I'm trying to hook up my private subnet postgres cluster to have internet access without being publicly accessible. My setup is as follows:
I have a VPC 10.1.0.0/16
with 4 subnets:
Postgres Subnet 10.1.2.0/24
with security group allow all ports dest.
I have then attached NAT Gateway to my subnet and I allocated and associated an EIP to that NAT.
Then I created a route table that associates with my subnet that is:
10.1.0.0/16
local0.0.0.0/0
My-NAT
I've checked that status of my NAT Gateway and EIP and everything is active and public.
After tunneling and connecting to my private ec2 postgres instance, I cannot ping my NAT Gateway -> Private IP Address 10.1.2.124/24
where my postgres server is 10.1.2.11/24
.
I am at my wits end. If you need the cloudformation
file to help debug, let me know and I will provide that.
Thanks!
Best Answer
Do you have an internet gateway attached to your VPC? Also, put the NAT gateway in a separate subnet.
This is the usual setup: