Enable ping (ICMP) in Windows Firewall

By default, Windows Server blocks ICMP echo requests (ping). Enabling ping is useful for network diagnostics and monitoring.

Method 1 — PowerShell (recommended)

Enable ICMPv4 ping:

New-NetFirewallRule -DisplayName "Allow ICMPv4-In" -Protocol ICMPv4 -IcmpType 8 -Direction Inbound -Action Allow

Enable ICMPv6 ping:

New-NetFirewallRule -DisplayName "Allow ICMPv6-In" -Protocol ICMPv6 -IcmpType 128 -Direction Inbound -Action Allow

Method 2 — Enable existing rule

Windows has a built-in rule that's disabled by default:

# Enable for all profiles
Enable-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)"

Or for specific profiles:

Set-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)" -Profile Any -Enabled True

Method 3 — Using the GUI

1. Open Windows Defender Firewall with Advanced Security (wf.msc)
2. Click Inbound Rules
3. Find File and Printer Sharing (Echo Request - ICMPv4-In)
4. Right-click → Enable Rule

Verify ping is working

From another machine:

ping YOUR_VPS_IP

You should receive replies.

Allow ping from specific IPs only

For security, restrict ping to specific sources:

New-NetFirewallRule -DisplayName "Allow Ping from Monitoring" -Protocol ICMPv4 -IcmpType 8 -Direction Inbound -RemoteAddress 203.0.113.0/24 -Action Allow

Disable ping again

Disable-NetFirewallRule -DisplayName "Allow ICMPv4-In"

When to enable ping

• Network troubleshooting
• Uptime monitoring services
• Load balancer health checks
• Latency measurements

When to keep ping disabled

• If you don't need external ping responses
• To reduce attack surface (ping flood mitigation)
• When using other monitoring methods (HTTP health checks)

Tip

Baires Host monitoring systems use HTTP-based health checks, so enabling ICMP is optional. Enable it if you use external monitoring services like UptimeRobot or Pingdom that rely on ICMP.