# Bastion (Jump) Host Setup for Secure Remote Access Use a Bastion (Jump) Server to access internal resources within a private network securely. This acts as a controlled gateway for administrative tasks, reducing exposure of backend servers to the public internet. In this use case, we demonstrate how NeevCloud enables secure cloud networking by implementing a Virtual Private Cloud (VPC) along with a Jump Server for secure administrative access. This setup ensures enhanced security, controlled access, and an isolated environment suitable for hosting web applications.

## Step-by-Step Implementation ## Step 1: Create a Private Network * **Navigate to**: `Networking > Network` In the NeevCloud portal. * **Action**: * Provide a name for the network. * Set CIDR to `10.0.5.0/24`. * Leave other options at the default and create the network.

## Step 2: Deploy a Router * **Navigate to**: `Networking > Routers`. * **Action**: * Create a router and a name. * Set the external gateway to the Public Networ**k**.

* Now, click on the add interface and add the private network (`10.0.5.0/24`) as an interface.

## Step 3: Launch Cloud Instance Now, back to the neevcloud dashboard and click on the server section to create a cloud server * **App Servers:** * Launch instance with private IPs assigned. * Assign them to the private VPC. * Avoid attaching to the public network. {% hint style="info" %} Note: To launch an instance, you must select a network from the Private Network section {% endhint %} To launch a [server ](https://docs.neevcloud.com/neevcloud-products/computes/getting-started-launch-vms)

Let's verify whether the server has been assigned a private IP address.

* **Jump Server:** * Launch one more instance and assign it to the private network. * Avoid attaching the public network to maintain restricted access. * Assign a floating IP for external access.

Once the Jump Server is successfully launched, allocate the assigned Floating IP to it ## Step 4: Allocate and Associate Floating IPs * **Navigate to**: `Networking > Floating IPs`. * **Action**: * Allocate floating IPs from the public IP pool:

Now go back to the Jump Server, click on the Networking section, and assign the Floating IP. Associate: * **Floating IP:** Linked to the Jump Server for secure external access.

The IP has been assigned.

## Access Jump server ``` cd Downloads ``` ``` ssh -i your-key.pem ubuntu@your-jump-server-ip ```

{% hint style="info" %} Once the jump server is set up and accessible, you can use it as a secure gateway to connect to the application server. {% endhint %} Now, access your private App server. Here you can access your server using a password or an SSH key Now, set the password for your private server

Now, copy your server IP address (private IP). Now, back to the Jump server and access your server ``` ssh username@Private-server-ip ```

Network connectivity has been successfully established using the command executed. ``` ping 8.8.8.8 ```