Cant connect to AWS EC2

Question

I have a ec2 instance with public ip in public subnet Ubuntu 20.04, everything seems open- But I cant ping or ssh to the instance:

NACL ( I/b & O/b) : 100 - all/all 0.0.0.0/0

Route Table- 0.0.0.0/0 igw

SG: 8080, 443, 22 - 0/0

I have this " open address " hyperlink in the ec2 instance console next to public-IP and public DNS - when I try opening it does not open- can't reach this page - tries https://IP.

Putty times out, also cmd ssh:

ssh -i "pem-file.pem" ubuntu@IP
ssh: connect to host 'IP' port 22: Connection timed out

No I have not setup SSL certs but 443 is open. I am basically trying to ssh with key pair - that itself fails, also ping fails. So probably some connectivity/network issue - I think I have opened everything: SG, NACL, RTB, etc — Sam-T, Jul 07 '21 at 22:05
port 443 will not work as you don't have ssl. SSHing into the instance also does not work? What exactly is happening? Any errors? — Marcin, Jul 07 '21 at 22:08
Putty times out when I try ssh. Also ping fails. Probably the clue is " open address " hyperlink in the ec2 instance console next to public-IP and public DNS - dont ever recall seeing this anytime — Sam-T, Jul 07 '21 at 22:16

score 3 · Answer 1 · answered Jul 08 '21 at 00:33

When an SSH connection times-out, it is normally an indication that network traffic is not getting to the Amazon EC2 instance.

Things to check:

The instance is running Linux
The instance is launched in a public subnet, which is defined as having a Route Table entry to points to an Internet Gateway
The instance has a public IP address, which you are using for the connection
The Network Access Control Lists (NACLs) are set to their default "Allow All" values
A Security Group associated with the instance that permits inbound access on port 22 (SSH) either from your IP address, or from the Internet (0.0.0.0/0)
Your corporate network permits an outbound SSH connection (try alternate networks, eg home vs work vs tethered to your phone)

See also: Troubleshooting connecting to your instance - Amazon Elastic Compute Cloud

If you continue to have problems, then use ssh -vvv ... to activate debugging, and add the output to your Question.

Once you have SSH working, then try to get 443 working.

Do not use Ping to test connectivity because that requires additional rules in the Security Group, and all it tests is whether Ping is working.

It suddenly started working. Did not make any changes to anything. I had tried many things (many times) - restart, terminate/recreate - nothing had worked. One last restart - got a new range public IP 18.x (earlier it was 3.x) - it started working. (I am connecting from personal/home network not corporate). — Sam-T, Jul 08 '21 at 00:54

score 1 · Answer 2 · answered Dec 01 '21 at 10:12

Reachability Analyzer is an easy solution. It will analyze the requested path and direct you to the problem.

1. VPC > Reachability Analyzer

2. Create and analyze path

In this case, I would check the path from the Internet GW to the instance on port 22

3. Find the problem

Once the analysis is completed you can find the issue. In my case it's a routing table with no route to the internet GW

4. Fix the problem

Let's add the needed route

5. Verify the path again

Rerun the analysis again

6. SSH is working

     ssh -i "my_key.pem" ec2-user@ec2-900-227-116-41.compute-1.amazonaws.com
       __|  __|_  )
       _|  (     /   Amazon Linux 2022 AMI
      ___|\___|___|  Preview
http://aws.amazon.com/linux/amazon-linux-2022
Last login: Wed Dec  1 09:18:54 2021 from 84.110.59.182
[ec2-user@ip-264-31-83-228 ~]$

see this answer it works: https://stackoverflow.com/a/57961330/3904109 — DragonFire, Oct 13 '22 at 06:16

Cant connect to AWS EC2

2 Answers2