Introduction

This tutorial will show you how to secure your cloud infrastructure by setting up firewall on AWS EC2 instance & restrict SSH access to CloudLAN room users.

Prerequisites

To follow this tutorial, you will need:

  • Simply5 CloudLAN account
  • AWS account

Get Static IP

Login to CloudLAN & connect to the room with Team VPN.

Copy the Team's Static IP displayed after connecting to the room

New EC2 instance

  • Click on Launch Instance in EC2 console
  • Choose you EC2 instance configuration as required.
Configure security groups step

In Configure Security Group step

  • Create new security group
  • Name security group appropriately, "Company CloudLAN access"
  • Add all the service types to be allow to the server
  • Under source, select custom from the dropdown
  • Enter the Team Static IP & add /32 to the end of the IP
  • Click Review and Launch

Once the Instance is created you will be able to securely connect to it only through CloudLAN.

Existing EC2 instances

  • Go to EC2 Dashboard
  • Under Network & security tab, click on Security group
  • Create security group & input necessary details
  • Inbound rules add the rules as shown below, this allows all access to the server through you CloudLAN room, create the rule.
Create security group
  • Go to Instances, right-click on Instance which you want to apply the new rule, Networking -> Change security group
  • Remove the old security group
  • Select new security group created & click Save

Now you have successfully configured the EC2 instance to be accessible only from your CloudLAN room.

Note : Make sure you are connect with Team VPN ON to access secure servers.