Jaa


Allow Remote Desktop Services RDP and Ping ICMP Through Windows Firewall

Create Firewall Rules in Windows 7 thru Windows Server 2012 R2  to allow RDP and ICMP traffic for you have to open “Windows Firewall with Advanced Security” control panel applet.  You can get here by typing “firewall” in the search box near the start button and selecting it from the list (likely on top) or you can go to control panel.

Tested on: Windows 7, Windows 8, Windows Server 2018, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

Start – Control Panel – System and Security – Windows Firewall – Advanced Settings

Note: You could also get to control panel from the Windows-X drop down menu

This will bring up the Windows Firewall with Advanced Security Screen. 

Click on Inbound Rules

The easy way to allow Ping is to enable the existing ICMP rules.

Enable ICMP (PING) Existing Rule(s)

You could scroll down and select File and Printer Sharing (Echo Request – ICMPv4-in) – Right Click and Select Enable Rule (Notice you will have one for multiple networks, you can enable the only the Domain network if you are in a domain environment or enable both if you want to enable on private networks also.

Notice there are ICMPv4 and ICMPv6.  If you are using (or plan on using) IPv6 on your network, I would encourage you to “enable” the IPv6 rules as well.

You could also Create a Rule from Scratch but if you do that the default action will be to enable all ICMP traffic instead of just enabling echo requests.  If you want to do that… Create a new rule click on New Rule in the Actions pane (upper right corner) or right click on Inbound Rule and select New Rule.   Select Custom – All Programs – for Protocol select ICMPv4. If you only want to do Echo Requests you will have to click on Customize, select Specific ICMP Types and Enable only Echo Request.  Scope leave at Any Action Leave at Allow the connection. Profile Select the networks you want to have it enabled  (usually Domain) and turn off the ones you do not want to have (usually public). Finally on the Name page of the wizard give it a name like (Allow Ping) and click Finish.   If you scroll to the top of the inbound rules, you should see your new rule there.

Enable Remote Desktop (mstsc) Existing Rule

You could scroll down and select Remote Desktop (TCP-In) – Right Click and Select Enable Rule (Notice you will have one for multiple networks, you can enable the only the Domain network if you are in a domain environment or enable both if you want to enable on private networks also. 

If you want to manually create your own rule, you would use the Predefined: Remote Desktop application or open the TCP Port 3389.

If you want to do Remote Administration on your Hyper-V Server you might also want to check out

Install and Configure Hyper-V Tools for Remote Administration.

If you have System Center Virtual Machine Manager (SCVMM) and you want to enable management of that the easy way to do it is to mount the SCVMM ISO or insert  the DVD and run the client application.  It can enable Hyper-V if needed and it can also setup all your firewall rules for you.

If your box is actually the SCVMM machine it is far more complicated. Check out SCVMM and Network Ports We Use for Communication