No user able to connect to any EC2 Machine in organization all of a sudden

0

We have approx. 20-30 EC2 machines which users use on regular basis; however, from last 30 minutes, no user is able to connect to any of the EC2 machines and also to RDS. Not sure what happened. Error is connection Timed Out only.

Bhoopen
asked 10 months ago254 views
4 Answers
0
Accepted Answer

Hello.
Are communications allowed by the network ACLs set for the security groups and subnets configured on the EC2?
Has someone on your team accidentally changed the settings?

Also, is the IP address from which you are connecting a fixed IP address?
Make sure that the IP address from which you are connecting is allowed in the security group.

profile picture
EXPERT
answered 10 months ago
profile picture
EXPERT
reviewed 3 months ago
  • Yes, everything seems to be configured the way it was earlier and IP address from which we connect is not really fixed but we allow from any IP address for these machines. Nothing seems obvious but no one is able to connect for some reason, it only times out

  • Thanks for the reply. Have you checked the network ACL settings for your subnet? Also, can you confirm that there is a route to the Internet Gateway in the route table of the subnet on which the EC2 is running? https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html

0

I'd start by checking following through AWS config if you have AWS config already enabled:

  • VPC
  • Subnets
  • NACL
  • Security groups

Go to AWS config console -> Click Resources -> Type subnet in resource type and select based on what you want to check first(you can choose multiple resource type too) -> Search for those commonly used subnets and see if there was any recent change occurred. There might be some routes reconfigured, which is why this started happening ll at sudden. Similarly, check for security groups, NACL in aws config and verify if there are any changes happened to any of those commonly used security groups and impact of the change.

This would give you some clue, what changes are made recently, which is why this started happening since it's completely account/org specific issue.

Hope this helps.

Comment here if you have additional questions, happy to help.

Abhishek

profile pictureAWS
EXPERT
answered 10 months ago
0

How do you connect to EC2 and RDS, is it across the public internet (even if using VPN) or is it using Direct Connect (or is it something else)?

if your internet connection had an outage that would have caused this behaviour, though I would expect you would have noticed not being able to connect to anything else on the internet.

If it's Direct Connect then that sometimes has maintenance outages (usually communicated well in advance by email from AWS) which would cause an interruption to service if you don't have redundant DX connections setup.

Also check for an interruption to service at the provider who hosts your Direct Connect link.

profile picture
EXPERT
Steve_M
answered 10 months ago
0

Someone changed inbound rules for the Default VPC NACL by mistake and that stopped us connecting to the resources

Bhoopen
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions