Earlier this week, Kay Howe and I are trying to troubleshoot the connectivity between the server and the client and we realised that we cant ping the ip from command prompt but we were *so certain* that there is nothing that is blocking it and the LAN are connected properly. After some struggle, we realise that Windows Firewall does not allow incoming ICMP Echo messages, and therefore the computer cannot send an ICMP Echo Reply in response.
Allowing incoming ICMP Echo messages in Windows Firewall will allow others to ping your computer but note that your server might then be vulnerable to attackes that make uses of ICMP Echo messages like Ping Flood. Do disable it when you dont need them.
To enable ICMP Echo messages, enable the inbound custom rules to allow ICMPv4 and ICMPv6 Echo Request packets.
1. Go to Control Panel
2. Go to System and Security
3. Select Windows Firewall
4. Select Inbound Rules
5. Under File and Printer Sharing (Echo Request – ICMPv4-In) , right click on it and enable rules.
6. Under File and Printer Sharing (Echo Request – ICMPv6-In) , right click on it and enable rules.
Afterwhich, you should be able to ping the server, its recommended that you disable the rule after use.
1 Comment
Brian Dao
30 May 2012You can fine tune the rule to only allow Echo Requests from certain computers and/or IP ranges. With that said, unless you have some other devices like a dedicated firewall or router blocking ICMP traffic, your server will still receiving incoming ping requests - Windows Firewall can drop them or processing them according to the rules setup.