Why can't I ping my freshly set up amazon web service EC2 instance?

I was following this tut on how to set up a EC2 instance on Ubuntu but qhen trying to execute ssh command on my IP address, I had an operation Timeout.

So I tried to ping it but no chance neither. got Request timeout

Any idea what to do to make it working ? Status is green on my dashboard.

Thanks !


AWS security groups block ICMP (including ping, traceroute, etc.) by default. You need to explicitly enable it.


You need to add a rule to the security group of your server:

In EC2 Dashboard, on "Security Groups", select the group of your instance, click on the "Inbound" tab, select "Custom ICMP rule" in the Type field select "Echo Request" and click "Add Rule".


What you need to do is that you need to add a rule to the security group. Steps Given below.

  1. Go to EC2 Dashboard and click "Running Instances"
  2. on "Security Groups", select the group of your instance which you need to add security.
  3. click on the "Inbound" tab
  4. Click "Edit" Button (It will open an popup window)
  5. click "Add Rule"
  6. Select the "Custom ICMP rule - IPv4" as Type
  7. Select "Echo Request" as the Protocol (Port Range by default show as "N/A)
  8. Enter the "0.0.0.0/0" as Source
  9. Click "Save"

This will add the new entry. Once above configuration is done, you should be able to ping your freshly set up amazon web service EC2 instance.


In security group from AWS console you need to allow port 22 and by default ICMP is blocked on AWS , so if you want to enable ping you need to allow ICMP too.


If you want to allow ICMP using AWS CLI, here you go:

$ # Create a security group
$ aws ec2 create-security-group --group-name icmp-sg-1 --description 'icmp security group'

$ # Modify sec group to allow ICMP from everywhere
$ aws ec2 authorize-security-group-ingress --group-id <sg-id of icmp-sg-1> --protocol icmp --port -1 --cidr 0.0.0.0/0

$ # Now attach the sec group to a new/existing instance

It is to be noted that --port refers to ICMP type. Ref: http://docs.aws.amazon.com/cli/latest/reference/ec2/authorize-security-group-ingress.html