Configure the Windows firewall to allow pings

On this page:


Overview

If you have a firewall enabled in Windows, ping requests are blocked by default. This prevents the University Information Security Office (UISO) vulnerability scanners from functioning. To configure your firewall to allow pings, follow the appropriate instructions below.

You may be prompted for administrative access to complete these steps.

Windows Firewall

  1. Search for Windows Firewall, and click to open it.
  2. Click Advanced Settings on the left.
  3. From the left pane of the resulting window, click Inbound Rules.
  4. In the right pane, find the rules titled File and Printer Sharing (Echo Request - ICMPv4-In).
  5. Right-click each rule and choose Enable Rule.

Third-party firewalls

If you use a third-party firewall program or appliance, see Vulnerability Scanners.

Because each third-party firewall is uniquely configured, it is impossible to cover all possible ways of enabling ping on all possible firewalls. However, you can use the following information to determine how to configure your firewall:

  • Many firewalls can exempt certain IP addresses or ranges from being blocked. Find the IP ranges for UISO scanners at Vulnerability Scanners.
  • Some firewalls exempt certain protocols or services. In those cases, you must enable ping. Some firewalls call the setting "ping", or "incoming ping". Others refer to it by its technical name, "ICMP Echo Reply". Either way, allow this protocol.
  • Many firewalls also offer options to allow certain ports to communicate (do not confuse networking TCP ports with the physical serial, parallel, USB, or Ethernet ports). Don't bother configuring those settings for the UISO scanner; only "ping" (ICMP_Echo_Reply) must be enabled, and that doesn't use ports. You may want to allow or deny certain ports for other reasons, but there's little need to do so for the UISO scanner.

This is document aopy in the Knowledge Base.
Last modified on 2021-12-02 16:30:06.