Enable the connection [HELP]

[Guest]

[rk73]

Hi all,
just installed the new version 3.0.13.268 on my XP sp2 pack system.

With the standard settings ("Train + safe mode" for both Defense and Firewall security leve) it is impossible to establish the normal vpn connection to be able to suf the web, get emails, etc.

To succeed, every time I must set them on "disable": then it's possible to connect. After the connection I set again to the Train Safe mode and it all works correctly.

Is there a way to set the firewall in order I can connect always without this boring procedure?

Thanks for your care and for your help.
ciao
rk73

[gibran]

If you are not seeing any alert this mean that You need additional global rules and maybe few changes to System application policy.
Can you export your log?

[miha]

To get VPN (both PPTP and IPSEC) working on my computer with Comodo 3.0.13.268, I had to enter few Application rules.

1) Sistem Idle process:
    - Allow IP OUT Source: Any Destination: Any Ip Details: GRE   (for PPTP)
    - Allow IP OUT Source: Any Destination: Any Ip Details: Costom protocol 50   (For IPSEC)
    - Block IP IN/OUT Source: Any Destination: Any Ip Details: Any

2) lsass.exe (for IPSEC)
    - Used default "outgoing only" policy here.

Still, it's odd, why are GRE (47) and ESP (50) protocols connected to System Idle process? Regardless, those settings got the VPN working for me.

I hope it's helpful to you.

Edit: For lsass.exe you only need to allow outgoing connection on UDP port 500, as it's only port needed for IKE, but I was feeling lazy, even if it's less secure. You can leave that rule out, but you will get popup whenever you establish IPSEC connection.

[Tags:]