How to access/ping a server located on AWS?

问题:

With what address should a server located on AWS be accessed?

I've created an AWS instance and installed a web server on it. However the server is not reachable via any of the:

1. ec2-174-129-24-92.compute-1.amazonaws.com
2. the IP address from instance's ifconfig
3. an elastic IP address I've created on the AWS dashboard and associated with the instance

Surprisingly, ssh with root@ec2-174-129-24-92.compute-1.amazonaws.com works fine.

What might be the problem and how to bind an address to the instance?

回答1:

In your security group open -1 to -1 on ICMP for range 0.0.0.0/0 and you'll be able to ping.

See my screenshot for a better view:

Image posted by @emostar below

回答2:

Updated for 2014 - the current Amazon UI no longer uses numbers for ICMP types, so the existing answer doesn't work anymore.

In your security group:

• Click the inbound tab
• Create a custom ICMP rule
• Select echo request
• Use range 0.0.0.0/0 for everyone or lock it down to specific IPs
• Apply the changes

and you'll be able to ping.

回答3:

As nowthatsamatt said, you want to allow ICMP from all addreses.

To do this on the command line you can run:

ec2-authorize <group> -P icmp -t -1:-1 -s 0.0.0.0/0 

Or if you prefer the AWS Console, this is what it would look like (current as of 2012-09-19):

AWS Console Image

回答4:

Ping doesn't work with EC2 because ping runs over the ICMP protocol which is blocked in a typical EC2 security group configuration.

Here's a very nifty way to work around this by using tcping (a ping alternative that works over a TCP port):

tcping ec2-174-129-24-92.compute-1.amazonaws.com

tcping ec2-174-129-24-92.compute-1.amazonaws.com 22

It runs on port 80 (the first example) but you can also specify a different port (the second example) to be used to test connectivity.

回答5:

Give 2 rules in AWS security group (Inbound),

Custom ICMP Rule       Echo Request          N/A            0.0.0.0/0  Custom ICMP Rule       Echo Reply            N/A             0.0.0.0/0 

回答6:

Eight years late but hopefully this will help someone else...

The below shows how to enable the ports needed for pings.

1) First make sure the EC2 instance has a public IP. It has a Public DNS or Public IP address then you should be good. This should also be the address you ping.

2) Go to the Security Group that EC2 is using.

• right click, select inbound rules
• A: select Add Rule
• B: Select Custom ICMP Rule - IPv4
• C: Select Echo Request
• D: Select either Anywhere or My IP (note: My IP is more secure then anyone but will only allow pings from your IP.)
• E: Select Save

3) Create a windows firewall exception.

• Go to Start and type Windows Firewall with Advanced Security
• Select inbound rules

回答7:

If your instance uses a Windows AMI you need to make sure that both the security group on the AWS console AND the Windows Firewall are set up to accept connections on the port(s) you require.

I had the same issue enabling http access until I configured the Windows firewall to allow connections on the ports I wanted. This is easily done in Windows by accessing Control Panel>System and Security>Windows Firewall>Advanced Settings. Then configure a new port rule to allow incoming TCP traffic to the port or port range you require.

回答8:

UPDATE for September 2014: After a while of not being able to apt-get without freezing, I tried to ping www.google.com. To my surprise I couldn't ping either. I followed the suggestion above by creating a new ICMP rule with an Echo Request for Inbound. This didn't work for me either. After much trying I created a new rule for Outbound with Echo Request. Now it works. Maybe AWS added this recently? Anyway, hope this helps somebody out there. Not being able to do something as simple as pinging could drive a person nuts.

edit: now my apt-get works too!

回答9:

I have faced the similar issue while connecting from my local mac machine

Work around as below:

1. * Route table => add 0.0.0.0/0 and target to your Internet Gateway *

2. Under Network ACL add ad below

   2.1 for pings from your local machine ->

   All ICMP - IPv4 ICMP (1) ALL 0.0.0.0/0 ALLOW

   2.2 ssh/other connectivity

   SSH (22) TCP (6) 22 0.0.0.0/0  ALL Traffic ALL ALL 0.0.0.0/0 

3. Good practice associate your subnet to your route table

4. Under Ec2 -> Security Group

   4.1 To allow SSH connectivity, just add as below

   SSH (22) TCP (6) 22 0.0.0.0/0 

   4.2 for pings to work from your local machine as as below

   All ICMP - IPv4 All N/A 0.0.0.0/0 

This will make your connectivity works for pings & ssh from your local machine using your KEY file (xx.pem)

thanks,

文章来源: How to access/ping a server located on AWS?