Enable ICMP protocol on Playfab Azure Virtual Machine

Kytan 11 Reputation points
2022-07-14T17:16:31.16+00:00

How can I enable the ICMP protocol on my Multiplayer Server that is using the Playfab Azure Virtual Machine? I need to be able to ping the IP address of that Server, Thanks in advance!

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,353 questions
{count} votes

1 answer

Sort by: Most helpful
  1. kobulloc-MSFT 26,331 Reputation points Microsoft Employee
    2022-07-14T21:45:05.153+00:00

    Hello, @Kytan !

    How do I enable ping (ICMP echo) on an Azure VM?
    These are steps taken from a blog by Microsoft's Thomas Maurer (steps have been reproduced and truncated):
    https://www.thomasmaurer.ch/2019/09/how-to-enable-ping-icmp-echo-on-an-azure-vm

    Note:
    Assigning a public IP address to a virtual machine is a security risk so if you choose to do this, make sure you are comfortable in addressing and mitigating that risk. Azure Just-in-Time VM Access (JIT) and Azure Bastion are two features worth looking at for limiting exposure.

    Blocked by default
    Azure blocks and denies all inbound public traffic by default, including ICMP traffic. This is good as it improves security by reducing the attack surface. We'll need to allow specific ports and protocols in order to ping our VM.

    220828-image.png

    Step 1: Configure the Network Security Group (NSG) to allow ICMP traffic
    In the portal, you'll need to add a new inbound port rule to allow ICMP:

    1. In your VM resource, go to Settings > Networking and click on Add inbound port rule (see previous screenshot)
    2. Set Protocol to ICMP
    3. Make sure your priority is set low enough to override any rules that may block access
    4. Click on Add

    220866-image.png

    Alternatively, you can use PowerShell:

    Get-AzNetworkSecurityGroup -Name "AzureVM-WIN01-nsg" | Add-AzNetworkSecurityRuleConfig -Name ICMP-Ping -Description "Allow Ping" -Access Allow -Protocol ICMP -Direction Inbound -Priority 100 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange * | Set-AzNetworkSecurityGroup  
    

    Step 2: Set up the operating system to answer Ping/ICMP echo requests
    The operating system will need to be configured to allow ICMP traffic as well. This is disabled by default on Windows Server and will require that you configure Windows Firewall to enable on of the following:

    • IPv4: File and Printer Sharing (Echo Request – ICMPv4-In)
    • IPv6: File and Printer Sharing (Echo Request – ICMPv6-In)

    Alternatively, you can run one of the following commands:

    • IPv4: netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol="icmpv4:8,any" dir=in action=allow
    • IPv6: netsh advfirewall firewall add rule name="ICMP Allow incoming V6 echo request" protocol="icmpv6:8,any" dir=in action=allow

    Ready to ping!
    After completing both steps, you should be able to ping your Azure Virtual Machine using a public IP address.

    3 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.