I use Ping (not the sort of ping in the picture above) to make sure I can communicate with my servers all the time. Windows Server 2008 doesn’t allow Ping responses through the Windows Firewall.
Here’s how to enable Ping responses:
Open the Windows Firewall Advanced settings (Open Network and Sharing Center, click Windows Firewall bottom left, then Advanced settings).
Find the File and Printer sharing (Echo Request – ICMPv4-In) in the Inbound Rules section and ICMPv6 if you want to enable IPv6 responses.
Double click each rule and select enabled or right-click and select Enable Rule.
You should now be able to ping the server.
Keep in mind that by enabling ping reply on your servers, your servers could be subjected to DoS (deny of service) attack since flooding a server with a large number of ping requests is very easy to do. You should take additional steps to further lock down the scope by right click on the File and Printer Sharing (Echo Request – ICMPv4 In) rule and if possible, specify which servers/computers and/or IP range can ping your servers.
That’s an excellent point. Especially if the server faces the internet. In my case they were internal servers I wanted to ping. Not that you couldn’t have a DoS attack from inside.
Another reader reminded me that even with FW turned on and filtered ICMP traffic, Windows FW could still receiving and dropping ICMP traffic… Very true, but at least no echo replies get back out and you effectively cut off 1/2 total in/out traffic and also discourage the attackers from keeping flooding your network since they don’t know where on the network you drop their traffic.