I've finally decided to migrated from Classic to VPC.
I've setup a VPC: 10.0.0.0/16 (with 2 subnets 10.0.1.0/24 and 10.0.2.0/24).
Asked
Active
Viewed 29 times
0
-
Are you using a bastion host to connect to them? Do you have an Elastic IP connected to them? Have you checked your security group settings (specifically that you allow inbound traffic) ? – Lorenzo Aiello Oct 03 '16 at 09:47
-
above answering your questions :) – Adam Oct 03 '16 at 09:51
-
you dont need the NAT gateway in this case. What are your network ACLs? – at0mzk Oct 03 '16 at 09:53
-
So, the NAT gateway is just for outbound traffic as an alternative to the Internet Gateway. Neither should prevent inbound traffic. I'm assuming you have confirmed that the web server is running and responding to port 80 on the local network? If so, did you make any changes to the VPC ACLs (another way of interfering with inbound traffic)? – Lorenzo Aiello Oct 03 '16 at 09:55
-
netstat shows its listening on port 80/443. I'll drop the Internet Gateway as you said its not required for inbound traffic. – Adam Oct 03 '16 at 09:59
-
Stop. You absolutely need the Internet Gateway. It has to be the target of the default route on all "public" subnets (that is, subnets with EC2 instances or Elastic Load Balancers or anything else with a public IP address; by definition and necessity, these subnetd have the Internet Gateway as their default route. You can create one if it is absent). Also, you may wish to [read this answer about Private vs. Public Subnets in VPC](http://stackoverflow.com/a/22212017/1695906) and see if that is helpful un understanding VPC networking. – Michael - sqlbot Oct 03 '16 at 10:46
-
Please edit some of the relevant detail back into your question. As it stands, it has too little information to be answered meaningfully. – Michael - sqlbot Oct 03 '16 at 10:47