Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, June 29, 2010 7:50 PM
Hello,
This one is really strange to me. I have many servers on our network and I can ping them just fine. However I have one server that will not ping from a PC inside the network. I get "Request timed out".
I have tried to ping using the internal IP address, server name and FQDN with no luck.
The strange thing is that I use this server as a gateway server for RD Web Access and I connect to it via RDC all the time. How can it find the server using the RDC client, but then I can't ping it??
I discovered this error as I found a post while trying to work out an error with RD Web Access RemoteApps. It was suggested that the gateway server be associated with a fully resolvable EXTERNAL IP address. I tested mine and of course it would not resolve from the outside. So I started to work my way in and realized that I could not even resolve it from inside the network!
The gateway server appears to be working as it should with RD Web Access, so I know it is being accessed somehow.
Any help would be greatly appreciated. Thanks!
All replies (5)
Tuesday, June 29, 2010 11:52 PM ✅Answered | 5 votes
Most likely your Windows Firewall.
Set Windows Firewall to allow ICMP replies from the mmc, or type "netsh firewall set icmpsetting 8" from the command line.
Wednesday, June 30, 2010 4:04 AM ✅Answered
Hi Server Dawg
Thanks for posting here.
Have you set firewall to allow incoming ICMP Echo messages ?
By default, Windows Firewall does not allow incoming ICMP Echo messages on windows server 2008 or 2008 R2 , and therefore the computer cannot send an ICMP Echo Reply in response.
You may like to refer to the article below to check if it worked:
Nobody Can Ping My Computer
http://technet.microsoft.com/en-us/library/cc749323(WS.10).aspx
Thanks.
Tiger Li
PS:
On July 1st we will be making Windows Server 2008 R2 Networking forum read only. After receiving a lot of feedback from the community, it was decided that this forum is a duplication and therefore redundant of the Network Infrastructure Servers Forum. So, until July 1st, we will start asking customers to redirect their questions to the Network Infrastructure Servers Forum. On June 11th, CSS engineers will move any new threads to the Network Infrastructure Servers Forum.
Please post a reply to the announcement thread if you have any feedback on this decision or the process. You can also email [email protected].
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Wednesday, June 30, 2010 1:25 PM
CameronMu / Tiger Li,
Thank you very much for your answers. They both helped me get it taken care of.
Although I am now able to ping, I am still confused about something and maybe you guys could clear it up for me.
Changing the firewall as described above allowed pings, but every other server I have already allowed pings and we did not go through this process or any process with the other servers. How were they already able to allow pings?
The only thing I could think of was some role or role service that had been installed on the other servers that was not on this one. I did notice that the File Services role was on the other servers and not this gateway server. So as a test, I disabled the new firewall rules and installed that role. Still no ping. Any other ideas?
Other roles installed on the gateway server are Network Policy and Access Services, Remote Desktop Services, and Web Server (IIS).
Thanks again for the help!
ServerDawg
Wednesday, June 30, 2010 11:35 PM
Changing the firewall as described above allowed pings, but every other server I have already allowed pings and we did not go through this process or any process with the other servers. How were they already able to allow pings
No problems. Are the other servers running Server 2003 or Server 2008?
Firewall settings can also come from Group Policy, so potentially you have a Group Policy object on these servers. If your really interested, run Resultant Set of Policy (rsop.msc) on your other servers and see if they have a Firewall Policy enabled.
Thursday, July 1, 2010 1:28 AM
Hi ServerDawg ,
Thanks for your feed back, and glad my reply is helpful to you.
I am not find a particular document or any article yet which can proof that the incoming ICMP Echo messages will be enabled automatically after install some service roles what you mentioned before on windows server 2008 .
However, if you had deployed AD in your environment, and the server had been a member of domain , then I suggest to you may like edit firewall group policy to enable this rule for each server.
Managing Windows Firewall with Advanced Security by Using Group Policy
http://technet.microsoft.com/en-us/library/cc753955(WS.10).aspx
Thanks.
Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.