I understand that the NAT gateway is used to send the request generated from an aws instance in a private subnet to the internet and get the response back to instance. Please suggest if there is any way to have a request originated from the internet to reach the instance in private subnet using NAT gateway?
1 Answers
Hi Chintan,
yes and no.
In the context of AWS a NAT gateway or NAT instance is explicitly for the purpose of allowing instances in a private subnet out to the Public / Internet (or some reletivelly less secure environment). [That is the No part ]
[This is the Yes part]
If you want to access a device in a private subnet from a Public environment you need to use the correct service to proxy the traffic.
The AWS service that you would use would be an ELB. There is specific design doco to have an ELB pass traffic to an instance farm in a Private subnet. This is what I would look to use if you have the need.
If you want to build your own you could build an application proxy on an EC2 instance to forward the traffic.
Or use a variation of the generic NAT technology to pass the traffic.
Note that "NAT" is not a proprietary AWS name or service. NATs have been in use for decades and not all are so specific in their function. You might way that the AWS NAT is a subset of the class ‘NAT’ – https://en.wikipedia.org/wiki/Network_address_translation
I hope that helps you
Rusty
Moderator
Hi Rusty, Thank you for the quick reply and sharing the details. Thanks & Regards,