By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Server Ports Inaccessible Post-Account Verification

0

Hello AWS Experts,

Recently, I faced an issue where my AWS account was under restrictions. Post the verification process, AWS support reinstated my account. While the administrative side seems sorted, I'm facing technical challenges when attempting to bring my services back online.

Issue Details:

Port Accessibility: Post-reinstatement, I observed that most ports, especially port 80 (HTTP) and port 25 (SMTP), are closed off. Despite ensuring security group is set correctly, my web services remain inaccessible externally. The only port that's currently responsive is port 22 (SSH).

I checked opened port using Netstat here the result : Netstat log

After my account was reinstated, I didn't make any changes or modifications. I simply turned on my servers, and this issue arose.

Has anyone faced such a scenario before? I'm looking for insights or steps that might have been missed during the process of account reinstatement. Technical advice or AWS-specific configurations that need cross-checking would be much appreciated.

Thanks in advance for your guidance!

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Networking & Content DeliveryAccount SupportSecurity GroupLinux
Language
English
karimj
asked 7 months ago310 views
2 Answers
0

TCP port 80:

Your Netstat terminal output shows that the server listens on TCP port 80 only for IPv6 traffic. If you need to use IPv4, enable TCP port 80 for IPv4 on the server too.


TCP port 25:

How did you test TCP port 25? Did the test involve sending outbound (from EC2) traffic to TCP port 25 too?

Amazon Elastic Compute Cloud (Amazon EC2) throttles email traffic over port 25 by default. To avoid timeouts when sending email through the SMTP endpoint from EC2, submit a Request to Remove Email Sending Limitations to remove the throttle. Alternatively, you can send email using a different port, or use an Amazon VPC endpoint.

Documentation reference.

AWS
Max
answered 7 months ago
  • karimj
    7 months ago

    by simply writing on terminal : telnet smtp.xxxxx.com 25 then wait for response usually its work but now its not

  • Max
    7 months ago

    If you "telnet" to the instance from a host on the Internet, try the checklist below:

    • Check that "smtp.xxxxx.com" resolves to the IP of your EC2 instance.
    • Check if the associated with the instance Security Groups allow traffic to the instance on TCP port 25.
    • Check if the Network ACLs allow traffic to and from TCP port 25.
    • Check the local firewall on the instance itself (OS-level).
    • Check how the instance is connected to the Internet. If there are any additional gateways, firewalls or other hops in the middle, check them too.
    • Use VPC Flow Logs to detect where the traffic stops when you "telnet".
0

Hello.

Is port 80 allowed in the network ACL of the subnet where EC2 is running?
Additionally, port 25 is originally restricted in AWS.
Has this restriction been lifted?
https://repost.aws/knowledge-center/ec2-port-25-throttle

profile picture
EXPERT
Riku_Kobayashi
answered 7 months ago
  • karimj
    7 months ago

    Port in network ACL is correctly setuped and about port 25 Is usually open I did this procedure 2years ago and everything is good before the restriction from aws team.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content