9

Yesterday, I created a new instance but I cannot connect to it. Tried pinging it from my computer, online ping sites etc but it is just not reachable.

In the AWS console. everything seems to be functioning normally. The reachability check is successful. Screenshots are given below :

AWS Console screenshot

enter image description here

I tried using different AMIs, regions but to no avail. I just cannot connect to any AWS instance.

Please help. I'm clueless right now.

enter image description here

YD8877
  • 325
  • 1
  • 5
  • 11
  • 1
    Have you adjusted the Security Group for that instance to allow connections from your location? I don't recall if ICMP (e.g., ping) is allowed by default. – cjc Aug 08 '12 at 12:55
  • The reason i tried ping is because the host was not reachable via ssh. I have another instance in another account and its 'pingable'. How do i adjust the security group to allow connections ? – YD8877 Aug 08 '12 at 12:57
  • There's a Security Group in the navigation plane of the control panel. Create a new one or change the default. When you start up an instance, you will be asked what Security Groups apply to that instance. – cjc Aug 08 '12 at 12:59
  • added screenshot for the security group incoming settings. looks okay to me ? – YD8877 Aug 08 '12 at 12:59

1 Answers1

11

Did you allow ICMP and other traffic in security group settings? You should check the security group settings. It looks like you are using a default security group as seen on the 2nd row of 2nd column of the table on your screenshot. You should click "view rules" and adjust the rules there.

Alex
  • 7,939
  • 6
  • 38
  • 52
  • added screenshot for the security group incoming settings – YD8877 Aug 08 '12 at 13:01
  • Well you seem to be dropping all incoming connections – Alex Aug 08 '12 at 13:02
  • i'm sorry i dont understand. Are the security settings wrong ? – YD8877 Aug 08 '12 at 13:04
  • the security settings blocked all the ports ! I thought it was the other way round ! Thanks ! Accepted answer for you. – YD8877 Aug 08 '12 at 13:09
  • 1
    Not exactly wrong but just too restrictive, you only allow incoming connections from `sg-....` which I guess is related to your Amazon infrastructure but not the public web. You should a set of rules to allow hosts from `0.0.0.0/0` to access certain TCP ports or to ping the hosts in this security group. – Alex Aug 08 '12 at 13:11