Prerequisites and Requirements

Using a Netgate® appliance instance to protect VPC subnets requires the following:

  • Setup can take 15 minutes to one hour, depending on the user’s familiarity with the tools.

  • An AWS Account.

  • Familiarity with AWS networking.

  • A VPC.

  • One internet-facing subnet, to which the Netgate appliance instance will have it’s primary/WAN interface connected.

  • One or more private subnets, to which the Netgate appliance instance will have it’s secondary/LAN interface (and possibly additional optional interfaces) connected.

  • Separate routing tables for the internet-facing subnet and the private subnet(s)

  • Separate security groups for the internet-facing subnet and the private subnet(s).

  • An elastic IP address or Public IP address for the WAN interface of the appliance.

For the purposes of this guide, the VPC will contain two subnets (public and private) as well as an Internet Gateway. The end result should look like the following diagram:

../_images/aws-vpc-diagram.png

Architecture Diagram

If all of these are already in place with an existing VPC, feel free to skip ahead to Launching an Instance.