amazon web services - Cannot ping AWS EC2 instance

ID : 10435

viewed : 47

Tags : aws-security-group

Top 5 Answer for amazon web services - Cannot ping AWS EC2 instance

vote vote

97

Add a new EC2 security group inbound rule:

  • Type: Custom ICMP rule
  • Protocol: Echo Request
  • Port: N/A
  • Source: your choice (I would select Anywhere to be able to ping from any machine)
vote vote

89

A few years late but hopefully this will help someone else...

1) First make sure the EC2 instance has a public IP. If has a Public DNS or Public IP address (circled below) then you should be good. This will be the address you ping. AWS public DNS address

2) Next make sure the Amazon network rules allow Echo Requests. Go to the Security Group for the EC2.

  • right click, select inbound rules
  • A: select Add Rule
  • B: Select Custom ICMP Rule - IPv4
  • C: Select Echo Request
  • D: Select either Anywhere or My IP
  • E: Select Save

Add a Security Group ICMP Rule to allow Pings and Echos

3) Next, Windows firewall blocks inbound Echo requests by default. Allow Echo requests by creating a windows firewall exception...

  • Go to Start and type Windows Firewall with Advanced Security
  • Select inbound rules

Add a Windows Server ICMP Rule to allow Pings and Echos

4) Done! Hopefully you should now be able to ping your server.

vote vote

72

You have to edit the Security Group to which your EC2 instance belongs and allow access (or alternatively create a new one and add the instance to it).

By default everything is denied. The exception you need to add to the Security Group depends on the service you need to make available to the internet.

If it is a webserver you will need to allow access to port 80 for 0.0.0.0/0 (which means any IP address).

To allow pinging the instance you need to enable ICMP traffic.

The AWS Web Console provides some of the most commonly used options in the relevant dropdown list.

vote vote

68

The custom ICMP rule in the security group is not what it takes, a least for me. But the following rule will work:

Type: All ICMP  Protocol: TCP Port range: 0 - 65535 Source: Anywhere - 0.0.0.0/0 

After doing this you will be able to ping other instances. You should see something like:

PING 10.0.0.15 (10.0.0.15): 56 data bytes 64 bytes from 10.0.0.14: icmp_seq=1 ttl=64 time=3.9 ms 64 bytes from 10.0.0.14: icmp_seq=2 ttl=64 time=3.9 ms 64 bytes from 10.0.0.14: icmp_seq=3 ttl=64 time=10.6 ms 64 bytes from 10.0.0.14: icmp_seq=4 ttl=64 time=40.6 ms 64 bytes from 10.0.0.14: icmp_seq=5 ttl=64 time=3.8 ms 64 bytes from 10.0.0.14: icmp_seq=6 ttl=64 time=5.3 ms 64 bytes from 10.0.0.14: icmp_seq=7 ttl=64 time=6.5 ms 64 bytes from 10.0.0.14: icmp_seq=8 ttl=64 time=3.5 ms 64 bytes from 10.0.0.14: icmp_seq=9 ttl=64 time=21.0 ms 64 bytes from 10.0.0.14: icmp_seq=10 ttl=64 time=3.5 ms 64 bytes from 10.0.0.14: icmp_seq=11 ttl=64 time=3.5 ms 64 bytes from 10.0.0.14: icmp_seq=12 ttl=64 time=59.7 ms 64 bytes from 10.0.0.14: icmp_seq=13 ttl=64 time=3.5 ms 64 bytes from 10.0.0.14: icmp_seq=14 ttl=64 time=3.5 ms 64 bytes from 10.0.0.14: icmp_seq=15 ttl=64 time=4.8 ms 64 bytes from 10.0.0.14: icmp_seq=16 ttl=64 time=3.1 ms 64 bytes from 10.0.0.14: icmp_seq=17 ttl=64 time=3.1 ms 64 bytes from 10.0.0.14: icmp_seq=18 ttl=64 time=3.0 ms 64 bytes from 10.0.0.14: icmp_seq=19 ttl=64 time=3.1 ms  --- 10.0.0.14 ping statistics --- 20 packets transmitted, 19 packets received, 5% packet loss round-trip min/avg/max = 3.0/9.9/59.7 ms 

That´s it.

vote vote

50

  1. Go to EC2 Dashboard and click "Running Instances" on "Security Groups", select the group of your instance which you need to add security.
  2. click on the "Inbound" tab
  3. Click "Edit" Button (It will open an popup window)
  4. click "Add Rule"
  5. Select the "Custom ICMP rule - IPv4" as Type
  6. Select "Echo Request" and "Echo Response" as the Protocol (Port Range by default show as "N/A)
  7. Enter the "0.0.0.0/0" as Source
  8. Click "Save"

Top 3 video Explaining amazon web services - Cannot ping AWS EC2 instance

Related QUESTION?