# Bastion (Jump) Host Setup for Secure Remote Access Use a Bastion (Jump) Server to access internal resources within a private network securely. This acts as a controlled gateway for administrative tasks, reducing exposure of backend servers to the public internet. In this use case, we demonstrate how NeevCloud enables secure cloud networking by implementing a Virtual Private Cloud (VPC) along with a Jump Server for secure administrative access. This setup ensures enhanced security, controlled access, and an isolated environment suitable for hosting web applications.

## Step-by-Step Implementation ## Step 1: Create a Private Network * **Navigate to**: `Networking > Network` In the NeevCloud portal. * **Action**: * Provide a name for the network. * Set CIDR to `10.0.5.0/24`. * Leave other options at the default and create the network.

## Step 2: Deploy a Router * **Navigate to**: `Networking > Routers`. * **Action**: * Create a router and a name. * Set the external gateway to the Public Networ**k**.

* Now, click on the add interface and add the private network (`10.0.5.0/24`) as an interface.

## Step 3: Launch Cloud Instance Now, back to the neevcloud dashboard and click on the server section to create a cloud server * **App Servers:** * Launch instance with private IPs assigned. * Assign them to the private VPC. * Avoid attaching to the public network. {% hint style="info" %} Note: To launch an instance, you must select a network from the Private Network section {% endhint %} To launch a [server ](https://docs.neevcloud.com/neevcloud-products/computes/getting-started-launch-vms)

Let's verify whether the server has been assigned a private IP address.

* **Jump Server:** * Launch one more instance and assign it to the private network. * Avoid attaching the public network to maintain restricted access. * Assign a floating IP for external access.

Once the Jump Server is successfully launched, allocate the assigned Floating IP to it ## Step 4: Allocate and Associate Floating IPs * **Navigate to**: `Networking > Floating IPs`. * **Action**: * Allocate floating IPs from the public IP pool:

Now go back to the Jump Server, click on the Networking section, and assign the Floating IP. Associate: * **Floating IP:** Linked to the Jump Server for secure external access.

The IP has been assigned.

## Access Jump server ``` cd Downloads ``` ``` ssh -i your-key.pem ubuntu@your-jump-server-ip ```

{% hint style="info" %} Once the jump server is set up and accessible, you can use it as a secure gateway to connect to the application server. {% endhint %} Now, access your private App server. Here you can access your server using a password or an SSH key Now, set the password for your private server

Now, copy your server IP address (private IP). Now, back to the Jump server and access your server ``` ssh username@Private-server-ip ```

Network connectivity has been successfully established using the command executed. ``` ping 8.8.8.8 ```

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.neevcloud.com/neevcloud-products/security/bastion-jump-host-setup-for-secure-remote-access.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.