Problems with acquiring or renewing the IP address

[Guest]

[jjb3]

Thanks for the reply. The steeings that you gave me where already applied (post a few pages back has the same advise). 99% it works  , Thanks. Sometimes it will still block some parts of the connection, windows will say "Limited network connection", but I dont have a good log with that.

Btw Logs show that the Application monitor gives severity High on svchost.exe  (UPD OUT 239.255.255.250:1900 / UDP IN 130.115.78.140:123), does that give problems?

jjb3

[alaindc]

hi 
i discover suddenly comodo firewal a few weeks ago, and i'm glad i have.

the same problem with version 2.4.18.184 fr begin to happen, on XP SP2.
every 6 hours or so, sometime much less, i was having this disconnecting problem, unable to renew my ip adress, on my ADSL modem.

at first, i follow the instruction, add these 2 rules, but it wasn't working.
so, i can confirm one thing, it really need a reboot to work.
thank's for helping.

the first week i use CFP, i also find the solution to connect my 360 through my pc, and allow the connection via CFP, on the same forum.
the forum are great, the firewall is great...

Given the potentially cranky nature of DHCP, you may find it helpful to add two more rules to the very top of Network Monitor (these will be done manually), in this fashion:

Right-click Rule ID 0, and select Add/Add Before.  Build the rule like this:

Action:  Allow
Protocol:  UDP
Direction:  In
Source IP:  Any
Destination IP:  Any
Source Port:  67
Destination Port:  68

Repeat the step in blue above, and build the next rule like this:
Action:  Allow
Protocol:  UDP
Direction:  Out
Source IP:  Any
Destination IP:  Any
Source Port:  68
Destination Port:  67

Now reboot, just to clear any temporary memory and make sure the new rules are properly set.

That should resolve the DHCP issue for you.

LM

[allkatraz]

Welcome to the forums, alkatraz; sorry you're in the "club."
[...]
That should resolve the DHCP issue for you.

Sorry for the delay, i was very busy. In all this time i just deactivated Comodo . Today i found some extra time and i followed you advices. And... it works! Thanks for your patience. I saved your post for the future (windows reinstalls)

Thanks again.

[Little Mac]

No problem, allkatraz; glad that worked for you!

LM

[enphreaked]

First of all I want to say how happy and grateful I am to have found such a smart, flexible and smooth Firewall like Comodo.

Unfortunately I'm a bearer of the DHCP-problem plague..

I use no router, only a modem (that let's the traffic go right through). So it's my computer that aquires the IP-adress.

I've tried adding my gateway to trusted zones/places.

I've also tried the allow UDP in/out to my gateway, but that didn't help either..

When I try to aquire an IP-adress I get spammed with "Inbound Policy Violation (Access denied IP: xx.xxx.xx.xxx, Port=31486

Also this is added: Application access denied: svchost.exe:xx.xxx.xxx.xx :dhcp(68)
                              Application access denied: svchost.exe:xx.xxx.xxx.xx :bootp(67)



Any suggestions?

EDIT: Also I'd like to add that I lose my ip-adress at random intervals. Sometimes I can surf for hours, sometimes just 30 min. I cannot aquire an IP-adress when comodo is activated. When I disable it though I can aquire an IP-adress.

[xerovlade]

Same Thing Happens to me.. And i was thinking that i was supposed to write all of these stuff but i guess someone beat me to it.. Anyway whatever enphreaked said is what is happening to me too..

And i was contemplating on upgrading firewall a while ago.. Anyway Thanks in Advance..

******************************************************************

Anyway, I already figured out how to fix my DHCP with the current Comodo Version so Thanks anyways..

[notsavant]

I'm still having the same problem; I upgraded to v3, but went back, after a small while, to v2.
Now, my connection just drops from time to time, forcing me to renew my IP (cmd or control panel). After that, it works fine.. for a while. I tried adding the rules and disabling "Do protocol analysis" - to no avail.
I had a fine connection before.. "downgrading" (I used v2 for about 4 months), still, I remember having this problem when I switched from Outpost and, somehow, solving it.
Any ideas? Got the rules wrong perhaps? ;X

[Little Mac]

notsavant,

There are two things I'd target first:

1.  Make sure you are not blocking svchost.exe (application monitor) in any way; this system process is needed to establish the DHCP lease (which is what gets you the IP address).

2.  In network monitor, make sure you maintain the default rule to Allow TCP/UDP Out from Any to Any, as the rule in top position (Rule ID 0).  Then create a new NetMon rule as Rule ID 1 (2nd position from the top) to:

Action:  Allow
Protocol:  UDP
Direction:  In
Source IP:  Any
Destination IP:  Any
Source Port:  67
Destination Port:  68

There are a couple things you can do to "tighten" that up. 

1.  If you're behind a router, configure you computer to have a static IP address (this is an internal/network/LAN address and won't impact your contact to the outside world); you do this in Windows, Network Connection settings.  This eliminates the need for DHCP and the extra rule I listed above.

2.  If you still want to do (or need to) dynamic DHCP, but you know that your DHCP server's IP address won't be changing, you can define it as the Source IP in the rule I gave above.  Then add a new rule into the top position (a new Rule ID 0) ***Note:  Do not delete the default Allow TCP/UDP Out rule, as it allows you to surf and get email, etc.  Just add an additional rule on top of it.***  The new rule will be:

Action:  Allow
Protocol:  UDP
Direction:  Out
Source IP:  Any
Destination IP:  (IP of your DHCP server)
Source Port:  68
Destination Port:  67

That should clear up any issues.  If after creating the rules you're still having trouble, reboot.  If still no joy, we'll have to look at your firewall logs to see what's being blocked.

Hope that helps,

LM

[notsavant]

I took a while before replying in order to test the changes. So far it's fine; 19 hours without breaks. It seems that the problem was a wrong rule ;X
Thanks for the help "Little Mac". I appreciate it.

[Little Mac]

No problem, notsavant ~  glad to help!

LM

[paper_ball]

I need help. How do I start a ticket...this is ALL WAY over my head. Just fix it. so I can get online and not have to turn off the firewall...that is the only way it works...I can get to this site...

[panic]

To lodge a ticket with the official Support Centre (which is what I'm hoping you mean), you need tog oto http://support.comodo.com, log in andfrom there, it's pretty obvious what to do.

Please note, that your username and password for these forums will not work on the support centre. You will need to register separately before you can lodge a support ticket.

Cheers,
Ewen :-)

[fake__n]

I may of fixed my problem, as I had the problem obtaining IP addy to my network upon reboot or from standby.
Kept asking for new network name with my adapter name already in use and wanted me to rename...now this is a problem every time I boot or log in.  Had to disable CF to obtain IP to network and Internet and then turn it back on each time.

This is what I did and see if it works for others with this problem.  Go to Firewall | MY Network Zones | and in your NIC adaptor addy line (IP IN 192.168.x.x), edit this/check "A range of IP Addresses" and enter your Router's full range...ie, (192.168.0.1 - 192.168.255.255) APPLY and exit as prompted.
This seems to be working for me, maybe opened up a bit much, but that is the way ZA did it.

[brucine]

That is also the way i do it (including localhost at 127.0.0.1, Firefox keeps asking for it)

[Little Mac]

That is also the way i do it (including localhost at 127.0.0.1, Firefox keeps asking for it)

You shouldn't have to create a zone for localhost, just Allow w/Remember for Firefox.  Or, go into FF's rule in Defense+, Access Rights, and check the box to Allow on loopback connection. 

Firefox does utilize loopback connection, and it's nothing to worry about.  Some applications do, but there's no need to create a zone to allow it; just do it on a per-application basis.  Just IMO.

LM

[Tags:]