I can not connect to my ec2 instance by ssh, sg port checked


I start my free trial ec2 instance (AMI : amzn2-ami-kernel-5.10-hvm-2.0.20220719.0-x86_64-gp2), and got a public ip address on it , security group rules expose all ports no matter in&outbound even

But i just can not connect to it , i have received "Connection failed" msg in my local pc ssh client, and i also try to connect it by using aws console "EC2 Instance Connect" option to do that, it fail as well. (console msg here) Enter image description here

AND I even stop this ec2 instance and start a new one with totally new config like previous one, but got same result.

By using port scan tool , I found the port 22 is closed, question is that my sg rules open it definitely (console screenshot here) Enter image description here

Finally, I found a stackoverflow question like my situation , this answer maybe the result ? Is my account "isolated" ? Is there anyone could tell me something useful ?

  • Is your EC2 instance in a public subnet? If so, have you checked if your subnet is associated with a route table that has a route to an internet gateway)?

3 Answers
Accepted Answer

Can you try the points below:

  1. Check your internet gateway(IGW)
  2. Is your IGW attached to the right VPC
  3. Check your route table (is the host in question in the right subnet)
  4. Check your network ACL (remember it's not stageful as SG - traffic must be allowed on both directions)
  5. With the Source as IGW & Destination host (port 22), run the Reachability Analyzer and share the result.
profile picture
answered 4 months ago

Have you checked the routing of the EC2 instance ? Have you connected to the Internet Gateway for the traffic to reach the internet and reverse ? The error clearly mentions that there is a network setting missing from the configuration.

profile picture
answered 4 months ago

Thanks guys! The reason of this problem is that I had created a new vpc , and i did not set the "" for igw in the route table of this new vpc , so this ec2 ins can not access internet through this vpc bidirectionally

answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions