Allow ICMP ping to VIP (Allow Ping inbound)
Vote for allowing UDP through the firewall. Such as ping inbound, because the ping are the minimal required for so much app.

Please use TCP ping as a workaround. No near term plans to process ICMP on Load Balancer as it is a UDP/TCP product.
— Christian
6 comments
-
Rob Brown commented
Wow, you didn't even read the part about the problems with forcing all the 3rdparty network checking tools to switch from ICMP to TCP. Please stop recommending impossible things as a solution or even as a work-around.
-
Rob Brown commented
And we get complaints from our clients having troubles with our website saying that they can't even ping it! This makes it seems like our website is totally down instead of some other problem that they are experiencing. This is causing extraneous false alarms for those just trying to diagnose problems. And it's really just unprofessional, in the very least.
-
Rob Brown commented
For security reasons and for better network diagnostics and for SOC compliance which requires all networks monitoring, the "ping" must respond on a Load Balancer public IP. The ICMP protocol should be able to be NAT to or load balanced to any virtual machine of choice. Or at the very least, just have an option to allow to enable to respond to all ICMP requests if there is sufficient network connectivity from the public routes, (just like AWS and all the other cloud providers allow.) Currently, UDP and TCP proto is supported, which is fine, but that isn't good enough to support what is required. Unfortunately, many 3rdparty monitoring applications do not allow you to choose something other than ICMP.
For example:
https://www.ipaddressguide.com/ping
All of which are reporting "100% packet loss" even for those Load Balancer public IPs that are up and running perfectly.
The current behavior is inappropriate.
-
Vinod commented
Ping works only for the public IP address associated to the virtual machine resource. Can it be allowed for the Load Balancer and VPN gateway resources as well.
-
Anonymous commented
Ping should be enabled in Load balancer. There should be option to enable/Disable ping Via Load Balancer. If someone don't want ping then keep disable this option.
-
Darryn Jones commented
Allow ICMP, anyway