Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why can't i telnet my aws instance?

Created an AWS AMI instance.
I can telnet from the instance itself
telnet [Pv4 Public IP] 9200

But not from my pc.

This is my security group enter image description here

What am I doing wrong?

like image 488
Bick Avatar asked Apr 29 '17 19:04

Bick


People also ask

Why is my AWS instance not connecting?

The following are common reasons why EC2 Instance Connect might not work as expected: EC2 Instance Connect doesn't support the OS distribution. The EC2 Instance Connect package isn't installed on the instance. There are missing or incorrect AWS Identity and Access Management (IAM) policies or permissions.

Can not ping AWS instance?

To allow pinging the instance you need to enable ICMP traffic. The AWS Web Console provides some of the most commonly used options in the relevant dropdown list. Enable All ICMP traffic to the machines using the specified Security Group worked a treat for me.

Why can I not SSH into my EC2 instance?

This error occurs if you created a password for your key file, but haven't manually entered the password. To resolve this error, enter the password or use ssh-agent to load the key automatically. There are a number of reasons why you might get an SSH error, like Resource temporarily unavailable.


4 Answers

You can check your Network ACL configurations. It looks like there is some other firewall in between your PC and server which is blocking you on 9200.

like image 161
Shubham Bansal Avatar answered Oct 16 '22 20:10

Shubham Bansal


If you can access port 80 via telnet or you're able to SSH in it's likely you have a network ACL in place. If you can not access port 80 via telnet but you can via a browser it's like a local config - maybe AV or a firewall.

EC2 instances use security groups for their firewall

Another test to narrow down the the issue would to see if you could telnet from another instances in the same subenet in the same AZ. Being in the same subnet you should not be affected by a network ACL.

like image 29
denov Avatar answered Oct 16 '22 20:10

denov


You can have a look at this telnet-to a cloud instance from outside

The solution to problem was "Open the services and make the telnet manual and right click on it and chose start"

As well make sure that the instance is residing in a public VPC

like image 1
Arafat Nalkhande Avatar answered Oct 16 '22 22:10

Arafat Nalkhande


Based on what you've described, there isn't really much else to work with. Your ability to telnet the public IP from the instance implies the server is listening on the external interface and your security group is already set to have the port open to all incoming connections.

Aside from the trivial overlooking of not actually having the instance under the listed security group, the only possibility I can think of now is an active firewall on the instance. In the case of iptables or ufw (which is an interface to iptables), it's trivial to verify whether they are indeed getting in the way:

// List iptables access rules
sudo iptables -L -v

// List access rules via ufw
sudo ufw status
like image 1
Leo C Avatar answered Oct 16 '22 22:10

Leo C