By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

change my SSH port from 0.0.0.0/0 to specific VPN IP

0

currently my instance security group inbound source is 0.0.0.0/0, I want to change that to a specific VPN IP example 125.25.456.88 of my organization and I want to access the ssh only throught this ip. I changed the source in security group of port 22 to 125.25.456.88/32. But after that I'm getting the issue

Failed to connect to your instance EC2 Instance Connect is unable to connect to your instance. Ensure your instance network settings are configured correctly for EC2 Instance Connect. For more information, see EC2 Instance Connect Prerequisites at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-prerequisites.html.

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Security Group
Language
English
NithinJay
asked a month ago37 views
1 Answer
0

Instead of your own public IP address, you'll need to allow SSH traffic from the managed prefix list com.amazonaws.REGION.ec2-instance-connect (with "REGION" replaced with the region code). If you're configuring the security group rule via the console, simply add a new inbound rule with TCP as the protocol, 22 as the port, and the name of the prefix list as the source. This is explained in the document you linked to, under the "Allow inbound SSH traffic" heading: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-prerequisites.html#ec2-instance-connect-setup-security-group

The rule that allows SSH access from your own /32 IP address you should delete.

EXPERT
Leo K
answered a month ago
profile picture
EXPERT
Riku_Kobayashi
reviewed a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content