Found my answer here:
“You may already know this but just in case, if you would prefer to keep your low priority IPS enabled but still allow ICMP traffic, that is possible. Under the IPS Policies section, you can set the category drop-down for ICMP and then click the pencil icon. Once you do that, set the Prevention drop-down to Disable and then click OK. That should let ICMP traffic work while still keeping IPS enabled for other types of low priority traffic.
Because it’s all ICMP, it will also allow other things like traceroute to function. I played around with some of the granular controls but I couldn’t find a way to allow just ICMP Ping and Reply so this seems to be the next best thing.” -Daniel Bruss
“The blanket VPN > LAN rule may not be sufficient. The new SonicWALL’s interfaces are sometimes protected separately. Try creating a separate rule specifically to allow ping from the VPN to that interface, e.g. Allow PING from VPN > LAN on X0 interface IP (or whatever the relevant interface IP is). I had to do this recently to get the ping to work across the VPN.” – BecauseI’mGood