By using AWS re:Post, you agree to the Terms of Use

Oregon's multiple VPC run instances ,remote connection failure

0

In the oregon region of aws, vpc vpc-0257a65c1dc6c094e and vpc-036aa6d40506eb636 launch instances, and with the ssh port added to the security group, the ssh port cannot be connected, and the telnet test ssh port cannot be connected. Can you tell me why this failure occurs? This affects our business.

2 Answers
0

Are you trying to SSH from outside or withing your VPC? Meanwhile, check:

  • your IGW config
  • your IGW is attached to the VPC
  • your public subnet where you launched instance
  • your network ACL
answered a month ago
    • The booted machine cannot be accessed via ssh port 22, either from any Internet outside the VPC or from another previously booted normal machine within the same VPC.

    • Both the staging VPC and the sandbox VPC have IGWs to connect to.

    • In the ACL of the VPC, we allow all IP traffic from 0.0.0.0 into that VPC.

    The affected VPCs are as follows.

    1. vpc-036aa6d40506eb636 The ACL associated with it is acl-091f2e46c2fe1364a, and the IGW associated with it is igw-0ea7d09c318f7c9d3. if you select subet as subnet-07423a9f71e9eb962 or subnet- 0eabdf489f8de52d5 will not be able to connect to ssh port 22

    2. vpc-0257a65c1dc6c094e The ACL associated with it is acl-001174d67b9e53fa5, and the IGW associated with it is igw-089e0c4f5d403dc7e. if you select subnet as subnet-0c38bafd69fcf279e or subnet- 0c4ca8b30a53e1c89 will not be able to connect to ssh port 22.

    • We have added port 22 to the security group to which the machine belongs when we name the machine.

    • Please help us to find out the cause as soon as possible, this is already having a big impact on our business.

    Thanks.

0

from another previously booted normal machine within the same VPC

Is the source machine in the same subnet? Are you using the default network ACL?

Please try these:

  1. Check your outbound rules and make sure you're allowing return traffic (configured in the inbound rules); remember network ACL aren't stateful as SG.
  2. Check your subnet associations.
  3. For the Source & Destination (port 22) host in the same VPC, please try running the Reachability Analyzer and share the result.
  4. With the Source as IGW & Destination host (port 22), run the Reachability Analyzer and share the result.
answered 24 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions