Here is my question if you can help. I have one lan card for connecting to wireless modem and one lan for the work network. When I installed COMODO it allows only the internet access but stops the work net. How to fix it. Before I had only one LAN card and I had to change the connevting cable from the modem to the work net , then it allowed the work net but stopped the internet. Now after I have the two lan cards I uninstalled the comodo and reinstalled it again hoping that it will fix the problem automatically but it still exist. I have intenet but blocks the local net.
Wjat to do? Please help. I did ask before the help from comodo and sent them screenshots but no reply after that.
Welcome to the forums, svilen ~
I’ve moved your question here, where it will be better addressed. As I understand it, you have two NIC cards in your computer - one for a WiFi LAN, and one for a wired LAN. It sounds like you are able to access the internet, but not the intranet (LAN).
Can you tell me which NIC you are using for which function? And which function precisely is not working? If you are not able to connect to the LAN, are you referring to connecting to other computers, shared files or printers on that network?
First up, have you created a zone for your work lan? What is indicated in your firewall logs (usually it will say somethin like “blocked by rule 5”)?
I have a related problem. I wasn’t sure whether to start a new topic but thought perhaps both issues could be addressed together.
I have the same setup, two lan cards, one from the motherboard and one a pci card (dlink). Only one worked at a time so I did set up trusted zones - one for each of the LAN cards and I can now access both = however…
The complication I have is that there is a hardware firewall connected to the internal LAN, so my pc is connected to a hub (along with all the other pcs) which is connected to the hardware firewall which is connected to the dsl modem.
I don’t want to use this hardware firewall to access the internet, though others pcs do use it, and so my second lan card connects directly to the dsl modem.
I had the same problem and I think I set up two zones (not sure if I did it right). In any case if I unplug the internal lan I can access the internet directly through the dsl modem. If I connect both wires then I can access the internal lan but my browser is always trying to use the route to the hardware firewall. How can I force my browser to use the direct connection to the dsl modem through the second lan card.
I set the first lan card to have a hard coded IP address (192.168 etc) and the second lan card to get the IP address dynamically if that is relevant.
I think understanding this will help me understand a bit more how the firewall works.
I plan to set up a web site on this pc, which is why I don’t want to use the hardware firewall.
Before we look any further into your problem, are your IT staff at work aware that you are
- bypassing their corporate firewall
- directly connecting to the modem
- setting up a web server on a PC inside the work LAN perimeter
Thank you for your concerns…
a) I am the CEO.
b) We do not have full time IT staff yet.
c) I will ask an IT consultant to come and assess our requirements and make recommendations soon.
d) I still want to understand what I need to do with the Comodo firewall.
I have just started a new company and cannot afford full-time IT staff yet, though they will be essential once we expand a little.
We had a problem with the hardware firewall last week and a technical person connected directly to the internet, no firewall. Of course we became infected, not too serious as our virus software saved the day. If the same happens again (and in my experience the hardware firewall will cause problems from time-to-time), I want the staff to have a safe alternative.
I would prefer a PC based firewall rather than a hardware one, but that is my preference based upon how many times the hardware firewall caused problems before, usually just after being updated. But I will seek advice on this shortly.
Ewen, I understand your reason for concern.
Thanks for clarifying. I just wanted to make sure where we stood - not too bright if this is a security forum and we’re telling you how to bypass your security.
Are you using static IP address on either/both network adaptors or are they configured for DHCP?
If you are using DHCP, what is the address allocation range in your router.
My current line of thinking is to ensure that one card has a static address and that there is a block rule for port 80 applied to the other NIC.
One is static (the internal one where I do not want the internet browser to use) and the other is dynamic (DHCP I guess) and the range is 220.127.116.11 to 18.104.22.168
Blocking port 80 would presumably stop internet access, but if that is the case your suggestion would block the wrong one, allowing internet access on the static adress NIC and preventing it on the DHCP NIC.
Will the firewall have an ip address and can I block that? Sorry if this is a dumb question.
Can I block port 80 on the NIC with the static IP address anb if I do are there other consequences of doing so?
Thanks for your help so far…
If you set up a BLOCK rule for the static IP of the LAN NIC, then any port 80 request should go out via the other NIC.
Give it a try and let us know how it works out.
Hope this helps,
In the network monitor section I have 8 allow rules and one block. The allow seem to cover all IP addresses on all ports using IP in and out and ICMP in and out
The block rule seems to block everything.
I added another block rule blocking the port 80 on 192.168.1.20
Firefox (as monitored by the activity/connections screen) was then using udp on port 1069 IP 192.168.1.20. I edited the block rule to block all ports, but this had no effect.
Do the allow rules overwrite the block rule.
I also checked in the application monitor screen and there are 5 entries for firefox and nothing else. These seem to allow firefox to do anything on any port.
Should I delete the firefox entries and create one restricting its NIC access to the DHCP NIC?
I don’t want to just experiment because if I get it wrong I lose my internet access while working, so I would like to understand what all this means.
My apologies - I left out one important bit of info - the network monitor rules are read top to bottom. If you have created a BLOCK rule specifying 192.168.1.20 - port 80 - outbound, this rule must be at the top of your network monitor rule list.
The application monitor rules are OK as they stand now. They apply to the application and its communication requirements (ports, protocols etc.).
Application rules determine WHAT can get out.
Network monitor rules determine HOW they get out.
That was indeed a key piece of information.
I have blocked the destination ports 0-3000 and the destination IP of 192.168.1.1, which is the firewall.
I have probably done more than necessary, but that works.
If I did not block the IP address, Firewall tried to connect to that IP address and failed, then went another ropute - directly through the modem, so it worked but not without some failed hits on the internal firewall first.
Well, I have it operational now so thank you for your help…