0

Very strange:

  • The public and private subnets are in the same VPC.
  • EC2 in private subnet uses a security group that opens up 0-65535 to 0.0.0.0/0. So does its network ACL.
  • I can RDP from the public subnet EC2 into the private subnet EC2.
  • I can ping between private subnet EC2 instances.
  • But I just can't ping from the public subnet EC2 to the private subnet EC2.
  • 1
    Can you disable the windows firewall and try. It is possible the windows firewall is not allowing ICMP traffic. – helloV Jul 03 '17 at 07:34
  • 1
    Why do you want to Ping? Isn't the ability to RDP proof enough of connectivity? – John Rotenstein Jul 03 '17 at 08:03
  • I don't have to ping, but not able to ping is an indication of something wrong - I also can't mount a private subnet file gateway from a public EC2 instance. If the EC2 instance is in the same private subnet then I can mount the file gateway. So something is not right. –  Jul 03 '17 at 08:35
  • 1
    Questions on professional server- or networking-related infrastructure administration are off-topic for Stack Overflow unless they directly involve programming or programming tools. You may be able to get help on [Server Fault](http://serverfault.com/about). – Raf Jul 03 '17 at 08:45
  • Possible duplicate of [Cannot ping AWS EC2 instance](https://stackoverflow.com/questions/21981796/cannot-ping-aws-ec2-instance) – Bojoer Jul 27 '17 at 00:59

1 Answers1

0

Worked out why: the network ACL doesn't have an outbound allowance for ICMP.