...
Recommended way to connect the Charon host and Solaris guest systems to the customer network:
...
Recommended way to connect the Solaris guest system to the Internet:
...
Access to the Internet from private VPC subnets or a Solaris guest system with only private IP addresses:
Access to the Internet for private VPC subnets is possible across a gateway instance providing VPN access to the customer network and allowing (NATted) Internet access via this path. Alternatively, a NAT gateway in the cloud can be used to map the private addresses to public addresses. The NAT gateway can be implemented on a Charon host system or it can be provided by AWS for a charge.
Direct Solaris guest access to the Internet:
This is not a recommended as a standard solution for security reasons. Should it be required for some reasons, two interfaces with public IP addresses can be assigned to the Charon host. One of these interfaces is then dedicated to to the guest system which uses the private address interface address assigned by AWS and the MAC address of the interface assigned address assigned to the Charon host by AWS (similar to point 2 in section Host to Guest Communication Considerations above). In addition correct routing for both interfaces has to be configured (separate routing tables).
Using a Charon host system as a Router
...