Certified Security - Specialty

Sign Up Free or Log In to participate!

White List an instance in Private Subnet

I have couple of tomcat servers running in my private subnet and our third party vendor wants to white list the traffic originating from this private instance.  I have configured the NAT Gateway for this private subnet , so my question is should I give the elastic ip address of the NAT gateway for white listing? By doing so will the third party vendor be able to allow the traffic?

1 Answers

Yes provide the elastic ip address, because the NAT will translate all your private IPs into that elastic IP. Therefore when traffic originates from your private instances, they look like they came from the elastic IP out in the open internet.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?