使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款

Can't connect to my EC2 instance from outside

0

I cant connect to my aws EC2 public ipv4 from outside, can someone help me? I'm trying to connect via http on 80 port (inside EC2 it works, outside not even the ping works) already added inbound and outbound rules to EC2 firewall too There are my configurations 1- VPC resourse map: Enter image description here

2- EC2 inbound and outbound rules Enter image description here

3- subnet route table Enter image description here

4- Network ACL inbound and outbound rules Insira a descrição da imagem aqui

5- Security Group rules: Enter image description here

已提問 1 年前檢視次數 831 次
3 個答案
0

Your screenshots are really helpful (though the images in 2 & 4 are the same - is this an oversight?), they show that you have ports 80, 443 & 3389 open from everywhere to your EC2 instance. So if you can RDP into your EC2 instance from outside then your security groups and routing are all fine, so the reason you can't HTTP to the webserver on port 80 is more lilekly to be something on the EC2 instance itself, such as Windows Firewall.

If you cannot RDP to your EC2 instance then it's likely this is the same root cause as your problems with HTTP.

In addition to security groups, do you have any ACLs set?

This looks like a good use for AWS Reachability Analyzer https://docs.aws.amazon.com/vpc/latest/reachability/getting-started.html https://aws.amazon.com/blogs/aws/new-vpc-insights-analyzes-reachability-and-visibility-in-vpcs/

profile picture
專家
已回答 1 年前
  • I’ve updated the image 4 (thanks for info) with the rules of my ACL that is set to the subnet. And yes, I can RDP into my EC2, but can’t HTTP. I’ve already created rules for port 80 inside EC2 instance, but I keep without success… I already tried using Reachability Analyzer but don’t get any relevant info, only “Not reachable”.

  • Rule 100 in your inbound and outbound ACLs allow everything, so any rules numbered > 100 are superfluous. Which means it's only security groups we have to look at.

    To recap, from outside you can RDP to the public IP and it works.

    Once RDPed onto the EC2 instance, you can get a response from the webserver on port 80 - I assume this is either from the loopback address 127.0.0.1:80 or the private IP 172.x.y.z:80 ?

    But go back outside and try to hit [public_ip]:80 and there's no response?

    I take it there's no load balancer in between, and all connections go directly to the EC2?

    It sounds like there may be something blocking on the EC2 itself, can you try disabling Windows Firewall (or anything similar) and does that make a difference?

0

Hi! Did you figure out the issue? I am facing the same problem.

AWS
已回答 1 年前
-1

Hi, it is then very probably either an ip routing or sec group issue with the ip address of your laptop since you can connect from console.

Follow https://medium.com/tensult/unable-to-connect-your-ec2-instance-using-ssh-842f6f6f0d04 to find and fix your problem.

Best,

Didier

profile pictureAWS
專家
已回答 1 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南