Setting Up AWS VPC NAT Gateway

Spread the love


In this post of devOpsJourney , you will see how to setup “VPC NAT Gateway in AWS”.

If there is a requirement when you want to enable private subnet to initiate outbound traffic to the Internet and at the same time you also want to prevent the instances from receiving inbound traffic initiated by someone on the Internet. You can use a network address translation (NAT) instance in a public subnet in your VPC.

Now AWS has made it very easy by launching VPC NAT Gateway. With this feature now you don’t need to setup NAT Instance manually in public subnet. Instead you can follow VPC NAT Gateway wizard, and setup NAT Instance on the fly. Also there is no need to manage and scale gateway.

Here are the steps :


Step 1: Go to VPC and click on NAT Gateway on left Menu Panel.





Step 2 : Select the Public Subnet in which you want to launch the Gateway and Assign a Elastic IP. Create a new Elastic IP if you don’t have .



Step 3: It should look like similar to this. Click on Create a NAT Gateway.



Step 4 : Once Clicked it will take few moments to create.



Step 5: Wait till status become available.



Step 6 : Update the Route Table attached to your Private subnet.










Step 7 : Mention the Gateway Id in Target.










Step 8 : It should look like similar to this once saved.


Step 9 : Now in order to test VPC NAT Gateway, Launch two Instance – one in public subnet and one in Private Subnet. Public Subnet Instance will work as Jump Host for Private Subnet Instance as you can not login directly to Private Subnet Instance.



Step 10 : Login to Instance in Public Subnet.













Step 11 : Now Login to Private Subnet Instance using its Private IP.













Step 12 : Try to ping an URL .













Step 13 : Try to wget the Index Page.














We are able to ping the URL and Download the content from Private Subnet Instance. Hence this VPC NAT Gateway is working for us.

So In this way , we can setup VPC NAT Gateway in AWS and can access internet in Private Subnet Instances behind NAT.

This was all about our post. Let us know if you have any questions, suggestions, feedback. We ‘ll surely look into this.


— Ishant
Share with your network.


Leave a Reply

Your email address will not be published. Required fields are marked *