Home

How to enable Ping (ICMP echo) on an Azure VM

%3CLINGO-SUB%20id%3D%22lingo-sub-858351%22%20slang%3D%22en-US%22%3EHow%20to%20enable%20Ping%20(ICMP%20echo)%20on%20an%20Azure%20VM%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-858351%22%20slang%3D%22en-US%22%3E%3CP%3EThis%20is%20just%20a%20very%20quick%20blog%20post%20because%20I%20got%20the%20question%20from%20a%20couple%20of%20people.%20In%20this%20blog%20post%20want%20to%20show%20you%20how%20you%20can%20enable%20ping%20(ICMP)%20on%20a%20public%20IP%20address%20of%20an%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fvirtual-machines%2Fwindows%2Foverview%3FWT.mc_id%3Dthomasmaurer-blog-thmaure%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20virtual%20machine%3C%2FA%3E%20(VM).%20First%2C%20just%20let%20me%20say%20that%20assigning%20a%20public%20IP%20address%20to%20a%20virtual%20machine%20can%20be%20a%20security%20risk.%20So%20if%20you%20do%20that%2C%20make%20sure%20you%20know%20what%20you%20are%20doing.%20If%20you%20need%20admin%20access%20to%20virtual%20machines%20only%20for%20a%20specific%20time%2C%20there%20are%20services%20like%20%3CA%20href%3D%22https%3A%2F%2Fwww.thomasmaurer.ch%2F2018%2F07%2Fazure-just-in-time-vm-access%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20Just-in-Time%20VM%20Access%20(JIT)%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fwww.thomasmaurer.ch%2F2019%2F06%2Fazure-bastion-private-rdp-and-ssh-access-to-azure-vms%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20Bastion%3C%2FA%3E%20you%20should%20have%20a%20look%20at.%20Now%20back%20to%20the%20topic%2C%20Azure%20by%20default%20denies%20and%20blocks%20all%20public%20inbound%20traffic%20to%20an%20Azure%20virtual%20machine%2C%20and%20also%20includes%20ICMP%20traffic.%20This%20is%20a%20good%20thing%20since%20it%20improves%20security%20by%20reducing%20the%20attack%20surface.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ERead%20more%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.thomasmaurer.ch%2F2019%2F09%2Fhow-to-enable-ping-icmp-echo-on-an-azure-vm%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.thomasmaurer.ch%2F2019%2F09%2Fhow-to-enable-ping-icmp-echo-on-an-azure-vm%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-858351%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ENetworking%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EVirtual%20Network%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
thomasmaurer
Microsoft

This is just a very quick blog post because I got the question from a couple of people. In this blog post want to show you how you can enable ping (ICMP) on a public IP address of an Azure virtual machine (VM). First, just let me say that assigning a public IP address to a virtual machine can be a security risk. So if you do that, make sure you know what you are doing. If you need admin access to virtual machines only for a specific time, there are services like Azure Just-in-Time VM Access (JIT) and Azure Bastion you should have a look at. Now back to the topic, Azure by default denies and blocks all public inbound traffic to an Azure virtual machine, and also includes ICMP traffic. This is a good thing since it improves security by reducing the attack surface.

 

Read more here: https://www.thomasmaurer.ch/2019/09/how-to-enable-ping-icmp-echo-on-an-azure-vm/

Related Conversations
Extentions Synchronization
Deleted in Discussions on
3 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
36 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
9 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies