Blocking UDP's from hamachi

[Guest]

[posciel]

I have a problem. I do have blue star which should be green.

Link: https://secure.logmein.com/products/hamachi/tunnel.asp#r

Please check it out.

I think COMODO is causing this problem. How to fix it? Screenshot included.

Fast answer would be great.

[Ronny]

Only thing i can think of is the Multicast (IGMP) being dropped.
I'm not sure if hamachi uses it you can try to allow that (temporarily) to see if that helps.

I don't think it's because of the drops on 137/138 to the 5.x broadcast address, that's just windows 'talking' and looking for neighbors.

[posciel]

What I think is that problem is caused by non-forwarded ports. I'll try to do it on my router.

[posciel]

I forwarded port with help at http://portforward.com but nothing helped me, I still have that blue ;|

[Ronny]

As can be read here:

http://www.logmeinwiki.com/wiki/Hamachi:Ports_and_Protocols

You can set a static UDP listening port by configuring it in Hamachi:Detailed Configuration, but note that this will require you to forward that port's UDP traffic from your router to the machine, if you are behind a router. Also note that if you have multiple machines to do this on, you will need to choose different ports for each to avoid conflicts and also forward them all.

So you need to setup a specific port for your "direct" session's take two ports like 49152 and 49153 and configure both routers to allow traffic to port 49152 on one and 49153 on the other router. Now on CIS allow the remote ip to access logmein on port 49152. Now you should have a "direct" connection.

[EricJH]

You can make a Multicast zone for ICMP traffic. Go to Firewall --> Common Tasks --> My Network zones.

Now we will make the Multicast zone.
Choose add -->  A new network zone --> Let's name it Multicast --> Apply . 
Choose add --> A new address --> A range of IP adresses --> 224.224.224.0 --> 224.224.224.255 --> Apply.
Choose add --> A new address --> A range of IP adresses --> 229.0.0.0 --> 229.255.255.255 --> Apply.

Now we are gonna apply this zone using the Stealth Port wizzard. Go to Firewall --> Common Tasks --> Stealth port wizard --> Choose "Define a new trusted network, stelath my ports to everyone else" --> Next --> now choose the Multicast zone --> Finish.

You can check that the rules have been applied by going to Firewall --> Advanced --> Network security policy --> Global rules --> you should see rules added now referring to Multicast.

[grue155]

Just a quick note on the logs in the first post.

The destination address of 5.255.255.255 is a broadcast address. For all Hamachi users. Since this is for for the Netbios ports, these will be Windows machines advising any and all that "Hi, my name is <whatever> and I'm at <IP address>".

This is not traffic you want coming into your machine, and not something you want to have going out from your machine. Netbios broadcasts like this can be useful on an office LAN, where machines are in a co-operative environment. I don't think that applies to the Hamachi VPN environment.

I'll suggest a rule to block all traffic to the 5.255.255.255 broadcast address, and open things up only as necessary.

[Tags:]