My EC2 is not responding from browser ec2 intance connect or a web server on port 80

0

ec2-54-87-201-155.compute-1.amazonaws.com 54.87.201.155

Instance is inside VPC with internet gateway attached and also route table has 0.0.0.0/0 destination

My security groups are as follows

sgr-0f24aa20ece6c10df	80	TCP	0.0.0.0/0	launch-wizard-1
sgr-0b9cc7da941a4456d	All	All	0.0.0.0/32	launch-wizard-1
sgr-0815f5d840e9d3937	443	TCP	0.0.0.0/0	launch-wizard-1
sgr-019b0f12413825491	22	TCP	xx.xx.xxx/32	launch-wizard-1

I am able to connect ssh from my IP with Git bash on windows, I have installed apache there and I am able to curl localhost on the instance

Captain
asked 2 years ago519 views
2 Answers
0

It takes 5-6 hours

Captain
answered 2 years ago
0

Hello,

Here is additional information and steps required to troubleshoot and resolve this issue.

Verify VPC network configuration is correct by checking:

  1. Security Groups - Check that traffic is allowed from your IP on port 80. Security Groups are stateless so you will only need to allow in the inbound direct and the response would automatically be allowed. Verify that your source IP is still the same as what is in the security group.

  2. Network Access Control Lists - NACLs should allow inbound traffic on port 80 and outbound to ephemeral ports 1024 - 65535

  3. Route table - Route table needs to have default route 0.0.0.0/0 pointing to an IGW.

  4. Public IP - Instance should also have a public IP or Elastic IP assigned.

  5. Enable VPC flow logs [1] - VPC flow logs will provide details of the traffic sent and received by your instance. You can filter for your source IP address and confirm if traffic from your source instance is reaching the instance and if there is any response. Any traffic that is blocked due to a NACL or SG will also have a status of REJECT in the flow logs.

Once you have checked the above steps this rules out your VPC networking configuration from the issue and further investigation is required on the instance or application. I advise starting with the steps below:

  • The command below is used to check that the HTTPD server is running and listening for traffic from any IP on port 80

    sudo netstat -tlpn

  • The command below is used to check that the HTTPD server is Active

    sudo service httpd status

Kindly investigate the error seen in the browser when connecting.

I have also included a link [2] below for more information on troubleshooting connection issues to an instance.

References:

[1] Flow logs can publish flow log data directly to Amazon CloudWatch: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-cwl.html

[2]Troubleshoot connecting to your instance: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html

AWS
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions