QBoard » Supporting Tech Stack » Cloud » Cannot ping AWS EC2 instance
User Dashboard

Cannot ping AWS EC2 instance

Back To Topics
Tags : amazon-web-services amazon-ec2 aws-security-group
  • 126

    I have an EC2 instance running in AWS. When I try to ping from my local box it is not available.

    How can I make the instance pingable?

      July 25, 2020 10:48 AM IST
    0
  • 319 1

    terraform specific instructions for a security group because the -1 was not obvious to me.

    resource "aws_security_group" "Ping" {
  vpc_id = "${aws_vpc.MyVPC.id}"
  ingress {
    from_port   = -1
    to_port     = -1
    protocol    = "icmp"
    cidr_blocks = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
}
      October 14, 2021 1:03 PM IST
    0
  • 461

    A few years late but hopefully this will help someone else...

    1) First make sure the EC2 instance has a public IP. If has a Public DNS or Public IP address (circled below) then you should be good. This will be the address you ping. AWS public DNS address

    2) Next make sure the Amazon network rules allow Echo Requests. Go to the Security Group for the EC2.

    • right click, select inbound rules
    • A: select Add Rule
    • B: Select Custom ICMP Rule - IPv4
    • C: Select Echo Request
    • D: Select either Anywhere or My IP
    • E: Select Save

    Add a Security Group ICMP Rule to allow Pings and Echos

    3) Next, Windows firewall blocks inbound Echo requests by default. Allow Echo requests by creating a windows firewall exception...

    • Go to Start and type Windows Firewall with Advanced Security
    • Select inbound rules

    Add a Windows Server ICMP Rule to allow Pings and Echos

    4) Done! Hopefully you should now be able to ping your server.

      September 8, 2021 12:33 PM IST
    0
  • 126
    If you want to enable ping (from anywhere) programmatically, via the SDK, the magic formula is:
    cidrIp: "0.0.0.0/0" ipProtocol: "icmp" toPort: -1 fromPort: 8
    For example, in Scala (using the AWS Java SDK v2), the following works to define an IpPermission for the authorizeSecurityGroupIngress endpoint.
    val PingPermission = { val range = IpRange.builder().cidrIp( "0.0.0.0/0" ).build() IpPermission.builder().ipProtocol( "icmp" ).ipRanges( range ).toPort( -1 ).fromPort( 8 ).build() }
    (I've tried this is only on EC2-Classic. I don't know what egress rules might be necessary under a VPC)
      August 26, 2021 6:14 PM IST
    0
  • 317
    1.Go to EC2 Dashboard and click "Running Instances" on "Security Groups", select the group of your instance which you need to add security.
    2.click on the "Inbound" tab
    3.Click "Edit" Button (It will open an popup window)
    4.click "Add Rule"
    5.Select the "Custom ICMP rule - IPv4" as Type
    6.Select "Echo Request" and "Echo Response" as the Protocol (Port Range by default show as "N/A)
    7.Enter the "0.0.0.0/0" as Source
    8.Click "Save"
      July 25, 2020 11:11 AM IST
    0