Search
Question:
Reasons why you cannot ping your AWS EC2 instance: How to fix it

Before getting into the topic of why you cannot ping your AWS EC2 instance, first understand what is ping. Ping uses the separate layer 3 protocol named ICMP, and layer 3 is the same layer used by TCP and UDP. It does not use a port and the four main points that you need to look into while troubleshooting why you cannot ping your EC2 instance are Firewalls, Security Groups, and NACLs. 


Now that you have a rough idea of what ping is and what are its traits, let’s get into the topic. 


Problem 1: ICMP does not open inbound in the security group

This is the problem that you might be facing. Navigate to the AWS security group and open ICMP inbound to the security group of the EC2 instance. 


How you can identify you cannot ping your AWS EC2 instance

  • Visit the EC2 console and choose the instance

  • Tap on the Security tab

  • Read the displayed summary on the tab or tap on the security group

  • Go through the inbound rules and see whether ICMP is allowed

                                                      Source: >Arcadian Cloud    


Solution: How to fix this problem

  • It’s simple to fix this issue. Just allow the ICMP inbound.

  • Navigate to the console and go to the security group

  • Tap into the Edit inbound rules button

  • Select Add rule

  • Choose the drop-down that says Custom TCP and convert it to All ICMP-IPv4

  • Choose the drop down with the ‘Custom’ mention and convert it to Anywhere-IPv4

  • Click on the Save Rules button. 

                                                               Source: >Arcadian Cloud    


Problem 2: Public IP is missing in the EC2 Instance

How to ping the EC2 instance from the local machine? This might be the other problem that is not letting you ping your AWS EC2 instance. You may have created your own EC2 instance that has a local IP and doesn’t have a public IP. In such a case, the IP showing on your screen is the local IP rather than a public IP. 


The following steps will help you verify whether you are facing this problem or not. 

  • Choose the instance that you want to ping in the console

  • Verify all the details tab and ensure there is a Public IP address that you are using. 


Solution: How to fix this problem

If you have the EC2 instance in the public subnet, you can carry out the process. In such a case, you just need to create an elastic IP and assign that IP to the instance. On the other hand, if you have a private subnet then you won’t be able to do this. You first have to attach an internet gateway to the subnet. This >article will help you attach an internet gateway to the subnet. 


Problem 3: The Network ACL (NACL) is not allowing ICMP

ACL allows everything by default. You might think that this is not the main issue however, it is worth checking once because it will only take a few seconds. 


Solution: How to fix this problem 

Go to the EC2 console and tap through to the subnet where the EC2 is in

Choose the Subnet and navigate to the Network ACL tab

Verify whether all the traffic is allowed through which is shown in the image below

If every traffic is not allowed through, you need to add the rule allowing ICMP explicitly

                                                        Source: >Arcadian Cloud    


Problem 4: The OS firewall is not allowing ICMP through


Windows

The firewall in the Windows might be blocking ICMP.


Solution

  • Go to the search bar menu of the Windows and type “Windows Firewall” in the search box.

  • Tap on the “Windows Firewall with Advanced Security” inside the search results. 

                                                Source: >Arcadian Cloud             


  • After that in the Windows Firewall go to the “Advance Security Window” and click on the “Inbound Rules” present in the left-hand panel. 

  • Now in the right-hand panel. Tap on the “New Rule” button

  • Inside the “New Inbound Rule Wizard” window, choose the “Custom” option and click on the “Next.”

  • Go to the “Protocol and Ports” section, choose the “ICMPv4” protocol, and choose the “Customize” option. 

  • Now in the “Action” section, choose the network profile that applies to the situation

  • Inside the “Name” section give the rule a name and submit to “Finish.”


Linux

Now, there are plenty of firewalls you might be using on Linux, if you are facing this problem then troubleshooting might take some time. You might have enabled the UFW firewall which is the most common firewall. 

  

Ritu Singh

Ritu Singh

Submit
0 Answers
Top Questions
08-08-2023

4 easy ways to select an AWS Profile when using Boto3 to connect to CloudFront

02-08-2023

AWS API Gateway: Ways to do REST API Versioning

09-08-2023

How to use Wildcards to ‘cp’ a File Group with AWS CLI

27-07-2023

Reasons why you cannot ping your AWS EC2 instance: How to fix it

11-08-2023

AWS EFS vs EBS vs S3: What are the best AWS storage options

Related Questions

4 easy ways to select an AWS Profile when using Boto3 to connect to CloudFront
img
Know everything about AWS Resource Explorer: Full Guide
img
Reasons why you cannot ping your AWS EC2 instance: How to fix it
img
AWS EFS vs EBS vs S3: What are the best AWS storage options
img
AWS API Gateway: Ways to do REST API Versioning
img