Can't Ping Computers

Comodo Internet Security - CIS Firewall Help - CIS
1

Using the web-based admin screen for my router, I’m able to ping all my computers (the win 7 machines use Comodo), but using PING from a cmd prompt, I can’t ping anything but the router.

Watching the firewall events log, I don’t see anything being blocked and I’ve set up my net using an IP range from 10.10.10.1 to 10.10.10.255 as “Home Net”. Home net was set up in stealth ports to allow all traffic. I’ve confirmed that there are global rules that allow all inbound and outbound traffic for those port ranges.

So near as I can tell, Comodo isn’t blocking it. Is there something I’m missing? Windows firewall is turned OFF.

2

Some routers have settings to disallow ping on LAN. If your Home Net is secure and isolated from WAN, you could just turn off CF and try to ping the nodes.

If it woirks, then it is CF that is blocking it. If not, then it is your router.

Things to check in CF:
Are echo request (ICMP 8 ) and replies (ICMP 0 ) allowed both directions in global rules for Home Net?
Is there a rule above allowing rule that could be blocking those?
Same goes for application that is pinging - is it allowed to send echo request and receive replies?
Are these rules set up correctly?
Is Home Net sure to be set correctly?

If all is good, then you could try allowing ICMP 0 and 8 with a rule, so you could monitor if they indeed are travelling through CF. I would make specific global rule to allow ICMP on Home Net and log the events - thus monitoring echo/trace -traffic. Or then log all Home Net traffic and hunt the ICMP traffic from log. Whatever suits you best.

3

Do you have more than one active network adapters like a VirtualBox Ethernet Adapter?
It can happen that Windows sends the ping request over the wrong adapter with a different subnet.

Edit:
Had a similar problem once and found the solution here in the forums :slight_smile:
https://forums.comodo.com/beta-corner-cis/wakeonlan-working-t51912.0.html

4

I erased all global rules except the ones that allow all traffic on my local net. Still no good. Interestingly enough, I can use VNC to remotely control any computer from any computer. Still can’t share files and see the other computers on the network though…

5

That was a great guess since I do have that on ONE of the machines, but even if I ping from one with only one active adaptor, the result is the same…

wait…

Wait…

I DO have virtualbox on this machine? When the heck did I do that? And you know what? Disabling the adapter for VB did it! I can see the other machines! I can ping! Freaking awesome!

You are my hero :slight_smile:

6

Hehe ;D
Good guess by me.

You could try the solutions from the link in the above post. Changing the interface metrics should allow you to ping other machines while the VB adapter is active, too.