This topic describes how to connect to an Elastic Compute Service (ECS) instance and how to resolve the issue that you cannot connect to an ECS instance.
Tools used to connect to ECS instances
Various tools can be used to connect to ECS instances, such as Workbench, Virtual Network Computing (VNC), and third-party client tools. To select an appropriate tool to connect to an ECS instance from an on-premises device, consider multiple factors, such as the operating system of the instance, the operating system of the on-premises device, and the operations that you want to perform on the instance.
For more information, see Connection methods.
Troubleshoot an error that occurred during a connection to an ECS instance
If an error occurs during a connection to an ECS instance, perform the following steps to troubleshoot the error.
If you want to immediately log on to the instance, perform the operations that are described in Step 4: Manage the instance by using Cloud Assistant or log on to the instance by using VNC.
Step 1: Check network connectivity
Run the following command on your on-premises device to ping your instance and check the network connectivity between your on-premises network and the instance:
ping [$ECS_IP]Set [$ECS_IP] to the public IP address of the instance.
Select a solution based on the check result.
Check result | Solution |
The instance can be pinged. | This indicates that a network connection can be established from your on-premises network to the instance. Perform the operations that are described in Step 2: Check the instance port that is used for connections. |
The instance can be pinged and packet loss occurs. | The packet loss may be caused by fluctuations in the intermediate network between your on-premises network and the instance. Select a different on-premises network or a different time range to perform the connectivity check. You can also use ping commands and the MTR tool to identify the cause of the issue. For more information, see How do I test links when packet loss or connection failures occur after a ping command is run? |
The instance cannot be pinged. | This issue may be caused by various reasons, such as a non-Running state of the instance and firewall settings. Perform troubleshooting based on the cause until you can ping the instance. For more information, see What do I do if the public IP address of an instance cannot be pinged? Note If you configured security group rules, access control settings, or system tools such as the firewall to prevent the instance from being pinged, ignore this issue and perform the operations that are described in Step 2: Check the instance port that is used for connections. |
Step 2: Check the instance port that is used for connections
If a network connection can be established from your on-premises network to the instance, run the following command to check whether the instance port used for connections is reachable:
telnet [$ECS_IP] [$Port]Set [$ECS_IP] to the public IP address of the instance.
Set [$Port] to the port number that is used for connections. On Linux instances, port 22 is used for connections by default. On Windows instances, port 3389 is used for connections by default. If you changed the port number that is used for connections, set [$Port] to the new port number.
If your on-premises device runs a Windows operating system and no Telnet tools are installed on the device, install a Telnet tool on the device before you proceed. For information about how to install a Telnet tool on a Windows device, see Enable the telnet command in Windows.
Select a solution based on the check result.
Check result | Solution |
The port is reachable. | This indicates that the network and connection services work as expected. Perform the operations that are described in Step 3: Check the error message. |
The port is not reachable. | This issue may occur because security group rules or firewall settings deny access to the port or because the Remote Desktop Protocol (RDP) or SSH service is not running. To resolve the issue, perform the operations that are described in What do I do if I can ping an instance but I cannot ping a port of the instance? |
Step 3: Check the error message
If a network connection can be established from your on-premises network to the instance and the instance port that is used for connections is reachable, connect to the instance. If you still cannot connect to the instance, an error message appears. Troubleshoot the issue based on the error message. We recommend that you search for the error message in a search engine to identify the issue that must be resolved.
If you cannot resolve the issue, run commands on the instance by using Cloud Assistant or log on to the instance by using VNC when the instance is in the Running state. For more information, see Step 4: Manage the instance by using Cloud Assistant or log on to the instance by using VNC.
Step 4: Manage the instance by using Cloud Assistant or log on to the instance by using VNC
If you cannot resolve the connection issue, we recommend that you send commands on the instance by using Cloud Assistant or log on to the instance by using VNC when the instance is in the Running state. For information about how to check the status of the instance, see View instance information.
Use Cloud Assistant to send commands to the instance
Log on to the ECS console.
In the left-side navigation pane, choose Instances & Images > Instances.
On the Instances page, find the instance and click Connect in the Actions column. In the Connection and Command dialog box, click Send Remote Commands in the Send Remote Commands (Cloud Assistant) section.
Enter commands and click Run to run the commands on the instance without the need to log on to the instance.
For more information about Cloud Assistant, see Cloud Assistant overview.
Use VNC to log on to the instance
Log on to the ECS console.
In the left-side navigation pane, choose Instances & Images > Instances.
On the Instances page, find the instance and click Connect in the Actions column. In the Connection and Command dialog box, click Connect in the VNC Connection section.
Enter the VNC password to connect to the instance.
For information about the VNC feature, see Connect to a Linux instance by using a password.
NoteThe first time that you connect to the instance by using VNC or if you forget the VNC password, click Reset VNC Password to reset the VNC password, and then try again.
After you connect to the instance by using VNC, enter the username and password of the instance to log on to the instance. If you forget the password of the instance, reset the password. For more information, see Reset the logon password of an instance.