Ping Windows 2008 with Firewall On

Published by Bret Fisher on Mar 12, 2009 in Microsoft, Networking and Security and Tech. 3 Comments Tags: , , , , , .

You should be trying hard to keep the firewall on when deploying Windows Server 2008.  If you need to ping the server and haven’t enabled File and Printer Sharing, then open Windows Firewall with Advanced Security and under Inbound rules, enable “File and Printer Sharing (Echo Request – ICMPv4-In)”.  Might as well enable ICMPv6 while your at it.

  • Dave

    Many clients I’ve dealt with are doing this, but most disabled IPv6 entirely to reduce their overhead and security concerns (fewer protocols and ports opened). They usually disable the IPHelper service also. Are you using IPv6 in your environment?

    • http://www.fishbrains.com Bret Fisher

      In this env not yet but within a few years. It’s funny, certain Microsoft systems behave badly unless you disabled IPv6 (Exchange 2007 pre rollup 4), and some behaves badly IF you disable IPv6….

  • http://mcwresearch.com Michael

    While you’re disabling IPv6 you should also disable the 6-in-4 tunnels, which can be utilized as covert channels (some IPS units can’t inspect the IPv6 protocol).

Who Am I?

Read a little about me.
Subscribe

Twitter Updates