We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Configure AWS Route Tables for Firewalls with Multiple Network Interfaces

  • Last updated on

AWS Reference Architectures

This article is used in the following AWS reference architectures:

Before You Begin

Step 1. Create an AWS Route Table

Create an AWS route table for each private subnet.

  1. Log into the AWS console.
  2. Click Services and select VPC.
  3. In the Virtual Private Cloud section of the left menu, click Route Tables.
  4. Click Create Route Table. The Create Route Table popover opens.
    aws_multnic_routtable_01.png
  5. Configure the route table:
    • Name tag – Enter the name for the route table.
    • VPC – Select the VPC from the list.
    aws_multnic_routtable_02.png
  6. Click Yes, Create

Step 2. Associate the Private Subnet with the Route Table

If the subnet is not explicitly associated with a route table, the main route table for the VPC is used.

  1. Log into the AWS console.
  2. Click Services and select VPC.
  3. In the Virtual Private Cloud section of the left menu, click Route Tables.
  4. Select the route table created in step 1.
  5. In the lower half of the screen, click on the Subnet Associations tab.
    aws_multnic_routtable_03.png
  6. Click Edit.
  7. Select the subnet you want to associate with this route table.
  8. Click Save.
    aws_multnic_routtable_04.png

The private subnet is now associated with the route table.
aws_multnic_routtable_05.png

Step 2. Add a Default Route with the Network Interface of the Firewall as the Target

Locate the elastic network interface identifier (eni-12345678) for the network interface in this subnet. Click on the network interface in the Description tab of the firewall instance to retrieve the ID.
aws_multnic_routtable_06.png  

  1. Log into the AWS console.
  2. Click Services and select VPC.
  3. In the Virtual Private Cloud section of the left menu, click Route Tables.
  4. Select the route table created in step 1.
  5. In the lower half of the screen, click on the Routes tab.
  6. Click Edit.
    aws_multnic_routtable_07.png
  7. Click Add another route.
  8. Configure the route:
    • Destination – Enter 0.0.0.0/0.
    • Target Enter the ID for the firewall network interface located in this subnet.
    aws_multnic_routtable_08.png
  9. Click Save.

All traffic leaving the VPC from the associated subnet is now sent through the firewall. The status of the route must be Active.

aws_multnic_routtable_09.png

Last updated on