No Internet access from instance in VPC to Internet

Question

Hi,  
  
I have a new instance with one Elastic IP assigned and I am not able to access the Internet. I have looked at many post detailing similar problems and from what I can tell, I have configured correctly. DNS seems to be resolving, but I am unable to ping 8.8.8.8 or seemingly access the Internet. ACL is set to allow all outbound traffic. What am I doing wrong?  
  
Instance: i-0e91522238e28c5b5  
Security group: sg-0f4a60a4c2d20d8ae  
VPC: vpc-e0618187  
Internet gw: igw-28b72f4c  
Network ACL: acl-bebf2bd9  
Routing table: rtb-a94e09ce

Answer

Hey there,  
Since your ACL and Security Group allow all outbound traffic, you can check the OS-level firewall to see if your windows resource is blocking requests. You can also enable VPC flow logs to have logs of all the requests leaving and coming into your VPC in order to have visuals if traffic is leaving instance or VPC and coming back.   
  
Best regards  
prech

Answer

Specifically had issues with returning ICMP traffic and HTTP return traffic, determined to be problem with dynamic ports. NACL Ingress rules added for ICMP and the Windows dynamic port range (49152-65535), thus enabling outbound traffic from the instance.  
  
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html#nacl-ephemeral-ports

No Internet access from instance in VPC to Internet

相关内容