By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Public IP as source over transit gateway

0

Is it possible to have a public IP, such as a NAT gateway, be the source IP when using a transit gateway? I have a client who requires a public IP to allow on their firewall within the vpn tunnel; however, my transit gateway has the private IP of my NAT gateway as the source IP.

Current routing: ecs/ec2 (private subnet) --> 0.0.0.0/0 NAT gateway (private route table) --> client-ip/32 transit gateway (public route table) --> vpn tunnel (transit gw route table)

1 Answer
2

If you use a public NAT gateway to connect to a transit gateway or virtual private gateway, traffic to the destination will come from the private IP address of the public NAT gateway. The public NAT gateway will only use its EIP as the source IP address when used in conjunction with an internet gateway in the same VPC.

It's crucial to understand that Transit Gateway primarily deals with private network routing within AWS and to on-premises networks, not with advertising public IP ranges. Public IP addresses in AWS are generally handled by AWS's edge locations and internet gateways.

AWS
answered 23 days ago
profile picture
EXPERT
reviewed 22 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions