In a Metasploit lab, a common problem is that your Kali machine or another lab system cannot ping the Windows target even when both machines are on the same virtual network. In many cases, the issue is not the network connection itself but the Windows Firewall blocking ICMP echo requests (the traffic used by ping). This topic helps you understand and fix that issue so you can test connectivity properly inside your lab.
The first step is to confirm that both virtual machines are on the correct network mode (for example NAT Network, Host-Only, or the same custom virtual network). If the IP addresses are in the expected range but ping still fails, the Windows firewall is often the main reason. Windows commonly blocks incoming ping requests by default for security reasons.
To fix this in a lab environment, you usually enable the firewall rule that allows ICMP echo requests (IPv4) for the active network profile. This can be done through Windows Defender Firewall advanced settings. In some cases, the network profile (Public/Private) also affects which rules are active, so checking the profile is useful. You should make changes only for your isolated lab and not disable the entire firewall unless the course specifically demonstrates it for learning purposes.
After the change, test connectivity again from Kali to Windows and from Windows to Kali. This confirms whether the issue was firewall-related or whether you still need to check virtual network settings. By the end of this topic, you should be able to troubleshoot and fix a common Windows ping issue in your Metasploit lab setup safely and correctly.
