Allow Pings (ICMP Echo Request) Through Your Windows Vista Firewall

Have you ever noticed that with the Windows Vista Firewall enabled, you can’t use ping from another computer to see if your Vista computer is alive? Sure, you could take the drastic step of disabling the firewall for testing purposes, but the simple solution is to just allow ICMP requests through the firewall.

Note: Opening extra ports opens up security risks…  allowing ping isn’t a big deal, but it’s usually best to block anything you don’t need.

Allow ICMP Echo Request (ping) From the Command Line

Open up an administrator mode command prompt by right-clicking and choosing Run as Administrator, or type cmd into the start menu search box and then use Ctrl+Shift+Esc.

netsh firewall set icmpsetting 8 enable

To disable it again, simply enter this command:

netsh firewall set icmpsetting 8 disable

The change should be immediate… no need to restart anything.

Allow ICMP Echo Request (ping) With the GUI

Type in firewall into the start menu search box, and you want to choose “Windows Firewall with Advanced Security”.

Then click on Inbound Rules on the left-hand pane:

And find the following rule in the list:

Networking – Echo Request (ICMPv4-In)

Right-click on the rule, and choose “Enable Rule” from the menu, which should immediately enable ping.

If you want more control over the rule, you can choose Properties from the menu, and choose which interfaces or profiles this rule applies to.

 

You could specify that the rule only applies to your wired network interface, and not to the wireless, for example.

 

Note that I’m not advocating allowing this rule, I’m just illustrating how you can do it if you need it. If you don’t need it, then don’t enable it.

| More

This article was originally written on 06/12/08 Tagged with: Network and Internet, Vista

Daily Email Updates

You can get our how-to articles in your inbox each day for free. Just enter your name and email below:

Name:
Email:

Similar Articles	Productive Geek Tips
How to automate FTP uploads from the Windows Command Line How to Create Exceptions in Windows Vista Firewall Create a Shortcut Icon or Hotkey to Turn Windows 7 / Vista Firewall On or Off Turn on Remote Desktop in Windows 7 or Vista Enable Mapping to \HostnameC$ Share on Windows 7 or Vista	Monochrome Grey Desktop Get Better Functionality Stacks with no Extra Software How to Find Sleep When It Escapes You The Anatomy of Salary Negotiations Arguing Productively Leads to a Lasting Relationship Tips and Advice on Saving Money Today
Latest Software Reviews	Tinyhacker Random Tips
Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 PCmover Professional	Build-a-Valentine’s Day Card for your Schmoopie Windows 7’s Device Stage Feature Explained How to Find Your Windows 7 Product Key See Rotten Tomatoes user ratings in IMBD Get a Recycle Bin for Your USB Drive using iBin Fix Computer Problems Remotely using ShowMeWhatsWrong

Comments (9)

1. July 17, 2008 6:52 pm
   

   Firewired

   Cntrl+Shift+Escape=Windows Task manager, on my VISTA Home Ultimate. Can’t get any further. Suggestions??

2. February 5, 2009 2:58 pm
   

   Per

   The Geek meant the following key combination: Ctrl + Shift + Enter

3. June 21, 2009 10:36 pm
   

   Dave Miller

   For Windows 7 Microsoft made changing this a tad more obscure (at least in the release candidate). Use the same approach to changing the settings through the GUI as described above but you’ll find that the “Networking – Echo Request (ICMPv4-In)” setting is no longer present. Use the appropriate “File and Printer Sharing – Discovery” settings instead. There are a total of six with three each for IPv4 and IPv6 with each one providing a different scope as to who can ping.

   Also note that the CLI approach as described for Vista doesn’t work for W7 either. I tried fumbling around with the changed syntax for a little while before going back to the GUI and trying the File and Printer Sharing rules. That worked which was sufficient for me. Someone else gets to decipher the new CLI syntax.

   Cheers,
   Dave

4. July 2, 2009 7:51 am
   

   Phillip Trent

   Thank you Dave. I was scratching my head trying to figure out why ICMP Echo was not in the Core Networking rules.

5. November 24, 2009 8:42 pm
   

   Matt Stephenson

   Thanks Dave, that’s what I need on Windows 7. It’s still the same after RTM

6. December 2, 2009 7:59 am
   

   Will Irwin

   I found that even on Vista (x64, SP2) you have to use the “File and Printer Sharing – Discovery” setting. That must have been renamed on Vista through some service pack or patch.

7. December 3, 2009 3:33 pm
   

   Rich

   On my version of Windows 7 (Enterprise) the setting is File and Printer Sharing (Echo Request – ICMPv4-In). I set it to both public and private networks.

8. January 14, 2010 3:45 am
   

   Evert Mouw

   Windows 7 has indeed moved the ICMP echo firewall rule for IPv4 to File and Printer Sharing group. I found it a bit confusing. I you always want to enable ICMP echo, on all ports / networks, even if File sharing is disabled, you can use this CLI (command line interface) command for Windows 7:

   netsh advfirewall firewall add rule protocol=icmpv4:8,any dir=in action=allow name=”Core Networking – Answer an echo request [ping] (ICMPv4-In)” description=”Allows this computer to answer IPv4 ICMP echo requests (ping). This rule was added by the sysadmin.” profile=any interfacetype=any

9. February 8, 2010 10:44 am
   

   NG

   Here’s the command line syntax to enable the two File and Printer Sharing (Echo Request – ICMPv4-In) rules.

   netsh advfirewall firewall set rule name=”File and Printer Sharing (Echo Request – ICMPv4-In)” new enable=Yes