You’ve set up a VPC with a couple of Instances that have public IP addresses. These EC2 Instances need to reach an external web server on port 443. The instances are unable to reach the web server. You have verified the following.
· An internet gateway is assigned to the VPC(10.0.0.0/16).
· The route table has a route for 0.0.0.0/0 to the Internet gateway.
· The Security Groups allow Outbound Traffic on port 443.
· The NACL allows Outbound Traffic on port 443 and Inbound Traffic for ephemeral ports.
Based on the above information, what could be the underlying issue?

Answer options:

A.You should not use the Internet gateway, instead use a NAT gateway for the routing of traffic.
B.The route table should have a route for 10.0.0.0/16 to the Internet gateway.
C.The route table is not having a route to the NAT gateway.
D.The external web server is blocking the requests.

Answer – D
All of the settings are right to ensure traffic can reach the external web server. In the end, the issue could be at the web server end and it is blocking traffic.
Option A is incorrect since NAT gateways should be used for Instances in private subnets.
Option B is incorrect since the route table is already correct.
Option C is incorrect since not having a route to the NAT gateway would not cause the underlying issue.
For more information on Amazon VPC, one can visit the below URL
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html