Here we can see, “Windows Firewall Allow Ping”
How to Enable ICMP (PING) through the Windows Firewall with Advanced Security using Group Policy
You will require the Group Policy Management Tools on Windows 7, Windows 8, Windows Server 2008, Windows, or Server 2012. These are a part of the Remote Server Administration Tools (RSAT) available from the Microsoft internet site.
To enable ICMP on computers using the Windows Firewall with Advanced Security (Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2012), please follow these instructions.
- Edit an existing Group Policy object or create a replacement one using the Group Policy Management Tool.
- Expand the pc Configuration/Policies/Windows Settings/Security Settings/Windows Firewall with Advanced Security/Windows Firewall with Advanced Security/Inbound Rules node.
- Check the Custom radio button and click on Next.
- Check the All Programs radio button and click on Next
- From the Protocol Type: sink list, select ICMPv4 and click on Customize…
- Check the All ICMP types radio button and click on OK.
- Note: If you would like to limit ICMP to specific types, Echo Request should be allowed as a minimum.
- You may prefer to restrict what IP addresses ICMP can and from or check the Any IP address radio buttons to permit all, then click Next.
- Check the Allow the Connection radio button and click on Next.
- Choose what profiles the rule will apply to. Check the Domain profile checkbox as a minimum and click on Next.
- Add a meaningful name the rule out the Name: field. Add an outline if desired and click on Finish to exit and save the new law.
- Make sure the Group Policy Object is applied to the relevant computers using the Group Policy Management Tool.
Configure the Windows firewall to allow pings
If you’ve got a Windows Firewall Allow Ping enabled, ping requests are blocked by default. This prevents the University Information Security Office (ISO) vulnerability scanners from functioning. To configure your firewall to permit pings, follow the proper instructions below.
You may be prompted for administrative access to finish these steps.
- Search for Windows Firewall, and click on to open it.
- Click Advanced Settings on the left.
- From the left pane of the resulting window, click Inbound Rules.
- Find the principles titled File and Printer Sharing (Echo Request – ICMPv4-In).
- Right-click each rule and choose Enable Rule.
If you employ a third-party firewall program or appliance, see Vulnerability Scanners.
Because each third-party firewall is uniquely configured, it’s impossible to hide all possible ways of enabling ping on all possible firewalls. However, you’ll use the following information to work out the form to configure your firewall:
- Many firewalls can exempt specific IP addresses or ranges from being blocked. Find the IP ranges for UISO scanners at Vulnerability Scanners.
- Some firewalls exempt specific protocols or services. In those cases, you want to enable ping. Some firewalls call the setting “ping” or “incoming ping.” Others ask it by its technical name, “ICMP Echo Reply.” Either way, allow this protocol.
- Many firewalls also offer options to permit specific ports to speak (do not confuse networking TCP ports with the physical serial, parallel, USB, or Ethernet ports). Don’t bother configuring those settings for the UISO scanner; only “ping” (ICMP_Echo_Reply) must be enabled, which doesn’t use ports. You’ll want to permit or deny specific ports for other reasons, but there’s no use to try to so for the UISO scanner.