networking – Unable to ping scan my machine (but I can ping)

I need to perform an nmap scan on all of the (responding) IPs in an array of VLANs.

The command is nested in a PowerShell for loop and looks something like this:

nmap.exe -Pn -T4 -A -oG (FILE).txt -oX (FILE).xml "$($subnet).0/24"

We had to add the -Pn flag as the command wasn’t picking up all of the hosts in each VLAN with a ping scan.

The issue is that we believe the command is taking too long and so we would like to only scan the hosts that respond to the ping scan.

I found one machine that responds to a simple ping (MACHINE) however running nmap -sn -Pn (MACHINE) results in Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn

I’m not sure why I am able to ping the machine but nmap isn’t? Running nmap in an Administrator PowerShell console does not resolve the issue.

I ran netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow on the problem machine in order to allow ICMP traffic but this did not work either.

This is driving me crazy. Is anyone able to help me with this?

Thanks,

TheCube