LCSLouisJJames
asked on
Can't Access Ports to Amazon EC2 Instance Even Though Defined in Security Group
I have an Amazon EC2 Windows 2008 R2 Instance created. Attached to the Instance is a Security Group with the following rules:
*.- HTTPS : TCP / 443 / 0.0.0.0/0
*.- HTTPS : TCP / 443 / 0.0.0.0/0
*.- HTTP: TCP / 80 / 0.0.0.0/0
*.- RDP: TCP / 3389 / 0.0.0.0/0
*.- Custom TCP Rule: TCP / 8040 - 8041 / 0.0.0.0/0
*.- Custom TCP Rule: TCP / 5931 / 0.0.0.0/0
I also went into the Instance and opened the same ports in Windows Firewall (Advanced Settings) for all Zones. In fact, at one point, I DISABLED THE WINDOWS FIREWALL.
However, in each case (ports opened or Windows Firewall Disabled), I can't access some of the ports. For example, port 80, 443, etc.
I used www.canyouseeme.org to test the ports to no avail and of course the applications (web server, etc) would not work.
I even created a new security group without success.
THE SAME SECURITY GROUP is used for another instance and it works great. I've stopped the first instance and ONLY had the second instance running but still no luck.
Any thoughts would be most appreciated.
*.- HTTPS : TCP / 443 / 0.0.0.0/0
*.- HTTPS : TCP / 443 / 0.0.0.0/0
*.- HTTP: TCP / 80 / 0.0.0.0/0
*.- RDP: TCP / 3389 / 0.0.0.0/0
*.- Custom TCP Rule: TCP / 8040 - 8041 / 0.0.0.0/0
*.- Custom TCP Rule: TCP / 5931 / 0.0.0.0/0
I also went into the Instance and opened the same ports in Windows Firewall (Advanced Settings) for all Zones. In fact, at one point, I DISABLED THE WINDOWS FIREWALL.
However, in each case (ports opened or Windows Firewall Disabled), I can't access some of the ports. For example, port 80, 443, etc.
I used www.canyouseeme.org to test the ports to no avail and of course the applications (web server, etc) would not work.
I even created a new security group without success.
THE SAME SECURITY GROUP is used for another instance and it works great. I've stopped the first instance and ONLY had the second instance running but still no luck.
Any thoughts would be most appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Firstly, color me stumped. I have good news and bad news?
When I went through your EXCELLENT GUIDE. everything was setup correctly. It should have worked. But I was getting failures. However, I believe I understand what happened.
I was using RDC to connect to the server. There I would test the ports (with the software installed) using sites like www.canyouseeme.org and www.yougetsignal.com. Each time the test failed and I was told the ports were closed.
However, running the application seem to suggest it was working.
ONCE I INSTALLED A DIFFERENT REMOTE CONNECTION SOFTWARE (like screenconnect) which allows me to remove to the desktop (and not like Terminal Services), those tests worked.
So in the essence, I was fooled into thinking the ports were closed.
In the end, success and thank you for your kind help.
Louis