VMware Cloud Community
an648
Enthusiast
Enthusiast
‎08-13-2020 07:44 PM
Jump to solution

How to enable Ping (ICMP echo) on a guest VM

"Access denied" error while enabling ICMP

Set-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)" -enabled True -RemoteAddress "192.168.0.5" -Protocol ICMPv4 -IcmpType 8 -Direction Inbound -Action Allow

ICMP.PNG

Any assistance that I can get would be much appreciated.

Thank you

Reply
0 Kudos
1 Solution

Accepted Solutions
LucD
Leadership
Leadership
‎08-14-2020 01:08 AM
Jump to solution

The Set-NetFirewallRule cmdlet requires the user running it to be a local administrator.

You can allow other accounts to create/change FW rules, but that requires setting policy and permissions in the Windows OS.

You will see the same error when you run this via the netsh command.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

View solution in original post

Reply
7 Replies
scott28tt
VMware Employee
VMware Employee
‎08-13-2020 11:44 PM
Jump to solution

That is a PowerShell cmdlet, you're trying to change the behaviour of Windows regardless of it running in a VM - so technically not anything to do with PowerCLI or any VMware product.


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
Reply
0 Kudos
LucD
Leadership
Leadership
‎08-14-2020 01:08 AM
Jump to solution

The Set-NetFirewallRule cmdlet requires the user running it to be a local administrator.

You can allow other accounts to create/change FW rules, but that requires setting policy and permissions in the Windows OS.

You will see the same error when you run this via the netsh command.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
an648
Enthusiast
Enthusiast
‎08-18-2020 12:55 AM
Jump to solution

I was successfully able to enable ICMP echo using below cmdlet with administrator role

netsh advfirewall firewall set rule name="File and Printer Sharing(Echo Request - ICMPv4-In)"

protocol=icmpv4:8,any dir=In new enable=yes

But can we achieve this using PowerCLI cmdlet ,enabling multiple vms(Ex: IPs) simultaneously via script?

Reply
0 Kudos
an648
Enthusiast
Enthusiast
‎08-18-2020 12:58 AM
Jump to solution

I meant enabling ICMP echo in multiple vms using their IP's in a script?

Reply
0 Kudos
LucD
Leadership
Leadership
‎08-18-2020 01:17 AM
Jump to solution

Is the account which you pass via Invoke-VMScript on the GuestCredential parameter a local administrator in the Guest OS?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
an648
Enthusiast
Enthusiast
‎08-18-2020 01:56 AM
Jump to solution

I tried both ways but either I get access denied error or username/pwd is incorrect.

New-PSSession -ComputerName "VM-001" -Credential (Get-Credential) -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck)

Enable-NetFirewallRule -DisplayName  "ICMP Allow incoming V4 echo request"

Set-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)" -enabled True -RemoteAddress "192.168.0.5" -Protocol ICMPv4 -IcmpType 8 -Direction Inbound -Action Allow

Reply
0 Kudos
LucD
Leadership
Leadership
‎08-18-2020 02:05 AM
Jump to solution

Did you try to run the netsh command inside the Guest OS via the Invoke-VMScript cmdlet?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos