Cannot expose internet-facing NLB forwarding traffic to private instance to internet


March 2019


2 time


I have configured a cloud with following configuration

  1. VPC with a public and private subnet in two availability zones. Public subnet has an internet gateway and private subnet has a NAT gateway configured
  2. An internet-facing Network Load Balancer allowing TCP traffic configured in both availability zones
  3. A target group to forward traffic from the load balancer
  4. An EC2 instance in private subnet configured with haproxy listening at port 80. It's security group is configured to accept TCP traffic at port 80 from both the subnets in which NLB is configured
  5. Added this instance to the target group, the status is healthy

When I try to hit the NLB DNS it is giving me 'Connection timed-out' error. I am expecting that when I hit NLB DNS it should forward me to the private instance. I have checked many AWS documents such as this link but still cannot find the resolution to this issue. Please feel free to ask for more information if this is not sufficient.


0 answers