how do I Grant Access to an "Inbound Policy Violation (Access... [RESOLVED]

[Guest]

[LucyRicardo]

I am running CFP Version 2.4.18.184

The following entries show up in the COMODO Firewall Pro Logs:

Date/Time :2008-04-28 02:10:39
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.2.1, Port = syslog(514))
Protocol: UDP Incoming
Source: 192.168.2.1:syslog(514)
Destination: 192.168.2.101:syslog(514)
Reason: Network Control Rule ID = 6

But I do NOT want this Inbound Traffic to be "Access Denied".
I want Access to be Granted to this traffic.
Specifically, I want an application called WallWatcher to receive this particular Inbound Traffic.

How can I do that?

[Eric Cryptid]

have you set 192.168.1.1 (your router) as trusted? This can be done on Security>>>Tasks.

Alternatively, you can just create your own rule for it. Just got to the Security Tab and click on Network Policy and then simply add a new rule. Make sure, you move the rule above the last rule.

Eric

[LucyRicardo]

No, I have not set my router 192.168.2.1 as trusted.

I am looking at Security -> Tasks
I see:
"Define a new Trusted Application" under Common Tasks
"Define a new Trusted Network" under Wizards

Which one should I use?

[Eric Cryptid]

Your trusted 192.168.2.1 should be at the very top of the list and be: Allow all IP In From 192.168.2.1 to Any  and Allow all IP Out to 192.168.2.1 from Any.

Usually the rule is done automatically by selecting "Define New Trusted Network" making sure that yours is listed there and then at the bottom of that Tasks page there'll be (I think) Add Trusted Network (It's been awhile since I've used version 2).

Can you screenshot your network rules?

[LucyRicardo]

Thanks Eric.  I figured it out.
Under Network Monitor -> Network Control Rules,
I did an "+ Add" to add a new rule and then I moved it up in precedence.
Immediately, my syslog entries came right thru CPF to WallWatcher!
Now I can see in real-time what is happening on the Hardware Router.

[Eric Cryptid]

Great news that your issue has been resolved!

Do let us know if we can help with anything else.

BTW - Have you tried out CPF 3?

Eric

[LucyRicardo]

Not tried CPF 3 yet.
I will soon.

[Eric Cryptid]

There's some exciting improvements coming out later this year but it's quite impressive.

If you're going to give it a go do read this first:

http://forums.comodo.com/help_for_v3/tip_installing_cfp3_for_the_first_time-t22296.0.html;msg155620#msg155620

It's some tips for when you first install it so you get the least amount of Defense+ alerts but still remain safe. I've been using it for a number of months now.

Anyway, I'll lock this topic now and mark it as resolved.

If you need it opening again, just PM and online Moderator.

Eric

[Tags:]