Which of the below mentioned entries is not required for the NAT security group?

By:
On:
In: SOA-C01
Tagged:
With: 0 Comments
A user has created a VPC with public and private subnets.The VPC has CIDR 20.0.0.0/16.The private subnet uses CIDR 20.0.1.0/24 and the public subnet usesCIDR 20.0.0.0/24.The user is planning to host a web server in the public subnet (port 80.and a DB server in the private subnet (port 3306).The user is configuring a security group of the NAT instance.

Which of the below mentioned entries is not required for the NAT security group?

For Inbound allow Source: 20.0.1.0/24 on port 80

For Outbound allow Destination: 0.0.0.0/0 on port 80

For Inbound allow Source: 20.0.0.0/24 on port 80

For Outbound allow Destination: 0.0.0.0/0 on port 443

Explanations:

The NAT instance needs to allow inbound traffic from the private subnet (20.0.1.0/24) on port 80 for web server communication.

The NAT instance needs to allow outbound traffic to the internet (0.0.0.0/0) on port 80 to enable web traffic for the private subnet.

The NAT instance does not need to allow inbound traffic from the public subnet (20.0.0.0/24) on port 80, as the public subnet is directly accessible for web traffic.

The NAT instance may need to allow outbound traffic to the internet (0.0.0.0/0) on port 443 for secure connections, such as HTTPS.

Leave a Reply

Your email address will not be published. Required fields are marked *

11 − eleven =