rengokantai / psawsvpcop Goto Github PK

#####3 ######starting wizard for 10.0.0.0/16 first2=network address, last2 = device address.
######3 vpc are per region.
IP CIDR 10.1.0.0/16
public 10.1.0.0/24
Availability Zone:us-east-1a

private 10.1.1.0/24
Availability Zone:us-east-1a(same)

instance type: m1.small ######6 Revireing your vpc vpc->subnets->choose public subnet->subnet actions->modify aa public IP->enable

#####4 ######5build two subnets 10.0.0.0/16--10.0.1.0/24(pub)--10.0.2.0/24(pri)(same az us-east-1)

#####5 ######3 create a new route table for public subnet: add destination 0.0.0.0/0, target=igw
######8 add NAT instance search NAT HVM in marketplace(community ami)
create security group: add HTTP, port80,source CustomIP, address=private(10.0.2.0/24)
add HTTPS, port443,source CustomIP, address=private(10.0.2.0/24)
create a route table for private subnet, add a route, 0.0.0.0/0, target=nat instance #####6 ######4 implementing secirity groups(stateful) create->port2375 source=10.0.2.0/24 (connect to nat instance)
change security groups in EC2->network instance ######5 NACL explicit DENY explicit ALLOW stateless
one NACL per subnet. rule processing stops upon match.20 rules per NACL
######6 when creating a vpc,a nacl will be created

#####8 ######2 vpc peering Two vpc must be in same region. Do not overlap CIDR blocks.Ex
vpc1:cidr 10.0.0.0/16
vpc2:cidr 172.1.0.0/16 ######3 update routing table (1:20) Add to first VPC's public subnet. destination:vpc2CIDR target: pcx Add to second VPC's public subnet. destination:vpc1CIDR target: pcx

#####9 ######4 configuring aws vpn customer gateways->create->routing(static)->ip address
create vpG->attach to vpc 10.0.0.0/16
vpn connections->routing options(static)->static ip prefixes(10.1.0.0/16)