Issue
- Created a VPC that is attached to VPN Tunnel. Made sure DNS Resolution and DNS Hostname to true
- Created a subnet (private) with auto-assign public ip to true
- Created Security Group that has inbound rule to allow SSH at port 22
- Launched an Amazon Linux image using VPC (As defined in 1) and subnet (as defined in 2) and chose security group (as in 3) and existing key pair (for which I have the private key).
- When I am trying to ssh to this instance using putty and entering public-ip ; I am getting connection refused.
Solution
So, it sounds like your network looks like this:
(source: amazon.com)
Things to consider:
- The Auto-Assign Public IP Address setting should only be assigned to public subnets, so turn it off.
- There is no need to assign a Public IP address since the instance is not connected to the Internet via an Internet Gateway. Instead, connect to the instance via its Private IP address.
- Ensure that the Security Group associated with the EC2 instance is permitting inbound SSH (port 22) traffic either from
Anywhere, or from an IP address range that matches where you are coming from (on the other end of the VPN connection). - Ping is disabled by default in Security Groups. To enable it, add
ICMPfromAnywherein the Inbound rules. - Confirm that it is a Linux instance (Windows does not support SSH)
- Convert the private keypair into a
PPKfile for use with PuTTY - In PuTTY, select the PPK file under SSH/Auth
- Use a username of
ec2-userwhen connecting to the server
Answered By - John Rotenstein Answer Checked By - Mildred Charles (WPSolving Admin)