Hi All, I relatively new to Comodo. How do I configure it so that I can see my NAS? (:NRD)
Hi dcwalin,welcome to the forum,
Try using the “Stealth ports wizard” to configure access
Firewall/Stealth ports wizard/click “Next”/check “I would like to define and trust a new network zone”/Enter the IP address and then Finish.
This should give you 2 new application rules under “System” and 2 in global rules
Matty
Hi Matty, thanks for the reply.
I tried this and still no luck. The NAS I am using is a D-Link 3223. It comes with a utility (Easy Search) which I would use to map my drive. I have 2 computers on the network. I was on the phone with D-Links support and it was determined that if I shut down the firewall, I could map the drive. This works on computer # 2, but not my main computer. Regardless, shutting the firewall down is not the optimal method.
Dan
Hi Dan,is it the D-link 323?
I`ve done some reading about it and it looks a pain to set up even with windows firewall :-TD
Anyway is there anything showing in the Firewall/Defence+ logs? Firewall/View firewall events/click more to see D+ as well.
Something else you could try is putting the Firewall and Defence+ in “Training Mode”–>Re-boot with the NAS and try to map the drive.Remember to switch back to your previous mode.
Matty
Yes it is the D-link 323. Actually there are a number of reviews indicating that this is a decent device.
I was able to map it easily on computer #2 after shutting comodo v-2, although this is not the solution. Unfortunatley, I cannot shut down V-3 on my main computer completely and therefore cannot even map it. (Windows firewall indicates that Comodo is still protecting my computer even though i right clicked and exited the program).
Still, I have to find a way of configuring Comodo so I can see this NAS. I appreciate and have tried your suggestions up to this point and have had no success. Do you have any other suggestions?
Thank you
Open CIS and click FIREWALL - ADVANCED - ATTACK DETECTION SETTINGS - MISCELLANEOUS.
Deselect “block fragmented IP datagrams”. you should preferably reboot at this stage.
This method was required to make NAS’s work under CFP V2.X, but I have to admit I haven’t tested this under CIS.
Let us know if this works
Ewen 
Hi Ewan,
I like how you identified exactly where I had to go to perform the action. Tried it and no luck. Do you need more information or should I attach some screen captures so you can see what I’m seeing?
Dan
Are there relevant BLOCK entries in your log?
Hi there,
Not as I can see. Here are some screenshots that may answer questions. Comodo is still in training mode. Let me know any others you may need.
Thanks
Dan
[attachment deleted by admin]
As a test, can you please try the following;
- Create a zone using a range of IPs : 192.168.2.1 - 192.168.2.255 (name this zone TEST LAN)
- Open CFP/CIS and click FIREWALL - ADVANCED - NETWORK SECURITY POLICY - GLOBAL POLICIES
- Add a rule using the following parameters;
Action : ALLOW (Enable logging)
Protocol : IP
Direction : IN
Description : Test for NAS / LAN access
Source Address : Zone - TEST LAN
Destination Address : Zone - TEST LAN
IP Details : IP Protocol - ANY - Add a rule using the following parameters;
Action : ALLOW (Enable logging)
Protocol : IP
Direction : OUT
Description : Test for NAS / LAN access
Source Address : Zone - TEST LAN
Destination Address : Zone - TEST LAN
IP Details : IP Protocol - ANY
Make sure that these two new rules are at the top of your rules list in the Global Policies. After creating these rules, you should reboot to ensure that they are initialized and read correctly.
Let us know how this works out.
Ewen
P.S. These two rules are reasonably loose and may require further refining. These are justa baseline test to see whether the NAS is being blocked at the LAN level.
Hi Ewan,
I tried this and still no access. I went over your instructions again to confirm I got it right rebooted and tried a second time so it looks as though I am being blocked at the network level.
G’day,
Since we now have logging enabled on these two new rules, you may have something pertinent in your firewall logs.
Can you check and post any relevant details here?
Cheers,
Ewen
I’ve also contacted DLink support to see if they can shed any light on the issue.
Ewen
Hi again,
Under my firewall logs, there were no events for “today” or “this week”, but here are screenshots of “all the time”.
Also Re- D-link, I was on the phone with D-link for 5 hours over 2 days trying to resolve the problem. Eventually, the Tech asked if I had another computer in the room which I do (running Comodo V-2) to try. I was able to map the NAS from that computer when I shut the firewall down (and the Windows firewall still enabled). This determined that the problem resides on my main computer using V-3. So we then tried again on my main computer after shutting Comodo down and disabling the Windows firewall.
At that point, I went to Control Panel - Security Center and under Firewall, it indicates that the Comodo firewall is currently on (even though I shut it down).
We then did pinged the NAS. Results: sent = 4, received = 3, lost = 1 indicating that something was still blocking it.
Thanks again,
Dan
[attachment deleted by admin]
Do your PC and the DLink have static IP addresses or do they both automatically get one from your router?
Ewen
I know the NAS is set up that way and I’m pretty sure my PC is as well. How do I confirm that?
If I have a problem with my internet connection, I’ll unplug the router and modem for a minute or so and plug back in which I assume resets the IP address, so I assume it’s dynamic as well.
Check the properties of your network connection first. Right click your LAN connection in “Network Connections” and select PROPERTIES. Double click TCP/IP. If the address properties are set to “Obtain an IP address automatically”, they your PC doesn not have a static IP address and it is getting one from a DHCVP server somewhere on your LAN - probably your router.
Another thing to check - can you ping the NAS if you disable Comodo? If you can’t then the problem is not Comodo and we need to look further.
Ewen
I believe they are not static.
“Obtain an IP address automatically” is selected under Network connections.
Re - Disabling Comodo, I’m not sure that I am actually disabling it. Is it as simple as right clicking on the tray icon and selecting “Exit”?. I’m assuming that closes the application, but as mentioned even after doing so, Windows firewall indicates that “Comodo Firewall is currently on”. Is there another way to disable Comodo?
When I ping the NAS. Results are: sent = 4, received = 3, lost = 1 indicating that something is still blocking it.
Hey folks,
I have disabled both Comodo Firewall and Defense. I still cannot map my NAS, so it appears that it’s not likely a problem with Comodo.
I did check my windows services to see if I could find anything that stood out. The Computer Browser service is set to automatic,although it is not started. I get the 1075 error message when I try to start it. I think this could be the underlying problem. It looks as though I’m going to have to work on this issue.
When I get this fixed I will update this string.
Thanks for everyone’s help and input to this point!
Dan