My Source security group isn t working in AWS Not sure if problem with port or node

0 votes
I have created an EC2 node: *node1 is security group SG1*
As in documents, it must be accessible from another EC2 node i.e., node2 (security group SG2) on port 9200.
Problem is: Whenever I try to add an inbound rule in SG1 using port 9200 & using SG2 as a source into the Custom IP section, I am not able to access node1 from node2.
Apart from that, if I am trying to specify an inbound rule in SG1 with source as 0.0.0.0/0 or IP of node2, it works fine.

Is there something wrong with my process ? or is it a universal problem?
May 2, 2018 in AWS by Cloud gunner
• 4,650 points
1,281 views
Hey @Cloud gunner,

how did you solve this?

Hi@Naltlk,

If you are facing the same issue, then the most common mistake we do that we use the private IP instead of public IP.

1 answer to this question.

0 votes
Did you try to connect to node1's public or private address as mentioned in the documentation:

When you specify a security group as the source or destination for a rule, the rule affects all instances associated with the security group. For example, incoming traffic is allowed based on the private IP addresses of the instances that are associated with the source security group.
(From Documentation)
I've been a victim of this problem before while trying to connect to an EC2 instance's public address, it sounds quite similar to your setup, actually.

When you'll connect the inbound rule so that a source is a security group, you must communicate with the source instance's private address.

Some things to be aware of:

In EC2 Classic, private IP addresses can change on stop/start of an EC2 instance. If you're using EC2 classic you may want to look into this discussion on Elastic DNS Names for a more static addressing solution.
If you set up your environment in VPC, private IP addresses are static. You can also change security group membership of running instances.
answered May 2, 2018 by Flying geek
• 3,260 points

Related Questions In AWS

0 votes
1 answer

if instance is a part of some AutoScaling Group in AWS or not ?

You can run this command below on ...READ MORE

answered Jun 1, 2018 in AWS by Cloud gunner
• 4,650 points
318 views
0 votes
1 answer

not able to delete a security group for my Amazon VPC in AWS?

Hi@akhtar, When you try to delete that security ...READ MORE

answered Mar 18, 2020 in AWS by MD
• 95,140 points
427 views
0 votes
1 answer

How to create a security group in AWS with Boto3?

Hi@akhtar, You can create a new security group ...READ MORE

answered Oct 10, 2020 in AWS by MD
• 95,140 points
502 views
+1 vote
10 answers
+2 votes
1 answer

Deploy Docker Containers from Docker Cloud

To solve this problem, I followed advice ...READ MORE

answered Sep 3, 2018 in AWS by Priyaj
• 58,100 points
1,127 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 26, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
1,044 views
+1 vote
4 answers

How do I cache my images which are stored in Amazon S3?

when caching ec2 instance these can be ...READ MORE

answered Oct 23, 2018 in AWS by Nabarupa
5,571 views
0 votes
1 answer

Is it possible to stop nodes in AWS ElastiCache cluster

At this time there is not a ...READ MORE

answered Jun 20, 2018 in AWS by Flying geek
• 3,260 points
1,097 views