Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

webpage not accessible via Elastic IP on EC2

0

I have an windows EC2 instance in public subnet with a dynamic public IP and a private IP..it has a IIS server running and listening on 0.0.0.0:0 and [::]:0 ..when I try to access the webpage on the dynamic public IP it is working ..but when I attached an Elastic IP to the EC2 instance the webpage is not accessible over the Elastic IP. I rebooted the instance but it didn't work. Interestingly when I switch back to dynamic public IP the website is still accessible. Please help me with this.

Topics
Machine Learning & AIComputeNetworking & Content Delivery
Tags
Amazon VPCAmazon EC2Amazon Elastic InferenceWindowsNetworking & Content Delivery
Language
English
asked 2 years ago919 views
4 Answers
2

Hlo,

Check Security Group Settings: Ensure that the security group associated with your EC2 instance allows inbound traffic on port 80 (HTTP) and/or port 443 (HTTPS) from any source (0.0.0.0/0 or specific IP ranges you want to allow). Sometimes, when attaching an Elastic IP, the security group rules might need to be adjusted to allow traffic from the Elastic IP.

Verify Elastic IP Association: Double-check that the Elastic IP is correctly associated with your EC2 instance. You can do this in the AWS Management Console by navigating to the EC2 dashboard, selecting "Elastic IPs" from the left sidebar, and verifying that the Elastic IP is associated with the correct instance.

Check Network ACLs: If you're using network ACLs in your VPC, ensure that they allow inbound and outbound traffic on the necessary ports (such as port 80 and/or port 443) for your EC2 instance's subnet.

Review IIS Configuration: Ensure that your IIS server is configured to listen on the Elastic IP address. Sometimes, servers may be configured to listen only on specific IP addresses, which may need to be updated when switching to an Elastic IP.

Check Windows Firewall: Verify that the Windows Firewall on your EC2 instance allows inbound traffic on port 80 and/or port 443.

**Restart IIS Service: **Sometimes, restarting the IIS service can resolve connectivity issues. You can do this by opening a Command Prompt or PowerShell window on your EC2 instance and running the command: iisreset.

Monitor System Logs: Check the system logs on your EC2 instance for any error messages or warnings that may indicate why the web server is not accessible via the Elastic IP.

Verify Route Table: Ensure that the route table associated with your subnet includes a route for internet-bound traffic (0.0.0.0/0) pointing to the internet gateway.

Usefull Document:

https://repost.aws/knowledge-center/ec2-instance-hosting-unresponsive-website

EXPERT
answered 2 years ago
1

Hello.

What are your IIS binding settings?
Is your bind configuration configured to allow ElasticIP addresses?
https://stackoverflow.com/questions/67498491/cant-access-ec2-webapp-from-the-web

EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
  • DeepakPuri
    2 years ago

    below is my site binding configuraiton : SITE "Default Web Site" (id:1,bindings:http/:80:,net.tcp/808:,net.msmq/localhost,msmq.formatname/localhost,net.pipe/*,state:Started)

  • Riku_Kobayashi EXPERT
    2 years ago

    Will I be able to connect if I add the Elastic IP address directly to the bind configuration?

1

Hello Deepak,

Your EC2 website works with the dynamic IP but not the Elastic IP? Classic case of security group misconfiguration.

  1. Check your instance's security group. Ensure an inbound rule allows HTTP traffic (port 80) from "Anywhere (0.0.0.0/0)" for the Elastic IP address. This likely wasn't set for the dynamic IP range.

  2. Verify your subnet's route table has a route for internet traffic (0.0.0.0/0) pointing to the internet gateway. This ensures proper traffic flow.

Here i am with AWS Documentation for Security group configurations: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html

EXPERT
answered 2 years ago
1

You can only connect to the private Ip if you are able to route into the VPC. Are you connecting via VPN or another means?

EXPERT
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content