WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
I have 3 computers on my home network. A desktop and laptop running XP Pro, and a laptop running Vista 64. All three have access to the internet through a router and cable modem. All three can ping internet servers via IP address and/or domain names. All three can ping themselves and the router. All three show the other two in their network maps. I can access shared folders and printers on the desktop from both laptops (well, I can't print from the Vista laptop, but that's another story).
Here's the problem: None of these three computers will respond to a ping request from either of the other two. Not a major problem for me right now, but I don't understand and it bothers me--and may present problems later.
I have Norton Internet Security running on all three. i created a firewall rule to allow all protocols, inbound and outbound, to/from all computers in the range 192.168.0.1 to 192.168.0.255. Windows firewall is turned off on all three. I know of no other firewalls running.
What else could cause this behavior?
Thanks for any ideas.
Duane
Didn't find the information you thought to find? Check out these Similar Threads
I have 3 computers on my home network. A desktop and laptop running XP Pro, and a laptop running Vista 64. All three have access to the internet through a router and cable modem. All three can ping internet servers via IP address and/or domain names. All three can ping themselves and the router. All three show the other two in their network maps. I can access shared folders and printers on the desktop from both laptops (well, I can't print from the Vista laptop, but that's another story).
Here's the problem: None of these three computers will respond to a ping request from either of the other two. Not a major problem for me right now, but I don't understand and it bothers me--and may present problems later.
I have Norton Internet Security running on all three. i created a firewall rule to allow all protocols, inbound and outbound, to/from all computers in the range 192.168.0.1 to 192.168.0.255. Windows firewall is turned off on all three. I know of no other firewalls running.
What else could cause this behavior?
Thanks for any ideas.
Duane
Hi,
Some questions:-
Do you have a star topology ?
Do you share an internet connection with the help of LAN ?
Please elaborate on your network structure and firewall settings ?
Thanks for the two responses, and here's what I can add:
Network topology: Cable modem provides WAN connectivity to wireless router/switch. Ethernet cable connects XP desktop PC to router/switch. XP and Vista 64 laptops connect to router via wifi. The only firewall running (AFAIK) is the "Smart Firewall" included in Norton Internet Security. If I turn it off, the Windows Security Center reports lack of running firewall.
I checked NIS for an ICMP Echo rule and found three:
- "Default Allow Specific Inbound ICMP":
- Direction: Inbound
- Computer: Any
- Communications: Specific
- Protocol: ICMP
- Default Allow Specific Outbound ICMP (Echo Request)
- Direction: Outbound
- Computer: Any
- Communications: Specific
- Protocol: ICMP
- Default Allow Specific Outbound ICMP (Others)
- Direction: Outbound
- Computer: Any
- Communications: Specific
- Protocol: ICMP
The first of these rules is unchecked, which I assume means it is defined but inactive; it is also read-only, and I do not know how to change that state so that I could activate it. And the read-only state also prevents me from examining the details (like what does the "specific" mean?).
The second of these rules in checked, which I assume means it is active; it is also read-only.
The third rule is checked, and is read/write, so I can change that one. And I can also see the details of the rule, which tells me that the "specific" in this case means ICMP "command 0-7" and "command 9-18". I would assume, then, that the second rule allows outbound ICMP command 8. Taken together, these two rules would then allow outbound ICMP commands 0-18. Probably, the first rule would allow inbound ICMP command 0, if I could turn it on. If that's what I need, I could try to find out how to make that rule read/write so I can activate it; or I suppose I could create a new rule that allows inbound ICMP command 0 from computers in the 192.168.0.1 - 192.168.0.255 range.
I'm already over my head here, so I hope this is enough detail. Thanks again.
Try logging in as Administrator & then change the settings.
Logging in as Administrator did not allow me to modify the read-only firewall rules. But I created a new rule, allowing inbound ICMP command 8 from all computers in the local subnet, and the computers now respond to ping requests. One problem down. Thanks for the responses.
Logging in as Administrator did not allow me to modify the read-only firewall rules. But I created a new rule, allowing inbound ICMP command 8 from all computers in the local subnet, and the computers now respond to ping requests. One problem down. Thanks for the responses.
it says that the ping packet 0 is for introduction and many recent Firewalls tend to drop the ping 0 & 8 which is ICMP echo return request.
I suggest you do not create a rule for command 8 to be allowed in your subnet as it can lead to virus/worm attack!!
it says that the ping packet 0 is for introduction and many recent Firewalls tend to drop the ping 0 & 8 which is ICMP echo return request.
I suggest you do not create a rule for command 8 to be allowed in your subnet as it can lead to virus/worm attack!!
Really? Accepting these commands from computers on subnet 192.168.0.0, which I assumes means only from my own router and my own computers, exposes me to viruses launched from the other side of the router? I thought that would be safe. I guess I really don't understand this stuff as well as I thought. Thanks for the warning.
Most ISPs will block packets to and from 192.168.0.0 addresses, so no packets from these addresses should hit your external port. It wouldn't hurt to add a firewall rule to drop all packets from 192.168.0.0 that come in on the external port. However, whether you can do that, depends on the sophistication of your firewall and anyway, its very unlikely that any will anyway due to ISPs blocking them.
Therefore, I'd feel reasonably safe setting a firewall rule to allow ping between 192.168.0.0 addresses.
Read This !!!
