow all traffic and that didn't work either, so the issue appears to not be the Network ACL.
EDIT:
I forgot to mention that I have NAT Gateways configured and I can make HTTP and HTTPS requests to the outside world from my private subnet…
EDIT (screenshots of route tables):
Private table 1:
Private table 2:
Public table:
EDIT (Network ACLs):
Private inbound:
Private outbound:
Public inbound:
Public outbound:
Any ideas why I can't git pull?
Best Answer
What is in your Private subnet Route Table? I strongly suspect that you don’t have a NAT Gateway configured and route to the Internet set through the NAT.
See here for more info about why may you need a NAT Gateway for private subnets: NAT gateway for EC2 instances
Hope that helps :)