Which of the following must be done for the custom NAT …

An EC2 instance that performs source/destination checks by default is launched in a private VPC
subnet. All security, NACL, and routing definitions are configured as expected. A custom NAT
instance is launched.
Which of the following must be done for the custom NAT instance to work?

An EC2 instance that performs source/destination checks by default is launched in a private VPC
subnet. All security, NACL, and routing definitions are configured as expected. A custom NAT
instance is launched.
Which of the following must be done for the custom NAT instance to work?

A.
The source/destination checks should be disabled on the NAT instance.

B.
The NAT instance should be launched in public subnet.

C.
The NAT instance should be configured with a public IP address.

D.
The NAT instance should be configured with an elastic IP address.

Explanation:
Each EC2 instance performs source/destination checks by default. This means that the instance
must be the source or destination of any traffic it sends or receives. However, a NAT instance
must be able to send and receive traffic when the source or destination is not itself. Therefore,
you must disable source/destination checks on the NAT instance.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html#EIP_Disab
le_Src DestCheck

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

Unnat

Unnat

Answer A is correct.

But B also seems to be correct.

B.
The NAT instance should be launched in public subnet.

Can any body explain here ?

Reply