0

I am unable to ping google.com from my private EC2 instance in my AWS VPC.

I have a bastion set up in front of the private instance, and am connecting to it via guacamole. But once I login and run ping google.com, it hangs.

enter image description here

My security group inbound / outbound rules for the bastion look like:

enter image description here

And here are the inbound / outbound rules for the private instance:

enter image description here

My Network ACLs are wide open. I have a private route table that points to the Network Gateway for any destination. I also have a public route table that points to the Internet Gateway for any destination. What am I missing? Why can't I ping google from my private EC2 instance?

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
fjjones88
  • 267
  • 4
  • 16
  • 1
    As your are running IP4. Do you have a NAT Gateway / NAT instance? Is the default route of the private subnet to the NAT Gateway, and does the NAT Gateway have a route to the internet (0.0.0.0/0) via the Internet Gateway? – Jason Jan 16 '23 at 05:52
  • 1
    Checkout the following video:https://www.youtube.com/watch?v=Yl81_rXbbgA – Jason Jan 16 '23 at 05:54
  • 1
    Since you can connect to the bastion host, I assume there's no problem with the IGW. Is the route table with the NAT gateway correctly associated with your private subnet? – chamal Jan 16 '23 at 07:08

1 Answers1

1

I accidentally associated my private subnet with my public route table. After I changed the association to the private route table with the nat gateway, it worked!

fjjones88
  • 267
  • 4
  • 16