I am also having a VPN issue, but not with the XP version. I use Nortel Contivity which worked fine with 2.4. I’ve attached a log file from Nortel, but there’s not much in it.
The error I receive when trying to connect is:
Login Failure due to: Driver failure.
There are no popup alerts.
There are no Firewall or Defense+ log records.
Network zones shows:
The zone is an ip address mask and the ip address in the zone begins with 172
This is not my pc, router, or VPN server’s ip address. I’m assuming it’s an assigned ip for VPN use?
Firewall Network Security rule for Extranet.exe is:
Allow IP Out from IP Any to IP Any Protocol is Any
Defense+ for the same file is:
Access Rights - All entries are either Ask or Allow
Protection Rights - All entries are No
Network Defense is set to Train with Safe Mode
Proactive Defense is set to Clean PC Mode
Firewall Alert settings are medium
Platform is XP SP2, trying to use the default Windows Connection setup to VPN (PPTP).
Disabling the firewall works fine but the VPN won’t connect with any of the other settings, including training mode. I’ve also tried to add the PPTP port to no avail, as well as adding in the network that was found when the VPN connected while the firewall was disabled.
Here is my post from yesterday
Operating system Windows XP Pro SP2 x86
As I installed Comodo Firewall Pro 3.0.13.268 I can’t open a tunnel to a VPN server. As the log shows a PPTP connection can be established (process- System, TCP out remote port 1723), but the GRE protocol is being blocked without any reason (for the process “System Idle Process”) in both directions.
First I thought it should work as the 2.4 version of Comodo Firewall and have created a global rule for GRE protocol (allow, in/out, IP type GRE, source- my local IP, destination- IP of the VPN server)
Then: I selected the “System Idle Process” as an application in “running processes” and created the same rule for it.
Then: allowed GRE for any source/destination in global rules and for “System Idle Process”.
Then: allowed everything for “System Idle Process”.
Then: allowed EVERYTHING in global rules. In this case I saw as the firewall allowed even the netbios broadcasts (UDP in destination/source ports 137-138), which are being also logged as an activity of the “System Idle Process”, but the GRE protocol is being blocked.
What else can I do to allow GRE?!
I have of course no answer til now and I don’t think we get any, the thing simply DON’T WORK, that’s all
I’ve just found some relevant information in russian forums. Many people have the same problem, one of them found such “solution”:
-Disable firewall (I don’t know, what he was meaning- unload the firewall monitor and/or its service or just disable it anywhere in settings)
-Connect to VPN
-Enable firewall
-Now you can disconnect and connect the VPN anytime until you restart ;D
Of course, it’s just a bug of comodo, nothing else (:AGY)
It is how I got VPN, both IPSEC and PPTP working. I should mention that in global rules I have only incoming ICMP ping request block, as I also use machine as development server.
But I agree, this is making things unnecessary complicated and comodo should come with default rules that support this. I even had to alter System Idle Process rules to get tracert working, that’s silly.
I’m seeing more and more support forums where ppl post problems with Comodo and VPN suggest either swichback to previous versions or even choose another firewall, as many of the suggestions already posted could compromise security.
I still need to hear from Comodo themselves what’s the solution concerning this issue?! Several threads here on this board is already running with this problem.
I’m trying to connect to my corporate networks remote access server using Windows XP’s built-in VPN client and it cannot complete authentication when the comodo firewall is enabled. When I disable the comodo personal firewall, authentication completes and it completes the connection.
I’m a long time user of Comodo 2, and I’ve recently downloaded v3. (Congrats on a truly amazing product!) I’ve got a problem, though – and it’s something of an emergency. I need to connect via a VPN. Right now I’m working on Nortel Contivity, and later I’ll need to use Cisco. (Yes, it really is possible to have them both on the same system. I’ve had them together for years; it just takes a bit of tweaking.)
In any case, I’m struggling with my Nortel VPN connection. In my Firewall Events, I get the following:
System Idle Process: blocked protocol 50 from my system to the remote firewall.
My firewall software is “trusted.” In my Global Network Rules I am allowing IP protocol 50 between any addresses. Still no luck, though. Normally I’d play for a day or so, since there’s usually an answer to be found if one is patient and persistent. But I need to get into the network tonight–and I’d rather not have to revert to the old firewall to do it. Can someone help?
A bit confused - This remote firewall - what is it on? What firewall software is “Trusted” and do you have them both (CFP and the “Trusted” one) running on one computer? Is this a LAN? Have you defined a Network Zone and then run the Stealth Ports Wizard to define a Trusted Zone?
Sorry about that. There is no remote firewall, just a VPN that I need to talk to. (The VPN is Nortel Contivity.) What I meant to say is that my VPN software is a trusted application in Comodo.
As to having used the Stealth Ports Wizard – no, I didn’t do that. I went directly into the Global Network Rules and created “allow any IP in/out” entries to the relevant hosts. Just for good measure, I just did the same thing with the wizard, and simply got additional pairs of rules (one for incoming, another for outgoing). In any case. it didn’t help.
I figure that I am missing some key blocked traffic; I’ve turned on logging wherever I can, but I don’t see anything being blocked. At this point I trust their whole network – something I would never normally do.
In v2, I simply watched the log, and kept adding rules till I had covered all the key events. But that doesn’t seem to be working here… I’m even using Wireshark to see what I can figure out.
What I’m seeing there is
PC -> VPN ISAKMP Aggressive
VPN -> PC ISAKMP Aggressive
PC -> VPN ISAKMP Aggressive
VPN -> PC ISAKMP Transaction (Config Mode)
PC -> VPN ISAKMP Transaction (Config Mode)
VPN -> PC ISAKMP Quick Mode
PC -> VPN ISAKMP Quick Mode
VPN -> PC ISAKMP Quick Mode
At this point with the firewall on, the conversation stops. But with the firewall disabled, the PC begins sending ESP messages to the firewall. These messages are allowed in the Global Rules section of Network Security Policy, both explicitly (Allow any IP In/Out to VPN address with protocol 50) and implicitly (Allow any IP In/Out ot VPN address with any protocol). These are the first two rules in the Global Rules section.
Try to change the “block and log” rules to “ask and log”. Both in application rules and global rules. I have found that if i create a rule manually it doesn’t always work, but if i use “ask” and then click “allow and remember” the rule works…
I don’t use vpn but try to set svchost to ask and maybe a few others related there.
Try it and see if it works…
This strikes me as odd, and possible wrong; why is my System Idle Process trying to do anything? In the meantime, though, perhaps this is the key to getting it fixed. How can I add permissions to the “System Idle Process?” Is there a particular executable associated with it?