EC2 instance created with public IP, but unable to access over HTTP

0

Created an EC2 instance, having a VPC with attached Internet gateway, Security groups with inbound rule to allow any traffic fro HTTP, HTTPS and having all traffic allowed for outbound rule. internet gateway created, attached to VPC using, and add it to the route table too.

But even after successful launch, instance is unreachable when hitting the assigned public ip from browser. Also when used to connect the instance from "CONNECT" button , getting console opened but later errors out with message:

EC2 Instance Connect is unable to connect to your instance. Ensure your instance network settings are configured correctly for EC2 Instance Connect. For more information, see Set up EC2 Instance Connect at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-set-up.html.

Any pointers are highly appreciated.

3 Answers
0

Is your NACL open to all outbound, or at least has the full ephemeral port range allowing responses? Does your route table have a default route for all traffic to the IGW?

answered a month ago
  • Strangely the issue got resolved when I added an entry in route table - destination = 172.31.0.0/16, Target=Local

    Earlier I was having entry as - destination = 10.0.0.0/16 and Target = Local

    Not sure why It needs an entry for destination = 172.31.0.0/16. My EC2 is in region US-EAST-1 and AZ 1d

0

Hi - Please ensure that proper security groups, nacls and ports are allowed. Also when trying to hit using http do you have something running against which you would expect an answer, please cross check that. If you are going to use EC2 Instance Connect to connect to an instance, you need to configure every instance that will support a connection using Instance Connect (this is a one-time requirement for each instance) [2]

References

  1. https://aws.amazon.com/premiumsupport/knowledge-center/ec2-connect-internet-gateway/
  2. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-set-up.html
  3. https://aws.amazon.com/premiumsupport/knowledge-center/vpc-fix-connection-with-elastic-ip/
profile picture
EXPERT
answered a month ago
0

I have verified - security groups, nacls and ports are allowed.

Also when I create a EC2 instance, I always get value for "Auto-assign public IP" as disabled but when checked with another account, it is always enabled. I choose to edit network config and choose existing VPC and the same VPC is attached to Internet Gateway. The entry in ACLs and Route tables are having HTTP, HTTPS and SSH rules.

Not sure what is messed up.

answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions