I've already created the NAT device as instructed by AWS site. Disabled source checking. Create Security Group to allow proxy (in public subnet) to access the internet via 0.0.0.0/0. But still cannot access the internet. The NAT device however managed to access internet.
Any help would be appreciated.
thanks
A NAT server is required for routing traffic from a Private Subnet to the Internet. This is because the private subnet (intentionally) does not have a direct connection to the Internet.
Amazon EC2 instances in the Public Subnet will not use the NAT. They will go directly through the Internet Gateway. The fact that your NAT can access the Internet suggests that this has been configured correctly.
If you have an EC2 instance in your private subnet that cannot communicate with the Internet, check the Route Table entries associated with your private subnet. The Route Table for your private subnet(s) should be different to the Route Table associated with the public subnet(s).
If necessary, add an entry to the Route Table associated with your private subnet to route traffic destined for 0.0.0.0/0 to the NAT server. The resulting destination entry will look like eni-abcd1234 / i-1234abcd. This means the Internet traffic is being routed to the Elastic Network Interface (ENI) on the NAT instance.