My Firewall is responding to pings (ICMP echos) even though all settings in the firewall show that it shouldn't.

Based on your issue, I have some recommend suggetion you should try and let me know the answer :

1. Verify What Rules Are Applied

Even though Windows Firewall by default blocks inbound ICMP Echo Requests on private/public networks, it allows them on domain networks. Let’s check what's going on.

Run this in PowerShell (as admin):

Get-NetFirewallRule -DisplayName "*File and Printer Sharing (Echo Request - ICMPv4-In)*"

=> This will list all inbound ping-related rules. Look for any "Enabled: True" and "Action: Allow" entries.

2. Disable Ping (ICMPv4-In) Rule Explicitly

You can disable the rule even if it’s active (some programs may enable it again silently).

PowerShell (as admin):

Disable-NetFirewallRule -Name "FPS-ICMP4-In"

Or to block instead of disable, run:

New-NetFirewallRule -Name "BlockICMPv4In" -Protocol ICMPv4 -IcmpType 8 -Direction Inbound -Action Block -DisplayName "Block ICMPv4 Echo Request" -Enabled True

3. Confirm Firewall Profile & Network Type

Check if you're on a Private, Public, or Domain network — the active profile affects the firewall behavior. Run on powershell as Admin

Get-NetConnectionProfile

If it's DomainAuthenticated, that would explain why pings are allowed — domain profiles allow ICMP Echo by default.

4. Check for Conflicting Rules

Make sure no third-party antivirus/firewall is overriding your rules (like McAfee, Norton, etc.). These can silently allow ICMP.

Also check for local group policies, even though Windows 11 Home doesn't have gpedit by default — some registry settings can emulate the same.

5. Reboot & Test Again

After making the changes, reboot to ensure no conflicting cached rules persist.

Then test ping from another machine, not locally.

6. Block ICMP via Advanced Firewall Settings

• Open Windows Defender Firewall with Advanced Security (wf.msc)
• Go to Inbound Rules
• Find all entries named:
  • File and Printer Sharing (Echo Request - ICMPv4-In)
• Disable or block them for all profiles.

Hi RWT-6546,
Thank you for reaching out Microsoft Answers. I'm sorry to hear you're dealing with this frustrating issue on Windows 11 Home. By default, Windows Defender Firewall is configured to block inbound ICMP echo requests (pings) on most network profiles for security reasons, but sometimes misconfigurations, network profile settings, or other factors can allow responses.

Since you've already added manual rules and the issue persists, we’ll need to dig a bit deeper. To help troubleshoot further, could you share:

• How you're testing the pings
• Your current network type (Public or Private)
• Whether you're using IPv4 or IPv6
• Screenshots of your relevant firewall rules

This information will help narrow down the cause and guide the next steps.

In the meanwhile, please follow the below steps to troubleshoot further:

Step 1: Verify Firewall is Enabled and Check Network Profile

1. Open Windows Defender Firewall:
   • Search for "Windows Defender Firewall" in the Start menu and open it.
   1. Check the status:
      • Ensure it's turned on for your active profile (Domain, Private, Public). If off, turn it on.
2. Check your network profile:
   • Go to Settings > Network & Internet > Properties (for your connection, e.g., Wi-Fi or Ethernet).
   • Under "Network profile type," see if it's Public (should block pings by default) or Private (might allow them).
   • If it's Private and you don't need sharing, switch to Public: Set it to "Public network" (this makes it more restrictive).

Test pings again after this. If still responding, proceed the next step.

Step 2: Check and Remove Any Allowing ICMP Rules

Windows might have a default or accidental rule enabling ICMP.

1. Open Advanced Firewall Settings:
   • In Windows Defender Firewall, click "Advanced settings" on the left (or search for "Windows Defender Firewall with Advanced Security").
2. Go to Inbound Rules:
   • In the left pane, click "Inbound Rules."
   • Sort by Name or Group, and look for rules related to "File and Printer Sharing (Echo Request - ICMPv4-In)" or "Core Networking Diagnostics - ICMP Echo Request (ICMPv4-In)". There might also be IPv6 versions (ICMPv6-In).
   • If any are enabled (green checkmark) and apply to your profile (check the "Profile" column), right-click > Disable Rule (or Delete if you're sure).
3. Check for custom rules:
   • Search for "ICMP" in the rules list. Disable/delete any that allow inbound ICMP.

Test pings. If still an issue, move to creating explicit block rules.

Step 3: Add Explicit Block Rules for ICMP (IPv4 and IPv6)

Even if defaults should block, explicitly blocking can override issues. We'll create rules that take precedence.

1. In Advanced Firewall Settings > Inbound Rules:
   • Right-click "Inbound Rules" > New Rule...
2. Create a rule for IPv4:
   • Rule Type: Custom > Next.
   • Program: All programs > Next.
   • Protocol and Ports: Protocol type = ICMPv4 > Customize... > Check "Echo Request" (code 8, or All ICMP types if you want to block everything) > OK > Next.
   • Scope: Any IP address (or specify if needed) > Next.
   • Action: Block the connection > Next.
   • Profile: Check all (Domain, Private, Public) > Next.
   • Name: "Block Inbound ICMPv4 Echo" > Finish.
   1. Repeat for IPv6:
      • Same steps, but Protocol type = ICMPv6 > Customize... > Echo Request.
        • Name: "Block Inbound ICMPv6 Echo".
        1. Ensure these new rules are at the top:
           • In Inbound Rules, right-click your new rules > Properties > Advanced tab > Move them up in priority if needed (rules are evaluated top-down).

Restart your PC (or run net stop mpssvc && net start mpssvc in an admin Command Prompt to restart the firewall service). Test pings.

Step 4: Advanced Troubleshooting

If it's still responding:

• Disable IPv6 Temporarily (if pings are IPv6-based):
  • Settings > Network & Internet > Advanced network settings > Network adapters > Right-click your adapter > Properties > Uncheck "Internet Protocol Version 6 (TCP/IPv6)" > OK.
    • Test, then re-enable if needed.
• Check for Router/ISP Response:
  • Your router might be responding to pings on behalf of your PC (ICMP redirect or NAT). Test by disabling your router's ping response (log into router admin, e.g., 192.168.1.1, and look for "Respond to Ping on WAN" or similar—disable it).
  Use tracert <your_external_IP> from another device to confirm if the response is from your PC or upstream.
• Run Network Troubleshooters: Settings > System > Troubleshoot > Other troubleshooters > Run "Internet Connections" and "Network Adapter."
• Reset Firewall to Defaults:
  • In Windows Defender Firewall > Click "Restore defaults" on the left. This wipes custom rules—re-add your blocks after.
    • Or via Command Prompt (admin): netsh advfirewall reset.
• Check for Malware or Conflicts:
  • Run a full scan with Windows Security (Search > "Virus & threat protection" > Scan options > Full scan).
    • If you have VPN software, disable it—some enable ICMP for diagnostics.
• Command-Line Verification:
  • In admin Command Prompt, run:
    netsh advfirewall firewall show rule name=all | findstr ICMP to list ICMP rules.
    • To block via command: netsh advfirewall firewall add rule name="BlockICMPv4" dir=in protocol=icmpv4:8,any action=block
    • (For IPv6: protocol=icmpv6:128,any).

If Nothing Works

• Seek More Help: If it persists, provide the output of ipconfig /all (redact sensitive info) and netsh advfirewall show allprofiles. You could also post on Microsoft Community forums with these details.
• Capture Diagnostics: psping -accepteula <your_IP> -i 0.5 -n 100 > pinglog.txtAttach the log for analysis.

This should resolve it in most cases—Windows 11's firewall is robust, but profiles and overrides can trip it up. Let me know how it goes or if you hit snags!

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".  

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Warm regards,

Clary | Microsoft Q&A Support Specialist