TOC & Recently Viewed

Recently Viewed Topics

Example Deployment

This section demonstrates an example of NNMNessus Network Monitor running on a virtual machine functioning as a NAT gateway instance within a Google Cloud Platform Compute Engine legacy network.

In the examples used in the instructions for setting up a NAT gateway, the Compute Engine legacy network gce-network was created, which has the network range 10.240.0.0/16. Additionally, the virtual machine instance nat-gateway was created to function as the NAT gateway in gce-network. In this example, three other virtual machine instances were created with the --no-address flag and bound to the tag no-ip, so none of the virtual machine instances are assigned an external IP address and all outgoing traffic is routed to nat-gateway. as a result of the no-ip-internet-route rule that was created.

In this example, there are four virtual machine instances within gce-network:

VM Instance Name Internal IP Has External IP?
nat-gateway 10.240.0.2 Yes
example-instance 10.240.0.3 No
centos-instance 10.240.0.4 No
windows-instance 10.240.0.5 No

NNM is running on nat-gateway and has the following configuration:

Configuration Parameter Value
Monitored Network Interfaces eth0
Monitored Network IP Addresses and Ranges 10.240.0.0/16

With this configuration, NNM monitors traffic:

  • from the internal virtual machine instances to the Internet,
  • between nat-gateway and the internal virtual machine instances,
  • and between nat-gateway and the Internet.

Note: The routing of packets destined for the gce-network legacy network cannot be changed. As a result, there is no way to configure forwarding of traffic between two internal virtual machine instances through nat-gateway.

Copyright (missing or bad snippet) Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.