1

I have four Windows Server 2012 servers hosted on ESXi 5.5.

The first one is the firewall box with two network adapters. One with an external connection to the internet, that is shares its connection with the second internal network adapter with no external connection.

The other three servers are only on the internal network adapter. The other three servers have internet through the firewall box and can all ping externally like google.com but firewall box cant ping any of the other servers and none of the servers can ping the firewall box or each other.

Mapper I/O (LLTDIO) driver and Responder (RSPNDR) driver under Link-Layer Topology Discovery in the Local Group Policy Editor are enabled:

Link-Layer Topology Discovery

And ICMP is set to exempt in the Windows Firewall with Advanced Security on Local Computer IPsec Settings:

IPsec Settings

Any ideas?

sa_ddam213
  • 113
  • 1
  • 1
  • 4
  • How/Why is this a problem? – joeqwerty Nov 16 '14 at 02:43
  • Because they all need to be able to talk to each other. DNS Client, Function Discovery Resource Publication, SSDP Discovery, UPnP Device Host services are all running and network discovery is turned on in advanced sharing settings in the Network and Sharing Center – sa_ddam213 Nov 16 '14 at 02:54
  • Just because they don't respond to pings doesn't mean they can't communicate with each other. Ping tests ICMP, nothing else. Have you tried connecting to them via RDP, RPC, etc., etc.? – joeqwerty Nov 16 '14 at 02:59
  • Can't seem to RDP to them either – sa_ddam213 Nov 16 '14 at 03:07
  • For starters, the setting you show in your second screenshot is relevant to IPsec traffic, not to unencrypted traffic. You need to enable ICMP inbound in the firewall. The easiest way to do that is detailed here: http://blog.blksthl.com/2012/11/20/how-to-enable-ping-in-windows-server-2012. Additionally, getting Ping working has absolutely no relation to your connectivity/communication problem. – joeqwerty Nov 16 '14 at 03:29

1 Answers1

3

Open file explorer, and then click network. Along the top something should pop up saying something along the lines of network discovery is not enabled, click here to enable it.

Click that, and choose the yes enable network discovery public network option (There's only two options yes or no)

This should resolve both the ping and RDP issues you're having. You can turn off the services you started the the IPsec settings you changed.

Hex
  • 56
  • 1