I use CIS 5.0.16 + Windows 7.
My problem is that Comodo Firewall blocks all access to all server programas I have on my PC, when I try to access them through the 3G connection on my smartphone.
I can connect without problems by wifi connection (whether I’m connected to my LAN as if I’m connect trough Internet), but 3G is impossible. Of course I mapped ports on my router and the applications rules are correctly created in Comodo Firewall section (otherwise it would be impossible to connect to wifi mode).
The input connection is established but nothing happens. I can observe how on 3g connection “TCP IN”, requests are handled by several IP’s, however when the connection is by Wi-Fi, only one IP.
I put Comodo firewall in learning mode but does not create any new rule. And Comodo does not show any type of lock. The only way to connect is putting Comodo firewall in "disabled"mode.
Could anyone help?
Hey and warm welcome to comodo forums rivo!
add the exe file in application rules in firewall (CIS —> Firewall —> Network Security Policy —> Application Rules Add —> Select —> Browse… Now you have search for the wanted file).
Enjoy your stay here at comodo forums.
Thanks for your answer.
I´ve rules for all my applications in Network Security Policy section.
This isn´t the problem. I’ve even created a rule for these applications that allow all incoming o outgoning traffic, but don´t work when I try connect them by 3g connection.
I think it´s an exclusive problem related this tecnology because, as I said, if the connection is made from outside my house by my smardphone wifi interface, everything works fine.
and you have tried to add it as a new network? do you know what your smartphone has for MAC address or you 3G connector? Look here CIS —> Firewall —> Network Security Policy —> Network Zone ----> Add ----> A New address
I never tried a 3G connection from anything else then a USB 3G stick (and not at that time using CIS), and thus not from a smartphone.
I don’t how your smartphone accesses your computer (3G, wired connection, usb port…?) but it might in every situation might be recognized by CIS (if recognized) as an external device, whereas CIS never remembers any rule from an external device.
Furthermore, and when using a 3G connection, it is not plainly a wifi connection on the technical side: if connected to the computer, the device fakes a CD, and even if not, it behaves as a virtual modem in order to dial up; all of these run specific applications, to which might be added the specific phone brand software launching the said applications.
In these conditions, every of these applications, if recognized, can even be hidden (e.g. inside defense+ keyboard or monitor access rights), must be allowed and, as you probably neither know their name or path, the only chance, if not done, is probably to customize the firewall and defense+ to the extent to which they ask for everything (highest levels, checking image execution, customizing every rule…).
Can you see if the firewall driver is installed for your 3G connection? See attached image for reference.
[attachment deleted by admin]
This is not, as allready discussed, a valid argument.
CIS firewall virtual drivers are only an artefact of some older versions or other Comodo software and, in the general situation, CIS does not install nor needs such a pseudo-driver.
Such a compulsory use of virtual drivers most usually is the fact of Outpost and/or KIS/KAV, and very often brings hardware compatibilities crashing the system in nice BSODs.
We should not advocate for virtual drivers only able to bring us a lot of trouble depending upon the hardware configuration, unless we want people to prefer the said third-party softwares.
Firstly thanks everybody for your suggestions.
It seems I found the problem.
I was wrong. It was not a problem exclusively related to my Iphone 3G connection. Neither I can´t connect to my programs servers when I am out of my local network connected to an open wifi network. It’s strange because I remember that before could. When I was away from home, connected to open wifi network and I could access my tv streaming server or webinterface of some programs in my pc. Maybe something changed when I upgrade to the latest CIS version.
The problem was the “lock” rule that I always add at the end of the Network Security Policy section.
I have used it ever since I worked with Kerio firewall and I continued using it in CIS.
Values for this rule are: for all applications block ip protocol input/output, any ip, any port.
This prevents unwanted connections and warning messages. In Firewall security level I choose “Safe mode” and I’m calm. When I install a new program, manually add a new Network Security Policy rule or switch CIS to learning mode and then the customize the new rule.
After trying all your suggestions (I added new network zones, executables to Computer security police section, …) I tried to delete “lock” rule and I could connect to my servers via an external wifi network and 3G internet connection that I have contracted with Vodafone on my Iphone.
I did not think in that solution because I never had problems with that rule. However, lock rule was blocking any system connection, although Active connections window did not display nothing and Firewall events window neither.
Finally I deleted the rule and I have switch security level to Custom Policy.
I wanted to know if this level is equivalent to the lock rule. And if there is any danger for having erased it.
Thank you all for your attention.
I would suggest you change the alert level (second tab) to high or very high, depending on how much control you want.