PowerShell for allowing “Ping” on Windows Servers

Let's discuss one of those recurring server questions: "I have this new server, but why doesn't ping work?" This is because by default, Windows Server installations block ICMP protocol echo requests through the firewall.

Years ago in 2009, I wrote a short post on how to enable it with the "netsh" command-line utility:

netsh advfirewall firewall add rule name="Allow PING" dir=in
action=allow enable=yes profile=any localip=any remoteip=any
protocol=icmpv4:8,any interfacetype=any

Note that the above command should be on a single, long line.

Now that PowerShell is everywhere, here's the modern equivalent. To enable ping for all network profiles, run the following:

New-NetFirewallRule -DisplayName "Allow Ping (ICMPv4)" `
-Protocol ICMPv4 -IcmpType 8 -Direction Inbound -Action Allow

Or, for IPv6:

New-NetFirewallRule -DisplayName "Allow Ping (ICMPv6)" `
-Protocol ICMPv6 -IcmpType 128 -Direction Inbound -Action Allow

Again, these two commands should be on a single line, or if you keep the backtick `, then two lines are fine.

If you only need to have Ping enabled for a short while (during setup or testing, for instance), you can disable the rule later:

Disable-NetFirewallRule -DisplayName "Allow Ping (ICMPv4)"

That's all you will need: no GUI needed, no older "netsh" syntax to remember. PowerShell can make even classic admin tasks cleaner and deployable across servers.