networking – Unable to ping scan my machine (but I can ping)

I need to perform an nmap scan on all of the (responding) IPs in an array of VLANs.

The command is nested in a PowerShell for loop and looks something like this:

nmap.exe -Pn -T4 -A -oG (FILE).txt -oX (FILE).xml "$($subnet).0/24"

We had to add the -Pn flag as the command wasn’t picking up all of the hosts in each VLAN with a ping scan.

The issue is that we believe the command is taking too long and so we would like to only scan the hosts that respond to the ping scan.

I found one machine that responds to a simple ping (MACHINE) however running nmap -sn -Pn (MACHINE) results in Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn

I’m not sure why I am able to ping the machine but nmap isn’t? Running nmap in an Administrator PowerShell console does not resolve the issue.

I ran netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow on the problem machine in order to allow ICMP traffic but this did not work either.

This is driving me crazy. Is anyone able to help me with this?