Hi all
I have an AWS VPC setup using "Private" subnets only and a Site-To-Site VPN configured to a Meraki Z3C teleworker gateway on my home network.
I have an EC2 instance connected to the VPC connected via the VPN and it has all traffic allowed via security groups. I can ping my local device (home network) from the AWS EC2 instances without issue, but when I try to ping the AWS EC2 instances from my Local device (home network) it fails with request timed out.
I did have this working and pinging both ways originally but I rebuilt environment and it no longer works now (typical I know!).
I have added layer 3 firewall rules to allow both TCP and UDP from any source to any destination on any port inbound (not ideal of course) but trying to get a successful ping.
I'm sure I'm missing something simple but cannot see the wood for the trees as to what I need to do.
Local windows firewall on local device also allowing ICMPv4 all inbound.
Please all advice is welcomed and hopefully will ease my pain a little!
thanks in advance
Nitrox
Solved! Go to solution.
>but when I try to ping the AWS EC2 instances from my Local device (home network) it fails with request timed out.
From my experience, the #1 issue is a host-based firewall, like Windows firewall. Check for a host-based firewall on your EC2 instance.
But can you access other EC2 resources? Because not being able to ping does not mean there is a communication problem. It could simply be the system firewall.
I'm able to RDP to the EC2 instance from local machine/local network without issue but I could ping instances in the past which is what is confusing me now. Even if I turn the Windows firewall off on the local device it still will not get a response via ping from EC2.
>but when I try to ping the AWS EC2 instances from my Local device (home network) it fails with request timed out.
From my experience, the #1 issue is a host-based firewall, like Windows firewall. Check for a host-based firewall on your EC2 instance.
Absolutely correct it was the local Windows Firewall on the EC2 instance as you suspected and has left me feeling rather embarrassed as I should have checked this!
I just didn't recall adding a rule for ICMPv4 on EC2 when it originally worked.
Thanks for the replies.
Strange that I asked you the same thing and you said that you had already disabled the Windows Firewall.
🤔
I'm reading that firewall was disabled on the local device but not the remote device. OP response to your question saying they had disabled the firewall on their local device.