-1

I frequently have problem with AWS EC2 Security Group. It takes me long time to figure out what goes wrong in the setting. I am wondering is there any available tool to test the security group much easier without having to manually check in AWS.

channa ly
  • 9,479
  • 14
  • 53
  • 86
  • What type of problems do you experience? – John Rotenstein Aug 03 '19 at 06:55
  • SG are statefull which means you inside to outside traffic is allowed (if it's allowed in outbound) , you need to create additional rule for inbound traffic, enable flow logs on ENI and you'll see more information. – James Dean Aug 03 '19 at 07:13
  • Let’s say I want to allow an ssh from a public ip using sg. In order to test I have to use the IP which is sometimes inconvenient. – channa ly Aug 03 '19 at 08:43
  • Why do you wish to "test" it? Are you concerned that the security group will not function as configured, or is the concern that somebody incorrectly configured it? – John Rotenstein Aug 04 '19 at 00:14
  • I am a software engineer, I like a testable app. It would be better for me to be able to test it before saying to my remote colleague that it's done but at the end it does not work because of x reason ( my wrong configure or my colleague ip is wrong ). – channa ly Aug 05 '19 at 02:06
  • What exactly do you need to test? Does it matter from which IP you're testing? – Uberhumus Oct 14 '19 at 14:15

2 Answers2

1

There's a new capability in AWS called AWS Route Analyser. With this service you can enter the instance id and your internet gateway, and it will advise you as to what (if anything) is stopping the routing of packets. See https://docs.aws.amazon.com/vpc/latest/tgw/route-analyzer.html

belial
  • 321
  • 1
  • 8
0

Hey you can use below link if your port is accessible from every where:-

https://ping.eu/port-chk/

you need two information:-

IP address or host name:
Port number:

or you can ask the remote user to:

telnet hostname port number

telnet ip address port number

Sonoo Kumar
  • 56
  • 2