Unable to connect by RDP with newly created instance

3

I've just created windows instance (Windows_Server-2016-English-Full-Base-2017.01.11 (ami-6e833e0e) but cannot connect to it.

It has security group that allows all connections from all ports:

security group

I've checked also VPC's routing table - it has internet gateway and subnet is added to the routing table:

routing tables

Yet, I'm totally unable to connect:

rdesktop ec2-************.us-west-2.compute.amazonaws.com:3389

ERROR: ec2-************.us-west-2.compute.amazonaws.com: unable to connect

Also I've tried on windows machine (that also uses different internet connection) - there were also unable to connect error message shown

I've tried to follow all amazon's manual on how to troubleshoot connection issues - nothing helped. Screenshot is showing that it's on login stage, so suggest internet connection issue but wasn't able to find anything wrong using all recommendations there.

Moreover, nmap is showing that there are 2 ports opened only:

PORT    STATE SERVICE
135/tcp open  msrpc
445/tcp open  microsoft-ds

I run multiple linux instances where don't have any problems connecting to multitude of different services - only windows instances and RDS have such issue

Is there something I'm missing with RDP connection on windows instances? Thank you in advance!

Handsome Jack

Posted 2017-03-07T20:02:18.713

Reputation: 31

RDP doesn't work out of the box. You must enable it in the Windows server instance first. That will also open the required firewall port (3389). – Tonny – 2017-03-07T20:09:47.167

How is is suppose to be done with no access to windows server instance? – Handsome Jack – 2017-03-07T20:22:09.030

I never used AWS. So I have no idea how that is supposed to work in your case. But normally a fresh Windows install doesn't have RDP enabled. – Tonny – 2017-03-07T21:01:27.030

Is that an Amazon AMI for Windows? They have the RDP enabled. I would not use own ones. Especially since you need to care about cloudinit and licensing. – eckes – 2017-03-08T22:31:50.677

Answers

1

Check the following link. I ran into the same problem and this helped. https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ami-create-standard.html

Basically you'd need to log in to the instance that you'd like to create an AMI from. Follow the steps below:

To run Sysprep using the EC2Launch Settings application

In the Amazon EC2 console, locate or create a Windows Server 2016 AMI.

Launch a Windows instance from the AMI.

Connect to your Windows instance and customize it.

Search for and run the EC2LaunchSettings application. It is located in the following directory by default: C:\ProgramData\Amazon\EC2-Windows\Launch\Settings.

Select or clear options as needed. These settings are stored in the LaunchConfig.json file.

For Administrator Password, do one of the following:

Choose Specify and type a password that meets the system requirements. The password is stored in LaunchConfig.json as clear text and is deleted after Sysprep sets the administrator password. If you shut down now, the password is set immediately. EC2Launch encrypts the password using the user's key. => I provided the same password here of this instance

Choose Shutdown with Sysprep.

The EC2 instance will shut down after this, you can create the AMI and launch the instance from this and it will work after this

Sapna

Posted 2017-03-07T20:02:18.713

Reputation: 11

Asked: 2017-03-07T20:02:18.713

Viewed: 712 times

Active: 2018-08-17T20:32:48.377