After applying the CyberArk In-Domain GPO for CPM and/or PVWA servers, these servers no longer respond to ping (ICMP)


CyberArk's new GPO hardening disables ICMP to these servers out-of-the-box

In order to allow ping to these servers, the following GPO policy needs to be update:

Computer Configuration > Administrative Templates > Network > Network Connection > Windows Firewall > Domain Profile > Windows Defender Firewall:Allow ICMP Exceptions

This policy would be disabled in the standard GPO. You need to enable it and mark only the setting of 'Allow Inbound Echo Request'