Configuring rules for Connectify

[Guest]

[Bucic]

Official - Connectify blames Comodo
http://www.connectify.me/connectify-v3-1-is-here/

Conflict Detection, Part 1:  It has become clear that most of the “bugs” that users have reported on Connectify 3.0 are actually other badly behaving software interfering with the operation of Connectify.  For the two most egregious offenders, SonicWALL VPN and Comodo Firewall, Connectify now refuses to even install while they are on your system.

[at]DFPhoenix
You've only disabled the firewall. Then your computer is vulnerable to anything connecting through connectify.

[ubuysa]

You can configure Comodo to work with Connectify, and without turning the firewall off for the Connectify network. Here's what you need to do:

1. Define a new network zone called "Connectify Network" and add an address range of 192.168.182.0 to 192.168.182.255 (substitute whatever IP address range Connectify selects for you).

2. Add a global rule to allow in/out to "Connectify Network" from "Connectify Network" for IP any.

3. Add an application rule for the System application to allow in/out to "Connectify Network" from "Connectify Network" for IP any.

4. Add an application rule for Connectifyd.exe and set it as a trusted application.

5. Add an application rule for Connectify.exe and set it as outgoing only.

6. Define a new port set called "ConnectifyNetServices Ports" and add ports 67, 68, 1317, 53 and 1303 to it.

7. Add an application rule for ConnectifyNetServices.exe and allow UDP in/out from MAC any to MAC any where source port is in ConnectifyNetServices Ports and destination port is in ConnectifyNetServices Ports.

Note that if the client PC (the one connecting to the Connectify hotspot) also runs Comodo you need to do steps 1 to 3 on that machine too.

This works perfectly and is a secure as it can be made. It is based on the information from the Connectify knowledge base entry on "firewall rules".

Tony C.

[peraake]

I was following "ubuysa" step-by-step backwards. I saw that Connectify used port 5544, added that and then the laptop immediately got Internet.

Thankyou "ubuysa"

[alanjohnson]

it seems pretty trivial, in case u forgot, u gotta enable Internet Connection Sharing at the Wireless Network Connection (or any connection which has internet) to the Wireless Network Connection 2 (which is Connectify).

just realized this after I followed the ubuysa steps.

[icedoverfire]

Hello all,

I followed the instructions Ubuysa posted to the letter (thanks, by the way!)... unfortunately, I still have to disable the firewall to get my device to connect to the connectify network. Once connectify makes the connection, I can re-enable the firewall and have internet on my device without a problem. With the firewall running and the device disconnected, connectify does not make the connection.

EDIT: I should also make it know that if my device goes to sleep while connected and I wake it up, the connection is maintained, so the firewall only needs to be disabled for the initial connection.

Would anyone know how to fix this?

Thanks,

- ice

[n0iz3d]

You can configure Comodo to work with Connectify, and without turning the firewall off for the Connectify network. Here's what you need to do:

1. Define a new network zone called "Connectify Network" and add an address range of 192.168.182.0 to 192.168.182.255 (substitute whatever IP address range Connectify selects for you).

2. Add a global rule to allow in/out to "Connectify Network" from "Connectify Network" for IP any.

3. Add an application rule for the System application to allow in/out to "Connectify Network" from "Connectify Network" for IP any.

4. Add an application rule for Connectifyd.exe and set it as a trusted application.

5. Add an application rule for Connectify.exe and set it as outgoing only.

6. Define a new port set called "ConnectifyNetServices Ports" and add ports 67, 68, 1317, 53 and 1303 to it.

7. Add an application rule for ConnectifyNetServices.exe and allow UDP in/out from MAC any to MAC any where source port is in ConnectifyNetServices Ports and destination port is in ConnectifyNetServices Ports.

Note that if the client PC (the one connecting to the Connectify hotspot) also runs Comodo you need to do steps 1 to 3 on that machine too.

This works perfectly and is a secure as it can be made. It is based on the information from the Connectify knowledge base entry on "firewall rules".

Tony C.

After following all these steps, i still couldnt connect. So i did it all over again, but did things right!

1. Define a new network zone called "Connectify Network" and add an address range of 192.168.182.0 to 192.168.182.255 (substitute whatever IP address range Connectify selects for you).

Connectify address range is not always the same. Check the IP assigned to the new connectify network and use that IP as address range.

Also, as someone said, you REALLY have to enable Internet Connection Sharing to make it work.
Go to the network (the one that has the internet connection) properties, go to tab "Sharing", activate/check the "Allow other network users to connect through (...)" and then pick the connectify network from the drop down list... nothing else!

That's it, it should work if you follow "ubuysa" steps and do the above!

[Yavin]

Hi,
I followed these instructions but it does not work. The ICS works, I can ping google from my smartphone when I disable Comodo Firewall. I went through the instructions 4 times to asure that everything is correct.

[ubuysa]

You can configure Comodo to work with Connectify, and without turning the firewall off for the Connectify network. Here's what you need to do:

1. Define a new network zone called "Connectify Network" and add an address range of 192.168.182.0 to 192.168.182.255 (substitute whatever IP address range Connectify selects for you).

2. Add a global rule to allow in/out to "Connectify Network" from "Connectify Network" for IP any.

3. Add an application rule for the System application to allow in/out to "Connectify Network" from "Connectify Network" for IP any.

4. Add an application rule for Connectifyd.exe and set it as a trusted application.

5. Add an application rule for Connectify.exe and set it as outgoing only.

6. Define a new port set called "ConnectifyNetServices Ports" and add ports 67, 68, 1317, 53 and 1303 to it.

7. Add an application rule for ConnectifyNetServices.exe and allow UDP in/out from MAC any to MAC any where source port is in ConnectifyNetServices Ports and destination port is in ConnectifyNetServices Ports.

Note that if the client PC (the one connecting to the Connectify hotspot) also runs Comodo you need to do steps 1 to 3 on that machine too.

This works perfectly and is a secure as it can be made. It is based on the information from the Connectify knowledge base entry on "firewall rules".

Tony C.

These rules worked very well when the connecting PC was Windows XP based. Recently I've had to get an Amazon Kindle to connect to the Internet via Connectify (3.5.1) and the above rules are insufficient. To get the Kindle connected I did all of the above AND defined two new rules as follows:

1. Add an application rule for "Windows System Applications" (Add - Select - File Groups - Windows System Applications). Allow IN from TCP/UDP From IN[Connectify Network] to MAC Any where source port is any and destination port is IN[Connectify Ports]. Allow IP OUT from MAC any to MAC any where protocol is any. Block everything else.

2. Add an application rule for "Windows Operating System" (Add - Select - Running Processes - Windows Operating System). Allow IN from TCP/UDP From IN[Connectify Network] to MAC Any where source port is any and destination port is IN[Connectify Ports]. Allow IP OUT from MAC any to MAC any where protocol is any. Block everything else.

I've not tried connecting with other clients (Windows 7 for example) but the above might help there too?

PS. I've also found that I can tie the connectifyd.exe program down a little too. Instead of making it Trusted, I now have is set as follows: Allow IN from TCP/UDP From IN[Connectify Network] to MAC Any where source port is any and destination port is IN[Connectify Ports]. Allow OUT from TCP/UDP From MAC Any where source port is any and destination port is any. Block everything else.

Tony C.

[Tags:]