Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Ping private IP results in 100% packet loss

0

Hi AWS, I have two servers i.e.

  1. OpenVPN Server
  2. Private EC2 server

I am trying to ping IP address of the private EC2 server from OpenVPN server but getting 100% packet loss.

The configuration of both the instances are as follows:

  1. Both of them are using a same VPC and same public subnet.
  2. The Security Group for OpenVPN Server has outbound to the Security Group of Private instance and the Security Group of Private Instance has an Inbound to the Security Group of the OpenVPN server.

Am I missing something when it comes to the configuration of any of the Instance. Please let me know.

Error Screenshot

  • Arthur Lopes
    9 mesi fa

    Please share your security groups configurations.

Argomenti
Networking e distribuzione di contenutiComputazionali
Tag
Amazon VPCAmazon EC2Gruppo di sicurezza
Lingua
English
profile picture
Arjun
posta 9 mesi fa355 visualizzazioni
2 Risposte
0

Hi Arjun, the simplest way to check if it is an issue with your AWS configuration is using the Reachability Analyzer. It will simulate the packet flow and you can see if for example your security groups are wrongly configured.

profile pictureAWS
Luca Schumann
con risposta 9 mesi fa
profile pictureAWS
ESPERTO
Didier_Durand
verificato 9 mesi fa
  • Arjun
    9 mesi fa

    Hey Luca Schumann, sorry I am not aware how to use the tool and I need to resolve this little urgently. I hope you understand what I mean. Can you help me in figuring out if I missed anything while doing configuration?

  • Didier_Durand ESPERTO
    9 mesi fa

    Agreed, Reachability Analyzer is recommended tool to fix such issue(s) probably related to routing tables or sec groups.

    This video may help you if you want to use it: https://www.youtube.com/watch?v=T9k8PD3YXAw

  • Arjun
    9 mesi fa

    Hey Luca Schumann, in case I have to check if one instance is pinging another instance or not, how to check it via VPC Reachability Analyzer as it only has two protocols option i.e. TCP and UDP. Can you please help me in figuring out this?

  • Luca Schumann
    9 mesi fa

    I would use the port and protocol that you will be using for communication between the two instances (e.g. TCP 80). Let me know what the result is.

  • Arjun
    9 mesi fa

    This is what I got after I selected port 80 and protocol as TCP to check the ping from OpenVPN to private EC2 server. Attaching the screenshot for your reference:

0

Enter image description here

profile picture
Arjun
con risposta 9 mesi fa
  • Luca Schumann
    9 mesi fa

    Are you allowing port 80 TCP on the private-server security group inbound rules? Do it and try the path analysis again. Make sure you reference the openvpn security group as source. The path should then be green. Once the path is green, just add the same rules for ICMP to the security groups and you should be able to ping.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente