Debian Nat instance on AWS

If you want to use the last debian jessie as a Nat inside your AWS VPC, you can do the following :

  1. Create an ec2 instance using the last Debian Jessie AMI : ami-e079f893 (for eu-west-1), more images here.
  2. Disable NAT ec2 resource destination check (using the interface) or using aws cli :

     
  3. Inside your VPC private routing tables add a line to specify when to use this nat ec2 instance for routing purposes.
  4. Add a security group to your nat instance that allow traffic from your private subnets.
  5. Connect to your nat ec2 instance and add this line to /etc/sysctl.conf file :
  6. Enable it and verify :

     
  7. Allow Nat on ip tables (for example, in my case i want to Nat all traffic from subnet 10.1.2.0/24 through my debian ec2 nat instance) :

     
  8. To persist the precedent rule, modify /etc/rc.local like this :