Sunday, October 13, 2013

Enable Ping on Windows Server 2008

When setting up new servers, one of the first things to do is to make sure other machines can connect to. The easiest way to do that has typically been to use the ping command, which sends an Internet Control Message Protocol (ICMP) or Echo message to the remote machine. Due to security concerns, however, the Windows Firewall on Windows Server 2008 and Windows Server 2008 R2 is configured to disallow responses to these requests. Here is how to enable responses to these requests.
Windows Firewall Control Panel
Display the Windows Firewall control panel and click the Advanced settings link on the left.


1-Enable Ping-Windows Firewall


Inbound Rules

Click on the Inbound Rules entry below the Windows Firewall with Advanced Settings entry in the left pane.

 2-Enable Ping-Inbound Rules


Echo Request Rules
There are two rules for echo requests, one called File and Printer Sharing (Echo Request – ICMPv4-In) and File and Printer Sharing (Echo Request – ICMPv6-In). You’ll find these in the contents pane on the right.

3-Enable Ping-Echo Request Rules

Enable the Rules

Right click on a rule and click on Enable.

4-Enable Ping-Enable Rule


Once the rule has been enabled, the icon will turn green and the value in the Enabled column will change from No to Yes.

5-Enable Ping-Rule Enabled


Command Line Control
Note that Windows Server Core does not have any UI. You can use the following commands from a command prompt window to enable and disable the IPv4 rule:

netsh firewall set icmpsetting 8
netsh firewall set icmpsetting 8 disable

Note that these commands have been deprecated and you’ll see this message when you execute them on Windows Server 2008 R2:

IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at .
I haven’t found the syntax for simply enabling and disabling the existing rules. All the examples I’ve seen have you create a new rule, like this:
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow
If anyone can find the syntax for simply enabling and disabling the existing rules, please let me know.

No comments:

Post a Comment