- Newest
- Most votes
- Most comments
Recomended setting is having inbound traffic from internet only on ALB, and have application on private subnet that for inbound should only allow traffic from ALB. For your instance to connect to internet you would need a NAT gateway configured for its private subnet. If EC2 is in public subnet, the Internet Gateway would work. To understand better actual problem, if on EC2 you curl to a internet site by IP, does it works? (you should make sure that site responds by IP). If you use dig or nslookup to resolve a hostname, does it works? Have you check that the instance route tables are ok for the IG or NatGateway?
Hi,
In case the EC2 instance is not able to access Internet, you can try to troubleshoot with the followings:
1/ Make sure the outbound is allowed in the attached Security group.
2/ Make sure the Network ACLs is allowed for outbound access.
3/ Make sure the route table is configured properly for the subnets to NAT GW or Internet GW.
For more troubleshooting guides, please see https://aws.amazon.com/tw/premiumsupport/knowledge-center/ec2-connect-internet-gateway/
If your EC2 instance is not reachable from the ALB, specify the appropriate HTTP or HTTPS port and source IP CIDR in the ALB's security group.
This ec2 on ALB using ip private with internet-facing. I have few Fargate too here, but it's working well with ALB too. Both Fargate and ec2 ALB use the same Security Group, the same ACL and the same subnet. It work.
So my assumption that it should work with ALB/ec2 too.
Relevant content
- asked a year ago
- asked a year ago
- asked 8 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 9 months ago
Hi thanks for your advice. I fix this problem by move subnet to public subnet. So EC2 unde ALB can access the internet.
Thanks for the update. It is good to check security group for ec2 has no inbound rule for public access, for usual configuration it would only need inbound rule from ALB security group.