Not able to ssh/http into EC2 instance

Question

I am at my wits end with this, please help.

I am creating EC2 instances in my default public VPC, yet i am not able to ssh or http to my instance or webserver running into the machine. I checked the following

• The SG has inbound SSH, HTTP and HTTPS allowed from 0.0.0.0/0 and assigned to my instance
• the default VPC, has route tables with 0.0.0.0/0 pointed to IGW
• the NACLs are configured to Allow all traffic. i also manually updated to allow only HHTP, HTTPS and SSH
• the Key is use has been given the right permission by running chmod 400 filename

Despite all this not able to connect to the EC2 instance, AMI being Amazon Linux 2 AMI

When I try to ssh, i get a connection timeout error after a while, initially, i thought it was my office network but I am also getting the same from my home network with no firewalls in place

Answer 1

To allow an SSH connection, you will need:

• An Amazon EC2 instance running Linux launched in a public subnet (defined as having a Route Table that directs 0.0.0.0/0 to an Internet Gateway)
• A Security Group permitting Inbound access on port 22 (Outbound configuration is irrelevant)
• Network ACLs left at their default settings of Allow All in both directions
• A Public IP address associated with the instance

From your descriptions, I would say that the problem is probably with the Outbound NACLs. Return traffic from an SSH session goes back to the source port on the initiating server, which is not port 22. In general, only change the NACLs if you have a specific reason, such as creating a DMZ. I recommend you reset the NACL rules to Allow All traffic in both directions.