I am not able to access ports other than port 80 in my AWS hosting.
I hosted my App in http://18.222.65.31. This port is working as expected, but I hosted another app in http://18.222.65.31:81/api/values, which is not working outside the hosted instance of AWS.
What I tried so far:
I added firewall Inbound Rule for port 81.
Added Custom TCP rule for the security group of the instance from AWS Console.
Is there something I am missing ?
UPDATE:
1. Instance Detail:
2. Security Group detail:
3. VM Firewall Advanced Settings(Inbound):
Related
I have created an Ubuntu EC2 instance, and created a load balancer to point to that EC2 instance. The rules on the Listener for the load balancer look OK (ports 80 and 443). I can access the EC2 instance Apache2 HTTPD server in a Browser using the EC2 IP address and Domain (only port 80 is working, no HTTPS).
The inbound rules for the security group look OK, i.e. port 80 and port 443.
The health check is checking the server every 30 seconds, and is showing as healthy every time.
The main problem is that when I try to connect to the webserver in a browser using the DNS name for the load balancer, the page times out, and I do not see the request hit the Apache2 server logs. However, I can connect when using the EC2 instance domain name, and I also see the request hitting the Apache2 server logs.
I wondered if I could please ask if anyone else has had the same issue with the load balancer DNS name not resolving to the EC2 instance?
Many thanks,
Martin
EDIT: This was resolved by setting the correct security group.
I have created a Windows instance in EC2, also installed the Bitnami WAMP stack there. The web app runs on the instance, however it does not display on a browser outside the instance with the public IP of the instance.
I have configured the Security Groups this way:
Port 80 (HTTP inbound and outbound)
Port 443 (HTTPS inbound and outbound).
What else need to be done, in order to display the web app on a browser? Thanks
The issue was solved by disable the Firewalls on the Windows O.S directly (instance).
I am trying to deploy an ASP.NET Core 2.1 Angular 6 website to an ec2 instance.
I have copied the code to the server and build it using the PowerShell console.
I have tested the site using dotnet run and the site runs on https://localhost:5001/.
The security group in AWS has the following inbound port ranges open:
1. 80 -> 0.0.0.0/0 (HTTP)
2. 443 -> 0.0.0.0/0 (HTTPS)
What do I need to do to expose this site to the outside world?
If you do not wish to add a loadbalancer, the only thing you need to do is add an additional security group rule to allow port 5001 to be accessed by 0.0.0.0/0. Might be a bit nicer if your application simply runs on port 80.
If you wish to use a loadbalancer, checkout some of the AWS tutorials about it.
I have an EC2 instance with a few applications successfully deployed onto it, listening for connections on ports 3000/3001/3002. I can correctly load a web page from it by connecting to its public DNS or public IP on the given port. I.e. curl http://<ec2-ip-address>:3000 works. So I know that the apps are running, and I know that the port bindings/firewall rules/EC2 security groups are all set up correctly to receive connections from the outside world.
I also have an Application Load Balancer, which is supposed to route traffic to the 3 apps depending on the host name, but it always gives me "504 Gateway Time-out". I've checked all the settings but I can't see what's wrong and I'm not really sure how to troubleshoot it from here.
The ALB has a single HTTPS/443 listener, with a cert that's valid for mydomain.com, app1.mydomain.com, app2.mydomain.com, app2.mydomain.com.
The listener has 3 rules, plus the default rule:
Host == app1.mydomain.com => app1-target-group
Host == app2.mydomain.com => app2-target-group
Host == app3.mydomain.com => app3-target-group
Default action (last resort) => default-target-group
Each target group contains only the single EC2 instance, over HTTP, with the following ports:
app1-target-group: 3000
app2-target-group: 3001
app3-target-group: 3002
default-target-group: 3000
Given that I can access the app directly, I'm sure it must be a problem with the way I've configured the ALB/listener/target groups. But the 504 doesn't give me much to go on.
I've tried to turn on access logs to an S3 bucket, but it doesn't seem to be writing anything there. There's a single object called ELBAccessLogTestFile, and no actual logs in the bucket.
EDIT: Some more information... I actually have nginx installed on the EC2 instance, which is where I was previously doing the SSL termination and hostname-to-port mapping/routing. If I change the default-target-group above to point to port 443 over HTTPS, then it works!
So for some reason, routing traffic
- from the ALB to the EC2 instance over HTTPS on port 443 -> OK!
- from the ALB to the EC2 instance over HTTP on port 3000 -> Broken!
But again, I can hit the instance directly on HTTP/3000 from my laptop.
Communication between resources in the same security group is not open by default. Security group membership alone does not provide special access. You still need to open the ports in the security group to allow other resources in the security group to access those ports. You can specify the security group ID in the rule's source field if you don't want to open it up beyond the resources in the security group.
I'm not a hardware guys, so I'm probably missing something simple, but I did the following:
Created a Windows VM.
Activated the web server role/IIS features (I can successfully serve a page via localhost when remote desktopped in).
Made sure outgoing port 80 wasn't blocked in Windows firewall.
Created a load balancer that pointed to the instance (to make enablement of SSL easier).
I then tried pulling up both the load balancer public DNS and the VM'w and neither of them pull up any web page. The Windows VM instance reports that it's running, but the load balancer reports that the VM is OutOfService trying to forward port 80.
What do I need to do to be able to serve my web site?
Open port 80 on the AWS security group assigned to your EC2 instance.
Open inbound access to port RDP in your security group.
This will make you to access the Windows server of your ec2-instance.
Edit the Security Group assigned to your EC2 instance and add a rule to allow port 80 in Inbound and outbount rules.