AnsweredAssumed Answered

src/dst check for RDS instances in AWS

Question asked by Ryan St. Germain on Mar 1, 2018

Hi there,

 

As you know when deploying CloudGuard in AWS, you must turn off src/dst check. When dealing with RDS instances you cannot turn this option off. It looks like the only way a server behind a CloudGuard gateway can access an RDS instance on a different subnet is to create a NAT rule nat'ing the src IP to that of an IP on the same subnet as the RDS instance. 

 

Is this true? Or is there another way?

 

Thx,

 

Ryan

Outcomes