I’m using latest CIS and after installation of the program, although I have selected option of automatically detect new networks, no network is detected by the firewall except for the loopback zone (see attached photo). I’m using cable modem to access the internet. How could I add my home network zone and what address range should I use for it?
Thanks
G’day,
The first thing you need to do is identify the addressing currently in use on your network, as this is the basis of any firewall rules you will make to allow local LAN traffic.
NOTE : Instructions assume CIS 10 and Windows 10
1.1. Open a “DOS” window by clicking on the Win10 start button and typing “cmd” and pressing ENTER
1.2. In the DOS window, type (without the quotes) “ipconfig /all”
This will display the parameters of all network adaptors currently installed on your system
1.3. Find the section that relates to your current connection and record the IP address shown for “Default Gateway”
The address will be shown as four octets (e.g. 192.168.1.1), but we are only interested in the first three (192.168.1)
Having determined and recorded the IP address of the gateway, the next step is to create a network zone that defines the address range of the local network.
2.1. Open CIS
2.2. Click the SETTINGS heading
2.3. In the ADVANCED SETTINGS windows, click FIREWALL → NETWORK ZONES
2.4. Click ADD → NEW NETWORK ZONE
Give this new network zone a relevant name and click OK
2.5. Click ADD ADDRESSES HERE (which appears below the newly created network zone name) to highlight it and then click ADD ->NEW ADDRESS
2.6. In the ADDRESS window, click the drop arrow and select "IPv4 Address Range)
2.7. In the START IP fields, enter the 3 octets that we recorded in step 1.3 (above)
2.8. Enter “001” in the fourth field
2.9. In the END IP fields, enter the 3 octets that we recorded in step 1.3 (above)
2.10. Enter “255” in the fourth field
2.11. Click OK to complete creating the zone
The third step is to use this newly created zone in a rule that allows to/from traffic across your local network.
3.1. In the ADVANCED SETTINGS window, click FIREWALL → GLOBAL RULES
3.2. Click ADD
3.3. Use the following parameters;
Action : ALLOW
Protocol : TCP or UDP
Direction : IN or OUTR
Description : Give this rule a meaningful name
Source Address : Type - Network Zone
Zone - The name of the zone we created in 2.4
Destination Address : Type - Network Zone
Zone - The name of the zone we created in 2.4
Source Port : ANY
Destination Port : ANY
3.4 Click OK and your new zone based rule should appear in the list of Global Rules
3.5 Ensure that this new rule is above any BLOCK rules that could prevent it running
Global rules are executed in a top-down fashion. A BLOCK rule above your ALLOW rule cold stop your rule functioning.
3.6 Click OK
3.7 Your newly created zone based global rule should now be in effect.
Hope this helps,
Ewen 
Couldn’t this actually be dangerous?
If someone gets through the router and onto a PC that is on the network. Then the intruder will actually have an internal IP address. Then they would be “cleared” to have access to any PC on the that network – even if the PC is running Comodo (with a network zone activated as SAFE).
np
Potentially, everything is dangerous. 
If someone gets through the router and onto a PC that is on the network. Then the intruder will actually have an internal IP address. Then they would be "cleared" to have access to any PC on the that network -- even if the PC is running Comodo (with a network zone activated as SAFE).
If I’m interpreting your concerns correctly, you’re suggesting that in order to preserve the integrity and security of the internal network we need to prohibit communications between devices on that network in case “someone” gets past the router.
If we do that, we no longer have a network and the convenience and facilities it provides.
Even if you only had one PC that connected to your router, your scenario is equally as “dangerous”. If someone gets through the router to that single PC, they could obtain access. So, it is not a question of whether the rule makes the network unsafe, the question then becomes “How secure is my router?”.
To secure your house, first secure your perimeter.
To secure your network, first secure your router.
HTH
Ewen
Hi Ewen. I agree 100% on all points. That’s why I run a separate fw to backup the ■■■■ you get from the isp. I guess I’ve been so used to manually creating permissions on the non-routable network.
I’ve went ahead and setup a home network per your instructions. In the end, this will save me a lot of time.
np
Thank you for your help on this matter guys, but how come the firewall doesn’t detect the network automatically? Is this an issue that needs to be fixed ? I’m on the default internet security configuration and I guess that my ip is dynamic, changes every other day.
It should so I think something is corrupted with the firewall. Do you see traffic in active connections task? Are you able to get firewall alerts if you set the firewall to custom ruleset? What type of network adapter are you connecting with? Is the Comodo firewall driver listed in the network adapter properties?
- Yes, there are active connections
- Yes, changing the firewall ruleset to custom, generates alerts right away
- Cable modem with ethernet port
- Yes, Comodo firewall driver is listed on the network adapter properties.
Also, i tried repairing the installation and it reported no problems.
Thanks
Do happen to have a router that you can plug in between the cable modem and your computer and try to see if the firewall detects the network that way? I wonder if comodo prevents you from trusting a network that is not part of the private address space as defined by RFC1918.
Unfortunately, I don’t have a router at this moment, but 3-4 months ago I’ve used PrivateFirewall with my current cable modem , and that firewall would generate detection of new network (I guess after rebooting cable modem or changed dynamic ip).
Just now, i tried turning the cable modem off for 5min and turning it back on. Comodo Firewall detected the new network, I selected Home network and I could see the new network in “Manage Networks” task, but as soon as I selected to trust this network, it dissapeared from the manage networks task. So, you are probably right futuretech, Comodo for some reason prevents me from trusting the network.
Technically when you select Home or Work from the new network detected alert, you are trusting that network as the firewall will create allow rules for System and under the global rules section. So if you really want to ‘trust’ your connection, then re-connect and select home and you should be set. The manage network task is just a place to quickly switch between allow or block for the connected network.
Interesting. I have manually added my home network, and it still shows nothing ‘manage network task’.
np
But is the internal network still functional and do you still have internet connectivity?
As Mark Twain said “■■■■ the theory if the machinery works.”
Roger that… I’m all good for now. I have put HIPS and Firewall back to Training Mode for a while, as I am 101% sure I’m clean like a new borns as$.
Later – I will move the firewall into Custom Ruleset and HIPS back to Safe Mode. To see who else may still be begging for access. 88)
np