[CyberArk] [PAS] Cannot ping CPM/PVWA servers after applying CyberArk's GPO hardening

Modified on Mon, 06 Aug 2018 at 01:23 PM


After applying the CyberArk In-Domain GPO for CPM and/or PVWA servers, these servers no longer respond to ping (ICMP)


CyberArk's new GPO hardening disables ICMP to these servers out-of-the-box

In order to allow ping to these servers, the following GPO policy needs to be update:

Computer Configuration > Administrative Templates > Network > Network Connection > Windows Firewall > Domain Profile > Windows Defender Firewall:Allow ICMP Exceptions

This policy would be disabled in the standard GPO. You need to enable it and mark only the setting of 'Allow Inbound Echo Request'

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article