safety

Learn how to enable ping in the Windows 10 firewall

In the Windows 10 operating system, we have Windows’s own firewall activated by default. Depending on the network where we are connected, and how we configure it (public or private), we can carry out certain communications. Today we are going to show you how to activate the “ping” in Windows 10, so that from any computer on the local network they can ping us, since by default it is not enabled.

What is ping and what data packets are sent?

Ping is one of the most basic network utilities, it allows us to know if a computer, a server, a router or any type of “host” is up and accepting communications. When we do a ping, what we are actually sending is an ICMP packet of type “echo-request”, this packet is sent from the origin to the destination, once it reaches the destination, the host can reply to this “ping” or discard the packet. Depending on how the firewall is configured, these ping packets will be accepted or not (ICMP echo-request). The host that answers the ping, does so by responding with an ICMP echo-reply message, at the firewall level the ICMP echo-reply could also be blocked in the outbound direction, however, it is more efficient and recommended that the ICMP echo- request that will reach the network interface.

Thanks to the “ping” tool, we will be able to know if a host is up or not, normally in local domestic networks that are private, ping is allowed by default, because it is a very easy way to verify that there is connectivity. However, if we configure the network as a “public network” this does not happen, by default all the pings we receive will be denied for security reasons, because we are on a public network and it is not recommended that there be communication with other computers for security reasons.

The configuration that we are going to show you next, can be applied both in networks that are configured as “private”, in case we want to modify the advanced behavior of the Windows firewall, and it can also be applied in networks that are configured as “public” , where, by default, all communications from other computers to us are blocked. We must bear in mind that the policies in public networks are to allow any outgoing traffic and allow all related incoming traffic, that is, that we have previously sent. By default, all other incoming communications are denied.

Manual to allow them to ping us in Windows 10

The first thing we have to do is access « Start / Settings «, from here we can access the « Network and Internet » menu and we can directly access its administration.

Once we are in the “Network and Internet” menu, we will be able to see that our network is configured as “Private Network”, therefore, we will be able to share resources in the local network etc. To enter the firewall configuration, we must go to the “Windows Firewall” section at the bottom:

Once we are in the «Windows Firewall» menu, we must click on « Advanced Settings » to be able to configure the ping correctly, and by the way, see the different policies that we have available to enable.

Another way to access the firewall in advanced configuration directly, is by putting “firewall” after clicking on start, and selecting the option that Windows gives us directly, thus we will save all these steps.

Once we have clicked on “Advanced Configuration”, we will be able to see on the main screen the different policies that we have available, both for the “Domain” profile, as well as for the “Private” and “Public” profiles. As you can see, both the private and public profile, incoming connections that do not match a rule will be blocked, this is a restrictive policy, ideal to have the best possible security, so if we want something that does not come for default, we will have to create it ourselves. Outgoing connections, however, that do not match a rule will be allowed, this is a permissive rule, so it will only block what we specifically define.

To be able to modify this policy so that they can “ping” us, we must go to the ” Inbound rules ” section:

In the input rules we have several predefined ones, the one that interests us is the rule that says « Shared files and printers (input ICMPv4 echo request) «, and if we use IPv6, then we must activate the corresponding rule. We will only have to right-click on this rule, and click on “Enable”, since by default the action when enabling it is “Allow”. You already know that there are tips to lower latency.

Once enabled, we can ping both “private” and “public” networks. If we want them to only be able to ping us in private networks (recommended for security purposes), we simply click on «Properties», and in the «Advanced options» tab we can define it in a specific profile:

And as soon as we have enabled it, any computer on our local network will be able to ping us without any problem, as you can see here:

Another option we have is to create a rule ourselves from scratch, and more specific, for example, that only the computers of our own local subnet can ping us, and we discard the rest, ideal for not answering ping if the origin is on another local or remote subnet. Another option that we can do is create an output rule, blocking any response to ping, that is, the “ICMP Echo-reply”, however, it is more advisable to block the input and discard that packet, so that our operating system does not have We have to manage the response to the ping because later it will be blocked by the firewall that we have ourselves.

As you have seen, allowing or not the ping in the incoming direction (ICMP echo-request) is really easy and fast in the Windows firewall, in addition, we must bear in mind that we can create specific custom rules, and not only edit the ones that they are created by default. For example, we could allow pinging or any communication from a specific PC (putting its IP address), in this way, that specific PC will be able to communicate with us but the rest of the computers will not be able to do so, ideal to maintain security .

We recommend you visit our Windows section where you will find a large number of configuration manuals. You can also visit our networks section to make the most of your local network.

Leave a Reply

Your email address will not be published.

Back to top button