john-auld/aws-ec2-nat-example.md

Created March 6, 2019 11:54

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/john-auld/d4f3cfcbec5ca568bdf8f95867833841.js"></script>
Save john-auld/d4f3cfcbec5ca568bdf8f95867833841 to your computer and use it in GitHub Desktop.

Example of using an EC2 instance to proxy LDAPS on an AWS managed Domain Controller

Raw

    EIP <--> (EC2 Instance) <--> (AWS AD DC with ldaps enabled)
cat ldaps_iptables
#!/bin/sh

sysctl -w net.ipv4.ip_forward=1

iptables -F
iptables -t nat -F
iptables -X

MY_IP=10.10.10.2
LDAPS_HOST_A=10.200.2.2
LDAPS_HOST_B=10.300.2.2

LDAPS_HOST=${LDAPS_HOST_A}

iptables -t nat -A PREROUTING -p tcp --dport 636 -j DNAT --to-destination ${LDAPS_HOST}
iptables -t nat -A POSTROUTING -p tcp --dport 636 -j MASQUERADE
iptables -t nat -A POSTROUTING -p tcp -d ${MY_IP} --dport 636 -j SNAT --to-source ${LDAPS_HOST}

  