How to enable Ping (ICMP echo) on an Azure VM

%3CLINGO-SUB%20id%3D%22lingo-sub-858351%22%20slang%3D%22en-US%22%3EHow%20to%20enable%20Ping%20(ICMP%20echo)%20on%20an%20Azure%20VM%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-858351%22%20slang%3D%22en-US%22%3E%3CP%3EThis%20is%20just%20a%20very%20quick%20blog%20post%20because%20I%20got%20the%20question%20from%20a%20couple%20of%20people.%20In%20this%20blog%20post%20want%20to%20show%20you%20how%20you%20can%20enable%20ping%20(ICMP)%20on%20a%20public%20IP%20address%20of%20an%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fvirtual-machines%2Fwindows%2Foverview%3FWT.mc_id%3Dthomasmaurer-blog-thmaure%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20virtual%20machine%3C%2FA%3E%20(VM).%20First%2C%20just%20let%20me%20say%20that%20assigning%20a%20public%20IP%20address%20to%20a%20virtual%20machine%20can%20be%20a%20security%20risk.%20So%20if%20you%20do%20that%2C%20make%20sure%20you%20know%20what%20you%20are%20doing.%20If%20you%20need%20admin%20access%20to%20virtual%20machines%20only%20for%20a%20specific%20time%2C%20there%20are%20services%20like%20%3CA%20href%3D%22https%3A%2F%2Fwww.thomasmaurer.ch%2F2018%2F07%2Fazure-just-in-time-vm-access%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20Just-in-Time%20VM%20Access%20(JIT)%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fwww.thomasmaurer.ch%2F2019%2F06%2Fazure-bastion-private-rdp-and-ssh-access-to-azure-vms%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20Bastion%3C%2FA%3E%20you%20should%20have%20a%20look%20at.%20Now%20back%20to%20the%20topic%2C%20Azure%20by%20default%20denies%20and%20blocks%20all%20public%20inbound%20traffic%20to%20an%20Azure%20virtual%20machine%2C%20and%20also%20includes%20ICMP%20traffic.%20This%20is%20a%20good%20thing%20since%20it%20improves%20security%20by%20reducing%20the%20attack%20surface.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ERead%20more%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.thomasmaurer.ch%2F2019%2F09%2Fhow-to-enable-ping-icmp-echo-on-an-azure-vm%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.thomasmaurer.ch%2F2019%2F09%2Fhow-to-enable-ping-icmp-echo-on-an-azure-vm%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-858351%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ENetworking%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EVirtual%20Network%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E

Highlighted

This is just a very quick blog post because I got the question from a couple of people. In this blog post want to show you how you can enable ping (ICMP) on a public IP address of an Azure virtual machine (VM). First, just let me say that assigning a public IP address to a virtual machine can be a security risk. So if you do that, make sure you know what you are doing. If you need admin access to virtual machines only for a specific time, there are services like Azure Just-in-Time VM Access (JIT) and Azure Bastion you should have a look at. Now back to the topic, Azure by default denies and blocks all public inbound traffic to an Azure virtual machine, and also includes ICMP traffic. This is a good thing since it improves security by reducing the attack surface.

0 Replies

Products (70)

Special Topics (19)

Most Active Hubs

Most Active Hubs

How to enable Ping (ICMP echo) on an Azure VM

How to enable Ping (ICMP echo) on an Azure VM

Related Blog Posts View all

How to create a Service Fabric standalone cluster with AWS EC2 instances