NavigationContentFooter
Jump toSuggest an edit

Public Gateways - Quickstart

Reviewed on 10 December 2024Published on 26 May 2021

Public Gateways sit at the border of Private Networks and provide extra functionality. They provide features like SSH bastion, and services to deal with traffic entering and exiting the network (NAT). You can add a Public Gateway to each of your Private Networks.

Before you start

To complete the actions presented below, you must have:

  • A Scaleway account logged into the console
  • Created a Private Network

How to create a Public Gateway

  1. Click Public Gateways in the Network section of the side menu.

  2. Click Create Public Gateway to launch the Public Gateway creation wizard.

  3. Complete the following steps in the wizard:

    • Choose an Availability Zone, which is the geographical location in which your Public Gateway will be created. Note that in order to attach a Public Gateway to a Private Network, the gateway must be in an Availability Zone within the Private Network’s region.
    • Choose a Public Gateway Type, which impacts the pricing and bandwidth of your gateway.
    • Choose a public IP. You can choose to assign one of your existing flexible IPs to your Public Gateway, or create and assign a new public IP.
    • Choose a Name for your Public Gateway, and, optionally, tags.
      Note

      The resource name can only include alphanumerical characters and dashes.

    • Verify the Estimated Cost of your Public Gateway, based on the specifications you chose.

  4. Click Create Public Gateway to finish.

    Your Public Gateway is created and you are redirected to the Public Gateways dashboard, where your newly-created Public Gateway now displays.

How to attach your Public Gateway to a Private Network

  1. Click Public Gateways in the Network section of the side menu.

  2. Click the Public Gateway that you want to attach to a Private Network. You are taken to the Overview page for that Public Gateway.

  3. Click the Private Networks tab. A list of Private Networks attached to the Public Gateway displays.

  4. Click Attach to a Private Network to attach a new Private Network to the Public Gateway. A pop-up displays.

  5. Select an existing Private Network from the list, or select Create a new Private Network.

    Note

    Only Private Networks which are in the same region as the Public Gateway are displayed in this list.

  6. Choose whether to auto-allocate an available IP from the pool (the CIDR block defined at the time of creating the Private Network), or use a reserved IP address for the attachment.

  7. Use the toggle «Toogle Icon» to tell the gateway whether or not it should advertise the default route to the internet for attached resources.

  8. Click Attach to Private Network to finish. You are taken back to the Private Networks tab, where the network you attached now appears, along with the services configured and the IP address of the Public Gateway.

    Your Private Network is now attached to your Public Gateway. You can repeat the steps above to attach more Private Networks to the same Public Gateway if you wish.

How to activate SSH bastion

When you activate SSH bastion on your Public Gateway, all SSH keys held in your Project are imported to the SSH bastion. This provides a single point of entry to Instances and other resources behind the bastion, allowing you to connect to them via the Public Gateway, instead of via their public IP addresses.

  1. Click Public Gateways in the Network section of the Scaleway console side menu.

  2. Click the Public Gateway for which you want to activate SSH bastion. You are taken to the Overview page for that Public Gateway.

  3. Under SSH Bastion, click the Activate button. A pop-up displays.

  4. Enter the port that you want your SSH bastion to listen on (or leave the default port in place).

    Tip

    The default port is 61000. When setting your own port, you must choose a port number between 1024 and 59999. The port that the SSH bastion listens on must not be a port already in use by a NAT rule.

  5. Copy the command to connect to a resource, and click Save SSH bastion settings.

    You are redirected to your Public Gateway’s Overview page, where SSH bastion is now activated. All the SSH keys in your Project credentials at the time of activation are copied to the SSH bastion. The command to use to connect to resources behind the bastion is displayed. See the SSH bastion documentation for further help.

Was this page helpful?
API DocsScaleway consoleDedibox consoleScaleway LearningScaleway.comPricingBlogCareers
© 2023-2024 – Scaleway