Share via

Can't ping PC when Firewall up when inbound rule enabled

Admin 0 Reputation points
2023-05-13T18:04:28.2666667+00:00

Hi,

I'm trying to ping a PC on my network. When I disable Windows Defender I can ping the machine.. I tried enabling the 3 rules File and Printer Sharing (Echo Request - ICMPv4-In). When this didn't work I created a rule manually to allow connections from all IP addresses on all networks. I finally tried netsh advfirewall firewall add rule name="ICMPv4 Allow Ping Requests" protocol=icmpv4:8,any dir=in action=allow and still couldn't ping the PC

I turned off Windows defender again and I could ping the device.

I followed the instructions in https://www.wintips.org/how-to-allow-ping-in-windows-firewall/

Edit:

Ping requests only get through when I turn off the firewall on public networks.

The other PC is connected using an ethernet cable with which I am sharing my internet through. When I look at the connection on both PC's it says that it is a private network. So why would turning off the firewall on private networks have no affect? The is only 2 computers. My laptop and a PC running windows server 2019. I can't ping from Windows server to my laptop. The pc's are not joined in a domain.

Any ideas?

Edit 3

I have resolved the issue by adding an OUTBOUND rule to all ICMPv4 pings on the device being pinged (my laptop). Very strange.

Windows for business | Windows Client for IT Pros | User experience | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Konstantinos Passadis 19,591 Reputation points MVP
    2023-05-13T19:15:54.4966667+00:00

    Hello @Admin!

    I think this article will help , assuming you are on a Corporate Network with AD and GroupPolicies in place

    https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication

    This procedure shows you how to add exemptions for any network traffic that uses the ICMP protocol.

    Administrative credentials

    To complete this procedure, you must be a member of the Domain Administrators group, or otherwise be delegated permissions to modify the GPOs.

    To exempt ICMP network traffic from authentication

    Open the Group Policy Management Console to Windows Defender Firewall with Advanced Security.

    On the main Windows Defender Firewall with Advanced Security page, click Windows Defender Firewall Properties.

    1. On the IPsec settings tab, change Exempt ICMP from IPsec to Yes, and then click OK.

    Of course if you could provide more details on the setup we may be able to find the exact cause and the solution that fits.

    As i said this is assuming you are on an Active Directory Schema

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

    0 comments
  2. Konstantinos Passadis 19,591 Reputation points MVP
    2023-05-14T15:31:59.44+00:00

    Hello @Admin !

    Since there is no AD for some reason the connection from your laptop to the Windows Server 2019 PC is being classified as a public network by the Windows Firewall, which is why turning off the firewall for public networks allows the ping to get through.

    I suggest you create a rule to allow ICMP for Public Networks with only the source of Win2019 so you can ping the PC

    There is also great possbility to not receiving back the ICMP replies on the Server so also try to add a rule on the Server Machine to accept traffic from the PC IP address or the network of it

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.