ElasticBeanstalk .NET core application on linux with *ProxyServer* set to "none" not working


Hi folks,

I'm strugling to get rid of nginx proxy in front of our application (which is a YARP proxy in itself, thus doesn't need another reverse proxy). I've set the aws:elasticbeanstalk:environment:proxy ProxyServer option to "none" and I can see from the eb-engine log that the nignx indeed gets disabled. In it's place, eb-engine adds two routes to nat iptable for redirecting port 80 to 5000 (default .NET core http port). I've ssh'd to the instance and confirmed that I can call the app both via localhost(:80) and localhost:5000. Unfortunately, the app doesn't seem to get exposed outside of the instance - ELB healthchecks fail, I can't call it using the instance IP directly (Failed to connect to 10.0.x.y port 80: Connection refused). It works fine with nginx enabled so I would rule out any vpc networking issues. Any ideas what required linux configuration might be missing that prevents the app from getting exposed on the instance?

Thanks, Piotr

asked a year ago397 views
2 Answers


It looks you are trying to bye pass the default nginx proxy used in your application as your application it self capable of doing the proxy stuff. And you were able to disable the nginx and the application was accessible via local host, but it is not getting exposed with instance IP address. We need to inspect Operating System configurations in detail to see whether the ports are properly exposed from your instance.

Typically a netstat output should show if those ports are exposed to outside world.

I would recommend you to open a AWS Support case so that we can try to reproduce it and help you on a best effort basis.

answered a year ago
  • Hi, thanks for your response. I've run the netstat and the output can be found bellow:

    [ec2-user@ip-10-0-144-250 ~]$ netstat -lt
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State
    tcp        0      0 localhost:commplex-main*               LISTEN
    tcp        0      0 localhost:22221*               LISTEN
    tcp        0      0*               LISTEN
    tcp        0      0   *               LISTEN
    tcp        0      0 localhost:smtp*               LISTEN
    tcp6       0      0 localhost:commplex-main [::]:*                  LISTEN
    tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
    tcp6       0      0 [::]:ssh                [::]:*                  LISTEN

    so the app only seeems to get exposed on 5000 in that case


As informed by previous engineer netstat output should show if those ports are exposed to outside world. However, its not the case from the output shared.

To have a better view of the resources/reproduce the issue, I would recommend you to open a AWS Support case. Thank you!

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions