0

I have 2 EC2 instances - one in public subnet one in private.

I need both of them to access a service via public ip and port forwarding on Mako router.

Mako router port forwards port 552 to local 192.168.. ip

I set up firewall rules on Mako router that whitelists 2 public IPs - one of the EC2 instance in public subnet and NAT Gateway public IP (was also able to confirm it is the Internet ip from the instance in private subnet via dig myip.opendns.com @resolver1.opendns.com

curl from EC2 instance in public subnet works
curl from EC2 instance in private subnet doesn't

Endpoint I am hitting is rtsp://admin:password@123.123.123.123:552/Streaming/Channels/2

Any thoughts? What might be wrong? Advise on troubleshooting/mitigation?

Anton Teterine
  • 17
  • 4
  • Can the private instance access other resources on the Internet (eg `curl google.com`)? – John Rotenstein Jul 13 '21 at 02:28
  • @JohnRotenstein yes, that part is pretty standard with no obvious SGs or ACLs that might prevent it. If I remove IP filtering for the destination and allow all IPs to communicate, it works fine. Also, if I have the same instance, but in public subnet (with exact same configs and NSGs) it works fine as well. – Anton Teterine Jul 13 '21 at 15:41
  • If it works fine when you remove IP filtering, then the problem lies with that IP filtering. – John Rotenstein Jul 13 '21 at 22:24

0 Answers0