After installing a new router, I was no longer able to ping my Hyper-V server. Why not? The router sits at the edge of the network—how could it affect pinging on the local LAN?
Often failed pings are related to the firewall on the target machine. For example, the Windows Firewall setup on my Server 2008 R2 only allows ICMPv4 pings on Private networks:
By temporarily disabling individual firewall profiles on the server, I found that I could ping the server if I turned off the Public firewall profile. Huh? Why does the server thing it is on a Public network?
The answer is Network Location Awareness. You’ve seen the prompt when you connect a laptop to a new wireless network: is this a Home, Work, or Public network? Well I never saw that prompt on the server; apparently it just assumes that a new network (e.g. due to a new router) is Public, the most restrictive profile.
Note that this doesn’t affect domain-joined computers; they are automatically assigned to the Domain firewall profile. But it does affect my non-domain-joined Hyper-V server.
Change the Network Type
To tell the server it’s on a Private network, go to Network and Sharing Center, click on Public network:
Then choose Work network:
That’s it! The server now knows it’s on a Private network, and the Private firewall profile applies. As long as that profile accepts ICMP (ping) requests, you should be able to ping the server.
Update April 11, 2013
Had a similar issue today with my 3CX phone system, which runs as a Windows 7 Hyper-V guest. I rebooted the host last night after installing updates. The 3CX system came back up and all services started. However I realized this morning (after missing a call) that it was not accepting phone registrations. I also could not connect across the network to its web GUI.
When I logged in to the 3CX virtual machine using Remote Desktop and checked the Network and Sharing Center, I found that the network was registered as a Work network. However, the firewall exceptions for the 3CX phone system are only defined for the Domain profile. I rebooted the 3CX virtual machine. This time, the network connected as a Domain network, the phone registered itself immediately, and I was able to log in to the web GUI over the LAN.
My hunch is that the domain controller, also a Hyper-V guest, had not finished booting by the time the phone machine started, hence it was unable to start on the Domain network. The phone server is already configured in Hyper-V to wait five minutes before starting, but the Windows updates took a long time to apply this month, so the domain controller startup probably took longer than that.