42 ‐ Networking ‐ NAT GW ‐ connect Private instance with one way connectivity to internet - SanjeevOCI/Ocidocs GitHub Wiki

Objective :- Establish One-Way connectivity to Internet from the Private Instance

1. Login to a Private instance in Spoke VCN, via the Bastion-server
2. Use NAT Gateway to allow private subnet instances to access the internet while preventing inbound internet traffic from reaching them.

1. Connect to the Application server

Connect to the Application server through the Bastion Server

ssh -i /home/opc/keys/privkey.pem [email protected]

2. Ping google.com

After connecting to the Application server, ping google.com. We see that the Ping is not working

3. Create a NAT Gateway

Create a NAT Gateway by navigating to Networking --> VCN --> Spoke VCN --> Select "NAT Gateways" --> Create a new NAT Gateway

4. Add a Route Rule for NAT Gateway

Go to the Private-Subnet in the Spoke VCN --> Select "the associated Route Table --> Add a Route Rule for the newly created NAT Gateway to enable one-way connectivity from the Private Instance to the Internet

5. Ping to google.com working

Ping google.com from Application server instance again. We can see that the Ping is NOW working