Symptom:
After applying the CyberArk In-Domain GPO for CPM and/or PVWA servers, these servers no longer respond to ping (ICMP)
Cause:
CyberArk's new GPO hardening disables ICMP to these servers out-of-the-box
Solution:
In order to allow ping to these servers, the following GPO policy needs to be update:
Computer Configuration > Administrative Templates > Network > Network Connection > Windows Firewall > Domain Profile > Windows Defender Firewall:Allow ICMP Exceptions
This policy would be disabled in the standard GPO. You need to enable it and mark only the setting of 'Allow Inbound Echo Request'
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article