1

I started two EC2 instances in an Elastic Beanstalk autoscaling group in a VPC. The app on these EC2 instances needs to connect to a third party service that uses an IP address whitelist to allow access. So I'm using NAT Gateway to have static IPs so they can be added to the whitelist. The third party have already given access to the IPs from the two NAT Gateways I have configured at aws console. But I cant connect yet. On the development environment which accepts any IP connection the app is running ok.

There is a chance that I'm using wrong IP? Which command can I use to know which IP my app is getting in the internet? I did traceroute from the server to the third party service and it didn't showed the NAT Gatewa IP, is this right?

1 Answers1

5

One effective way to independently identify/confirm the source address you're using when going through a NAT device (gateway or instance) is by making an outbound request to a service on the Internet that will respond by identifying the source address from which it saw your request arrive.

One example of such a service...

$ curl icanhazip.com # this the actual URL for the service
203.0.113.9          # example response for IPv4

It is normal not to see the NAT device's outside source address in an outbound traceroute, since that address is typically on the far side of the device you're transiting, and the response -- if one is provided -- will typically be the interface facing back toward you.

Michael - sqlbot
  • 21,988
  • 1
  • 57
  • 81