Unable to Connect to a Port on EC2 Windows Instance? We can help you.
Here, at Bobcares, we assist our customers with several AWS queries as part of our AWS Support Services.
Today, let us see how we can resolve this issue.
Unable to Connect to a Port on EC2 Windows Instance
The following issues can prevent a connection to an EC2 Windows instance on a specific port:
- The service that uses the port does not run on the instance.
- Windows Firewall blocks traffic to the port.
- Security group blocks traffic.
- Network access control lists (ACLs) blocks traffic.
- Incorrect routes in the route table or local Windows routes.
How to fix this?
To identify the source of the connectivity issue, our Support Techs suggest the steps below:
1. Initially, we verify that the application runs properly and listens to the correct network port. If it is stopped, we need to start it.
EC2 Windows instance needs to host an application or service that listens on the specified port to accept traffic on a port.
To display active connections and ports, we run the netstat command from the EC2 Windows instance hosting the service.
2. Then, we perform a port test using Telnet or Test-NetConnection locally.
In a command prompt, we enter:
telnet <Private IP> <port number>
In Windows PowerShell, we enter:
tnc <Private IP> -port <port number>
This is to confirm that the port can connect locally.
Suppose, the port test fails. Then we check the antivirus and security software on the instance.
Here, we set up an allow list for the application or service on the antivirus or security software, and then test again.
3. After that, we repeat the above step using a different instance.
If possible, we choose an instance on the same subnet.
However, if this also fails, the issue might be with the Operating System or EC2 instance configuration.
Troubleshoot OS issues
In this case, we verify Windows Firewall or other security software that runs on the instance allows the required port.
Troubleshoot EC2 instance configuration issues
- Initially, we ensure the security groups allow inbound or outbound traffic on the specified port.
- Then we verify network ACLs have rules to allow inbound or outbound traffic on the specified port.
- After that, we check the route table to determine if there is a route from the source and destination EC2 Windows instance.
[Stuck with the troubleshooting? We are here for you]
In short, we saw how our Support Techs fix and troubleshoot Port issues on EC2 Windows Instance.