My inbound outbound rules for my Security Group.
This is my inbound outbound rules for my NACL
If you have setup security group correctly to allow your ip address on port 22, you should be able to ssh to your EC2 instnce from your local machine. However, there are few other things also, that you need to check and one very common things is NACL.
Check your network ACL settings and allow your IP in the inbound rules, for outbound rules, allow port range "1024-65535" to your IP address Optionally you can also set the allow to 0.0.0.0/0 and you should be able to communicate.
Please refer AWS Documentation.
Lastly, you mentioned that ping is not working either, so please make sure you 've allowed ICMP IPV4 to your IP address since ping uses ICMP protocol.
Comment here if you have additional questions, happy to help.
When you mention you have a route in the routing table for 172.31.0.0/16 > local it makes me think you are using the default VPC, would that be right? If that's the case then the network settings and routing should more-or-less all be in place to allow you to connect to the EC2 instance, you just need to have a security group rule allowing inbound port 22 (which you have done).
Can you confirm the host has a public IP address, and that it's definitely the public IP address that you're trying to connect to?
Also, note that any time you stop & start the instance (which is a normal thing to do as part of troubleshooting) the public IP will have changed, so make sure that its the latest, correct public IP you're using.
As @secondabhi_aws says in his answer, for ping to work you need to allow inbound ICMP in the security group https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html#sg-rules-ping
- AWS OFFICIALUpdated 23 days ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- EXPERTpublished 4 months ago
- EXPERTpublished 5 months ago