My configuration
1. Created a VPC (poller-vpc)
2. Created two subnets (private subnet[0.0.1.0/27] , public subnet[0.0.1.32/27])
3. Added firewall rule (tcp, udp, icmp for 0.0.0.0/0 for vpc-poller network)
4. Created "nat-instance" in public subnet having both private/ public IP, can forward ip and tag = "nat"
5. Created "test-instance" in private subnet having only private IP, having tag = "no-ip"
6. Created route for destination (0.0.0.0/0) tags = "no-ip" and next-hop-instance = "nat-instance"
7. Logged in to "nat-instance" and ran ["sudo sysctl -w net.ipv4.ip_forward=1", "sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE"]
8. Then ssh into private instance and tried apt update but not able to connect to internet from private instance through nat.
I followed
cloud.google.com/vpc/docs/special-configurations
Thanks
Ayush
Best Answer
1 - After following the steps in the page you provided, I was able to SSH into the NAT gateway VM instance.
I've run this command:
2 - From that NAT gateway VM instance, I was able to SSH into the internal VM instance
3 - From there, I was able to connect to the public Internet. I’ve ran the apt-get command. It worked for me.
If you follow the same steps as in the article, it should work.
If it still doesn’t work, then you should troubleshoot with the default networking commands such as
traceroute
to look at the hops that the packet is crossing.