Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, October 21, 2013 9:39 PM
Hello,
I've created a hosted service and a virtual machine deployment inside the service. This virtual machine is really only supposed to communicate on a certain port, so I only had one endpoint defined. I found that once the machine said "Started," I waited around for a while, but I was unable to communicate with this VM.
I tried pinging the DNS name (which was something like "mymachine.cloudapp.net"), but I couldn't reach the machine. It seemed to have resolved the IP address though (correctly or not, not sure).
To troubleshoot the problem, I added an RDP endpoint and attempted to connect to the machine. To my surprise, I was able to (easily) connect to it via RDP! I tried pinging google.com from the VM and, again to my surprise, I was unable to ping it! It seemed to resolve the IP address, though, so I tried going to internet explorer and accessing google.com from there - it worked!
So, I'm able to connect via RDP, I'm unable to ping the VM, and I'm unable to communicate with it via our internal stuff (through the aforementioned port). I'm not sure what the details of our internal communications are, but I can certainly find out. I've never had this problem before, but this is the first time I'm attempting to create a VM from an image. I should be able to ping it, though!
Anybody have any ideas?
All replies (3)
Thursday, November 7, 2013 2:27 PM âś…Answered
Hi,
By default the Windows Firewall does not allow ICMPv4 which is the protocol used by ping.exe.
How did you disable the firewall? If you stopped the service, this will put the firewall in lockdown mode and everything will be blocked except RDP.
Instead, enable the firewall and create an Allow rule for ICMP for all profiles.
Please check this thread:
Regards.
Monday, October 21, 2013 10:07 PM
Please bear in mind that ping might just as well be disabled or blocked via firewall at any end. I suspect that the best approach would be to make sure that the endpoint is created correctly.
On the other hand though, to my knowledge any instance created inside hosted service will have, by default, ping disabled. You can always enabled them via Windows Firewall (protocol ICMPv6). However, if your newly configured instance ever gets respawned, you will have to configure the fresh instance's firewall from scratch. Therefore, it might be a good idea to consider running a specific configuration bat every time your instance starts, with this command:
netsh advfirewall firewall add rule name=<your-rule-name-here> dir=in action=allow enable=yes protocol=icmpv6
Hope this helps.
Alex
Tuesday, October 22, 2013 12:37 PM
That's strange because when I created the image, I was able to ping the machine. Any way to configure that on the image level? I can't run a batch script on startup - it doesn't fit the requirements.
EDIT: I just tried turning off windows firewall completely (Domain, Private, Public - everything), and I'm still unable to ping my machine.
EDIT2: I'm trying to create a VM that I can actually ping and I can't so now I'm in doubt as to whether or not I was ever able to ping my VMs... even though I'm pretttty sure I did. In any event, still having no luck on this end.