Windows Server 2016: Allow pinging in the firewall

Like any firewall, Microsoft’s software firewall on Windows Server 2016 blocks by default almost all communication ports. Originally, the ping is also refused, even in a local WAN network in domain / member server configuration. This tutorial explains how configure the Windows Server 2016 firewall to respond to the ping. This is done simply with the utility built into WS16 to configure advanced firewall security rules.

The procedure is the same on Windows Server 2016 as with previous versions of Windows Server (2012 / R2, 2008 / R2). Windows Server Updates 1709 and 1803 are also affected by this guide.

By default, with Windows Firewall active, a 2016 server does not respond to ping:

Envoi d’une requête 'ping' sur winserver2016 avec 32 octets de données :
Délai d’attente de la demande dépassé.
Délai d’attente de la demande dépassé.
Délai d’attente de la demande dépassé.
Délai d’attente de la demande dépassé.
Statistiques Ping pour 192.168.0.10:
Paquets : envoyés = 4, reçus = 0, perdus = 4 (perte 100%)

Configure Windows Server 2016 firewall to accept and respond to ping requests

1. Connect locally or by Remote Desktop on the Windows Server 2016 machine.

2. Open Windows Firewall, either by integrated search, or by the Start menu, Windows administrative tools, Windows Firewall with advanced security features.

3. In the left menu, click on ” Inbound traffic rules “:

Windows Server 2016 firewall tutorial ws16 firewall fw rule

4. In the right menu, click on ” New rule “.

5. On the first Rule Type screen, choose ” Personalized ” and do Following.

Windows Server 2016 firewall tutorial ws16 firewall imcp ping rule

6. Leave ” All the programs ” then Following.

7. Open the “Protocol type” list to select ” ICMPv4 Which corresponds to ping (Internet Control Message Protocol). Do not change the other options on this screen.

Windows Server 2016 firewall tutorial ws16 firewall imcp ping rule

8. In the Extended part, leave “ Any IP address »In both fields if there is no particular constraint. Otherwise, indicate the precise IP addresses, IP ranges or subnets authorized to ping the machine.

9. What action to take? ” Allow connection To respond to ping requests from another computer.

Windows Server 2016 firewall tutorial ws16 firewall imcp ping rule

10. Define on which networks this new rule must be applied: check only Domain to prevent the ping from being allowed on a connection other than that of the company (which should not change for a server).

Windows Server 2016 firewall tutorial ws16 firewall imcp ping rule

11. Give a name to this firewall rule and click on To end to validate it.

Windows Server 2016 firewall tutorial ws16 firewall imcp ping rule

12. Ping is immediately functional from another PC in the network.

Envoi d’une requête 'ping' sur winserver2016.domaine.local [192.168.0.10] avec 32 octets de données :
Réponse de 192.168.0.10 : octets=32 temps<1ms TTL=128
Réponse de 192.168.0.10 : octets=32 temps<1ms TTL=128
Réponse de 192.168.0.10 : octets=32 temps<1ms TTL=128
Réponse de 192.168.0.10 : octets=32 temps<1ms TTL=128
Statistiques Ping pour 192.168.0.10:
Paquets : envoyés = 4, reçus = 4, perdus = 0 (perte 0%),
Durée approximative des boucles en millisecondes :
Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms

Leave a Comment