Group Policies Allow ICMPv4 Echo Request

(Last Updated On: 2021-03-16)

When troubleshooting a network issue on a computer one of the first steps is to check whether the device can see other devices and vice versus if other devices can see the device that is being troubleshot. This does mean that the Echo request should be turned on prior to the device actually giving issues.

Now this can be done at setup and with checklist all IT techs might actually do it but a better way is automating it.
What we gonna do is create a Group Policy called: Allow ICMPv4 Echo Request

Group Policy

Open the Group Policy Management on a workstation that can connect to a Domain Controller. Browse to the Group Policy Objects, right-click and choose New…
Choose an appropriate Name for the GPO. Example: CC – System: Allow Echo Request

Allow ICMPv4 Echo RequestAllow Ping on FirewallGroup Policy

Right-click the newly created Policy and choose Edit. Browse too:
Computer Configuration > Policies > Windows Settings > Security Settings > Windows Defender Firewall with Advanced Security >Windows Defender Firewall with Advanced Security LDAP > Inbound Rules

Allow ICMPv4 Echo RequestAllow Ping on FirewallGroup Policy

Right-click Inbound Rules and choose New Rule… In the new Windows choose the option Custom click next until you get to Protocol and Ports. On the Protocol type: make sure you choose ICMPv4. Select the Customize… button once it becomes available.

Allow ICMPv4 Echo RequestAllow Ping on FirewallGroup Policy

On the Customize ICMP Settings windows choose Specific ICMP types and select Echo request.

Allow ICMPv4 Echo RequestAllow Ping on FirewallGroup Policy

Click OK then Next until the Profile Option is available. From here you can choose which Networks this should be allowed on depending on the environment you manage. Move on to the Name section and give the rule an appropriate name. Example: Allow ICMPv4 Echo Request.

Allow ICMPv4 Echo RequestAllow Ping on FirewallGroup Policy

From here is should be as simple to assign the rule to the necessary Organizational Units (OU) on the domain controller and wait for the policy to apply. As this is a Computer Policy remember not to assign it to a User OU.

********************************************************

If you liked what you read Please Share.
I’d love it if you followed me on YouTube and Facebook.

Also, feel free to subscribe to my posts by email.
Donations for the site can be made here.

Thanks for reading.
Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *