Fixed: SCOM "No Device Ping" on network discovery

 So I'm playing with SCOM and having a less than delightful time.

I want to monitor a router.  Ok, that should be easy, right?  Can I add the device? No.  I can create a Network discovery rule that will discover it with ICMP and SNMP though.  Ok, fine.

Do the needful, run discovery, and ... It fails with "No response ping". 

Wireshark says the pings are working and I can ping the host.  WTF?

So it turns out they've implemented ICMP in the dumbest way possible and managed to break the firewall state machine that allows it to receive replies.  To work around this and do ping-based discovery you have to enable firewall rules to allow the machine to receive the ICMP reply messages.

I enabled the SNMP response and trap rules too; Let's go see what other features are hiding in here.

P.s. SNMP didn't work either.  You have to restart SCOM (or the server) for it to restart that SNMP listener.  *long sigh*.