Can't connect to my EC2 instance from outside

0

I cant connect to my aws EC2 public ipv4 from outside, can someone help me? I'm trying to connect via http on 80 port (inside EC2 it works, outside not even the ping works) already added inbound and outbound rules to EC2 firewall too There are my configurations 1- VPC resourse map: Enter image description here

2- EC2 inbound and outbound rules Enter image description here

3- subnet route table Enter image description here

4- Network ACL inbound and outbound rules Insira a descrição da imagem aqui

5- Security Group rules: Enter image description here

3 Answers
0

Your screenshots are really helpful (though the images in 2 & 4 are the same - is this an oversight?), they show that you have ports 80, 443 & 3389 open from everywhere to your EC2 instance. So if you can RDP into your EC2 instance from outside then your security groups and routing are all fine, so the reason you can't HTTP to the webserver on port 80 is more lilekly to be something on the EC2 instance itself, such as Windows Firewall.

If you cannot RDP to your EC2 instance then it's likely this is the same root cause as your problems with HTTP.

In addition to security groups, do you have any ACLs set?

This looks like a good use for AWS Reachability Analyzer https://docs.aws.amazon.com/vpc/latest/reachability/getting-started.html https://aws.amazon.com/blogs/aws/new-vpc-insights-analyzes-reachability-and-visibility-in-vpcs/

profile picture
EXPERT
Steve_M
answered a year ago
  • I’ve updated the image 4 (thanks for info) with the rules of my ACL that is set to the subnet. And yes, I can RDP into my EC2, but can’t HTTP. I’ve already created rules for port 80 inside EC2 instance, but I keep without success… I already tried using Reachability Analyzer but don’t get any relevant info, only “Not reachable”.

  • Rule 100 in your inbound and outbound ACLs allow everything, so any rules numbered > 100 are superfluous. Which means it's only security groups we have to look at.

    To recap, from outside you can RDP to the public IP and it works.

    Once RDPed onto the EC2 instance, you can get a response from the webserver on port 80 - I assume this is either from the loopback address 127.0.0.1:80 or the private IP 172.x.y.z:80 ?

    But go back outside and try to hit [public_ip]:80 and there's no response?

    I take it there's no load balancer in between, and all connections go directly to the EC2?

    It sounds like there may be something blocking on the EC2 itself, can you try disabling Windows Firewall (or anything similar) and does that make a difference?

0

Hi! Did you figure out the issue? I am facing the same problem.

AWS
answered a year ago
-1

Hi, it is then very probably either an ip routing or sec group issue with the ip address of your laptop since you can connect from console.

Follow https://medium.com/tensult/unable-to-connect-your-ec2-instance-using-ssh-842f6f6f0d04 to find and fix your problem.

Best,

Didier

profile pictureAWS
EXPERT
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions