Recently Viewed Topics
This section demonstrates an example of NNMNessus Network Monitor running on a virtual machine functioning as a NAT gateway instance within an Amazon Web Services Virtual Private Cloud (VPC).
In the examples used in the instructions for setting up a NAT gateway, the VPC NNM-Deployment-VPC was created, which has the network range 10.240.0.0/16. Additionally, the virtual machine instance NNM-Deployment-NAT was created in the NNM-Deployment-Public subnet to function as the NAT gateway. In this example, three other virtual machine instances were created within the NNM-Deployment-Private subnet. None of the virtual machine instances in NNM-Deployment-Private are assigned an external IP address and all outgoing traffic is routed through NNM-Deployment-NAT.
In this example, there are four virtual machine instances within NNM-Deployment-VPC:
|VM Instance Name||Internal IP||Has External IP?|
NNM is running on NNM-Deployment-NAT and has the following configuration:
|Monitored Network Interfaces||eth0|
|Monitored Network IP Addresses and Ranges||10.240.0.0/16|
With this configuration, NNM will monitor traffic
- from the internal virtual machine instances to the Internet,
- between NNM-Deployment-NAT and the internal virtual machine instances,
- from the Internet to internal virtual machine instances if you have enabled port forwarding on the NAT gateway to make them Internet accessible,
and between NNM-Deployment-NAT and the Internet.
Note: Due to the design of the hypervisor used by Amazon for running all virtual instances, traffic not addressed to a virtual instance can't be sniffed by the virtual instance. As a result, NNM can't monitor traffic between other virtual instances.