Ends in
00
hrs
00
mins
00
secs
SHOP NOW

⏲️ 24-Hour Bonus Sale: Get eBooks for as LOW as $2.99 each and enjoy 25% OFF on any product. Use Coupon code: TD-NY2025

Find answers, ask questions, and connect with our
community around the world.

  • toti

    Member
    January 5, 2025 at 1:53 am

    Considering the use of IGW for inbound and outbound traffic control, it is stated that, in one of the wrong answers, IGW does not control outbound traffic when attached to a public subnet hosting an EC2. Can someone please clear that for me?

    Here is the option,

    The option that says: Launch the EC2 instance to a public subnet and attach an Internet Gateway to the VPC to allow outbound IPv6 communication to the internet. Use Traffic Mirroring to set up the required rules for traffic inspection and traffic filtering is incorrect because an Internet Gateway does not limit or control any outgoing IPv6 connection. Take note that the requirement is to prevent the Internet from initiating an inbound IPv6 connection to your instance. This solution allows all kinds of traffic to initiate a connection to your EC2 instance hence, this option is wrong.”

    looking at just the part about IGW, I am confused because i googled my question and found this,

    Yes, an Internet Gateway (IGW) in AWS allows you to control both inbound and outbound communication between your VPC and the public internet,..”

    Please and Thank You,

    • This discussion was modified 1 week, 5 days ago by  toti. Reason: Mentioned my name and changed my mind about it
    • This discussion was modified 1 week, 5 days ago by  toti. Reason: HTML stuff
  • Neil-TutorialsDojo

    Member
    January 6, 2025 at 10:31 am

    Hello Toti,

    Good day!

    Thank you for posting here. Attaching an Internet Gateway to the VPC enables communication between instances in your VPC and the Internet, supporting both IPv4 and IPv6 traffic. When an Internet Gateway is attached to a VPC, it allows instances in public subnets to communicate with the Internet, facilitating both inbound and outbound traffic. However, the security policy requires that inbound IPv6 connections from the Internet be blocked. Simply attaching an Internet Gateway does not provide this level of control without additional configuration.

    To fully meet these requirements, you would need to implement significant additional configurations. This makes using an Internet Gateway more complex compared to using an Egress-Only Internet Gateway and AWS Network Firewall, which can meet the requirements with less configuration.

    I hope this clarifies things.

    Thank you.

    Regards,

    Neil @ tutorials dojo

  • toti

    Member
    January 11, 2025 at 3:03 am

    Thank you very kindly. I think you’ve cleared it for me and if i understood you correctly, i should pay attention to where the instances in the vpc are placed, a public subnet or a private one, that will determine whether inbound or outbound is allowed.

    Thank You.

    • Neil-TutorialsDojo

      Member
      January 13, 2025 at 9:23 am

      Hello Toti,

      Good day!

      You’re most welcome. Please don’t hesitate to reach out if you ever need assistance or have any questions—we’re always happy to help.

      Best regards,
      Neil @ Tutorials Dojo

Viewing 1 - 3 of 3 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now
Skip to content