- Newest
- Most votes
- Most comments
Based on the information provided, it seems that the issue is related to the routing of traffic between the private and public subnets in your VPC. Specifically, it appears that traffic from the private subnet is not being properly routed to the public subnet where the Web API hosted on your public EC2 instance is located.
One possible solution to this issue could be to check the routing table for the private subnet to ensure that it is properly configured to route traffic to the public subnet. Additionally, you should check the security group rules for the private and public subnets to ensure that they are configured to allow traffic between the subnets on the necessary ports (443 in this case).
Another possible issue could be the load balancer, check the listeners associated with it, and make sure it's not blocking port 443 traffic.
You should also check your Network ACLs (NACLs) for the public and private subnets to ensure that they are allowing traffic between the subnets on the necessary ports.
It's also worth checking the VPC peering connections and make sure it's not blocking the traffic.
Try running Reachability Analyzer, int's in the VPC page on the AWS console, you can use it to analyze the path between the two EC2 instances and see where it's blocked.
Thank you Dror Helper. Have used Reachability Analyzer between Public and Private instances through port 443 and the Reachability Status is Reachable.
Relevant content
- Accepted Answerasked a year ago
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Thank you, Varun. Have checked everything that you advised: route tables, SG's, load balancer listeners and targets, ACL's, Private Link Service Endpoint. Also, I did Reachability Analyzer successful test between two EC2 instances. All looks correct but connection still does not work. I've done another test: I created a new website in Public EC2 IIS with binding to port 443 but with empty hostname. I tried to reach the new website from private EC2 using Public EC2 private IP4 address, i.e. https://10.0.10.15/MyNewWebSite. This worked. I still don't understand why https://MyWebSite.com/MyWebApplication does not work in private EC2. It looks like hostname MyWebSite.com associated with public EC2 IP4 address is the problem. But I don't understand why.