Information Technology Reference
In-Depth Information
17
: Allow inbound mask request
ALL
: All types
You can use commas or dashes to specify multiple exceptions, such as
type = 2, 13, 11
or
type = 2-5, 9
.
Using Group Policy
Tables 3-13 and 3-14 show the settings that control ICMP traffic handling in the domain and
standard profiles respectively.
Table 3-13.
Configure ICMP Traffic—Domain Profile
Computer Configuration\Administrative Templates\Network\
Network Connections\Windows Firewall\Domain Profile
Path
Policy name
Windows Firewall: Allow ICMP exceptions
Enabled
to allow ICMP exceptions;
Disabled
to prevent them.
Value
Table 3-14.
Configure ICMP Traffic—Standard Profile
Computer Configuration\Administrative Templates\Network\
Network Connections\Windows Firewall\Standard Profile
Path
Policy name
Windows Firewall: Allow ICMP exceptions
Enabled
to allow ICMP exceptions;
Disabled
to prevent them.
Value
Using the Registry
To configure an individual computer to allow various types of ICMP traffic through the
Windows Firewall, set the following Registry values:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\
Parameters\FirewallPolicy\
<Profile>
\IcmpSettings\]
"AllowInboundEchoRequest"=dword:1
"AllowInboundRouterRequest"=dword:1
"AllowInboundTimestampRequest"=dword:1
"AllowInboundMaskRequest"=dword:1
"AllowOutboundDestinationUnreachable"=dword:1
"AllowOutboundSourceQuench"=dword:1
"AllowOutboundTimeExceeded"=dword:1
"AllowOutboundParameterProblem"=dword:1
"AllowOutboundPacketTooBig"=dword:1
"AllowRedirect"=dword:1