What application rule(s) need to be created to allow the machine CFP is installed on to be pinged? Running Vista x64.
Hi Pascal666, welcome to the forums.
By default, in CFPs Firewall - Advanced - Network Security Policy - Global Rules… there is a Block rule (usually the last) that blocks all inbound ICMP ECHO REQUESTs. I think this is stopping your pings from working properly. To check this, edit the rule & enable logging, then after attempting a ping check CFPs Log for confirmation.
Why is this rule there? Well, an inbound ICMP ECHO REQUEST can ruin your stealth & reveal the presence of your system to the Internet. That’s why it’s blocked by default. If you’re using a router or something (that blocks unsolicited requests), then you can probably safely remove/disable this rule. Otherwise you should really only temporarily disable it or introduce a limited exception to the rule to allow access from the target IP in question (assuming you trust that particular IP).
Changing the default global rule to allow and setting it to log shows me the echo requests being allowed in, but the box is still not pingable. I am thinking I need an application rule to allow the echo replies to get back out.
Possibly. Which component/application is CFP logging as receiving the ECHO REQUESTs?
Also, please confirm that the target of the pings is an Internet host. Thanks.
Sorry, found the problem. CFP does not disable Windows Firewall during install. Although CFP was allowing the echo requests in, they were still being blocked by Windows Firewall. Thanks for your help!
This thread is now closed.
If you need this thread re-opened, Please PM any online Moderator.