Amazon Appstore on Windows 11

Anyone having difficulty with the Amazon Appstore app with Windows Subsystem for Android?
I can only log in to Amazon and browse their store if I turn off the Firewall.
There are no alerts from Comodo and the logs show that Windows Operating System has been blocked TCP access in from Amazon IP addresses via ports 443 and 80. I suspect this is how WSA and virtualisation works - Comodo can’t see it.
There are no logs of anything associated with Amazon Appstore.
I also get a \AppData\Local\Packages\Amazon Appstore… folder settings.dat file placed in the container but I’ve got round that.
I am very familiar with Comodo and the settings etc. but can’t find a way to bypass the firewall blockage and let the Amazon Appstore have access.

Hi MSB,

Thank you for reporting.
We will check and update you.

Thanks
C.O.M.O.D.O RT

If the log says it is a blocked incoming connection, then you just need to create an allow incoming rule under the globl rules.

1 Like

Yes but that would be for “Windows Operating System”, various IPs, 2 ports and that seems pretty dangerous to me as it would allow unsolicited data in, wouldn’t it?

No because in this instance it really is not a true incoming connection. It just seems that way to the firewall because I’m guessing a hyper-v virtual network adapter is being used. I am surprised that the log even lists the blocked connection unless you actually have a block incoming rule with logging enabled for that rule.

1 Like

Ok thank you for the explanation, I’ll look at it again this weekend.

1 Like

If I make the default COMODO - Proactive Security configuration file active then nothing happens when I try to run the Amazon Appstore - the app doesn’t appear - except the folder ProgramData/Microsoft/Windows/WER is placed in VTRoot.
There are no alerts, nothing of note in the Logs under HIPs and Firewall.
I should add that the said configuration file was generated when I installed CIS under Windows 10.

Does CIS not support Windows Subsystem for Android?

Windows 11, Windows Subsystem for Android (WSA) is a platform for installing and running the Amazon Appstore app store as well as Android apps directly in Windows.

Windows Subsystem for Android runs in a Hyper-V virtual machine, just like Windows Subsystem for Linux (WSL), with a true Linux kernel and Android OS based on Android Open Source Project ( AOSP) version 11.

Comodo CIS current firewall does not have a gateway to manage I/O since it is a virtual machine under linux or android

I got into the Android Settings for the Network and Internet and it would appear that the WSA uses a virtual Wi-Fi connection using an IP address in the range 172.x.x.x for itself, the Gateway and the DNS Server. The particular addresses change every time WSA is opened.
Setting a Global Rule (at the top of my list) to allow TCP/UDP In with the Source Network Zone 172.0.0.0-172.255.255.255 allows Amazon Appstore to fully work.
I hope this doesn’t leave me open to abuse though.

Help on Hyper-V virtual machine management
See network configuration

Upon accessing the Network and Internet settings on my Android device, I discovered that the WSA (Wireless Streaming Adapter) utilizes a virtual Wi-Fi connection with an IP address range of 172.x.x.x. This range includes the IP address for WSA itself, the Gateway, and the DNS Server. Interestingly, these specific addresses change each time WSA is launched.
To ensure the complete functionality of the Amazon Appstore, I created a Global Rule at the top of my list, allowing TCP/UDP In with a Source Network Zone of 172.0.0.0-172.255.255.255.
However, I do have concerns about potential vulnerabilities or misuse resulting from this configuration.

For me, it worked with a slightly narrower zone, but they have since switched to 192.168.x.x.