16.3.8 Lab – Configure Windows Firewall Settings Answers
Topology
Addressing Table
| Device | Interface | IP Address | Subnet Mask |
|---|---|---|---|
| PC-A | NIC | 192.168.1.10 | 255.255.255.0 |
| PC-B | NIC | 192.168.1.11 | 255.255.255.0 |
Objectives
- Access Windows Firewall settings to add a new firewall rule.
- Create a firewall rule to permit ping requests.
- Remove the new firewall rule to return the settings to their previous state.
Background/Scenario
If the members of your team are unable to ping your PC, the firewall may be blocking those requests. Many of the labs in the course suggest that you disable the Windows firewall to permit ping requests and responses to execute correctly. Disabling a firewall is not a good recommended practice in an actual production network.
In this lab, you will create a rule in the firewall to allow ping requests without putting the PC at risk for other types of attacks. It also describes how to disable the new ICMP rule after you have completed the lab.
Required Resources
- 1 wireless router with at least two switchports
- 2 PCs (Windows 10)
- Two Ethernet cables as shown in the topology
Instructions
Part 1: Verify that the Windows Firewall is active and is blocking ICMP requests.
1. Right-click Start. Select Network Connections.
2. Click Change adapter options. Right-click the desired network adapter and select Properties.
3. Select Internet Protocol Version 4 (TCP/IPv4). Click Properties to configure the two PCs with the static IP addresses shown in the addressing table. No configuration is necessary for a default gateway or a DNS server in this lab, as both PCs are on the same IP network and will use IP addresses instead of domain names.
4. Open a command prompt window on PC-A by right-click Start > Command Prompt. Attempt to ping the IP address assigned to PC-B. The ping command should fail. Repeat the ping command on PC-B, attempting to ping the address of PC-A. Ping commands from both PCs should fail, indicating that the Windows firewall is active and is blocking ICMP ping requests.
Note: If the ping succeeds on either PC, verify that the Windows Firewall is active on both machines.
Part 2: Create a new inbound rule allowing ICMP traffic through the firewall.
Step 1: Access Windows Firewall advanced settings.
1. Configure the firewall settings on PC-A. Click Start and type Firewall. Select Windows Firewall or Windows Defender Firewall from the results list.
2. In the left pane of the Windows Firewall window, click Advanced settings.
Step 2: Create a new inboard rule.
1. On the Advanced Security window, select Inbound Rules. Right-click Inbound Rules and select New Rule….
2. In the New Inbound Rule wizard, click Custom in the Rule Type screen. Click Next to continue.
3. In the left pane, click the Protocol and Ports option. In the Protocol type drop-down menu, select ICMPv4, and then click Next.
List three protocols, in addition to ICMP, that can be filtered by a new inbound firewall rule.
Answers will vary. Some protocols that can be filtered by inbound firewall rules are IGMP, TCP, UDP, and GRE.
4. In the left pane, click the Name option and in the Name field, type Allow ICMP Requests. Click Finish.
This new rule should allow your team members to receive ping replies from PC-A. Repeat the commands in Step 2 to add the new rule on PC-B.
5. Test the new firewall rule by repeating the ping command. The pings should be successful.
If not, review the firewall settings to ensure that the new rule is configured correctly.
Part 3: Disabling or deleting the new ICMP rule.
After the lab is complete, you may want to disable or even delete the new rule you created in Step 2. Using the Disable Rule option allows you to enable the rule again. Deleting the rule permanently deletes it from the list of Inbound Rules.
1. On the Advanced Security window, in the left pane, click Inbound Rules and then locate the rule you created in a previous step.
2. To disable the rule, right-click Inbound Rules select Disable Rule. When you choose this option, you will see this option change to Enable Rule. You can toggle back and forth between Disable Rule and Enable Rule; the status of the rule also shows in the Enabled column of the Inbound Rules list.
3. To permanently delete the ICMP rule, click Delete. If you choose this option, you must re-create the rule again to allow ICMP replies.
4. Execute the ping commands performed in Step 1 to verify that the firewall is now blocking the ping requests again.