Can't ping the private ip of my ec2 instance

Question

I have setup a vpn connection from my SonicWall and setup an inbound ICMP secuirty group rule with echo request to allow ping from the external ip address of my sonicwall. In my sonicwall I can see the pring request going out successfully, but I not getting any response. I am able to ping the public ip address of my instance without any issues. What am I missing?

Answer

Hello.

If there are no problems with the EC2 security group or subnet network ACL settings, I think there may be a routing problem.  
Is there a communication route to the on-premises set in the subnet route table?  
If it is set statically, please manually set the communication route in the route table.  
https://docs.aws.amazon.com/vpn/latest/s2svpn/VPNRoutingTypes.html

If you are using BGP, try enabling propagated in your route table.  
https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html#vpn-configure-route-tables

Will it be successful if I set the IP address restriction for ICMP communication to 0.0.0.0/0 etc. in the EC2 security group?  
If it succeeds, there is a problem with the IP address range set in the security group.

Can't ping the private ip of my ec2 instance

相关内容