Why can't my EC2 instance connect to the internet using an internet gateway?

Last updated: 2019-08-29

My Amazon Elastic Compute Cloud (Amazon EC2) instance has a public IP address, but can’t access the internet. How can I fix this? 

Resolution

First, verify that the following conditions are met:

  • The route table in the instance’s subnet has a default route to an internet gateway.
  • The security group attached to the instance’s elastic network interface must allow outbound traffic on the following ports:
    Port 80 for HTTP traffic
    Port 443 for HTTPs traffic
  • Identify the network access control lists (ACLs) that are associated with the subnet that the instance is located on. These network ACLs must have rules to allow inbound and outbound traffic on ports 80 and 443.

If all conditions are met and there are still internet connectivity issues, try the following:

  • Test that the site or location is accessible from a known working instance or device.
  • Verify that any firewall devices or software allow traffic over HTTP or HTTPs. The following commands add inbound firewall rules.
    For Windows Server default firewalls, run the following command:
netsh advfirewall firewall add rule name="Open Port <port number>" dir=in action=allow protocol=TCP localport=<port number>

For Linux servers (CentOS, RHEL 7+), run the following command:

sudo firewall-cmd --zone=public --add-port=<port number>/tcp --permanent
sudo firewall-cmd –reload