I’m at a complete loss. I’ve been using Comodo FW and D+ for roughly 3yrs and have enjoyed it but I have hit a brick wall with Cisco’s IP Communicator. I have had the Communicator set up on other laptops with Comodo before with no problems.
The Communicator works great if I disable the Comodo FW, once I enable the FW the Communicator will NOT register. For a last resort I put the FW in training mode and that didn’t work. For the rules I allowed anything for the Communicator and it didn’t work.
I did a netstat -an and looked for any extra ports or IP’s. Also looked at the Firewall events…nothing there, and watched Comodo’s Active Connections…nothing new there.
I’m starting to think there is a application I’m not allowing to get through. I’m hoping someone here has had exp setting up IP communicator. I have run Sys Internals Process Explorer and didn’t notice anything different.
Please let there be some simple fix. Thanks for your help and time
-The IP Communicator needs inbound traffic and that could be blocked depending on your global rules setup
-The IP Communicator uses fragmented traffic and that gets blocked by the FW if the option is set on the advanced page.
-There is a FW rule in place that blocks some traffic of the IP Com.
Can you please post your CIS version your using?
Check your FW global rules to see if there is a blocking rule there that might cause issues (probably incoming traffic blocked)
Check if you have ‘block fragmented traffic’ enabled on the advanced FW settings
Make sure to verify the Firewall policy for the IP Com executable(s) and see if they are set to ‘Trusted Application’ which would allow both incoming and outgoing traffic from IP Com.
Please also note this;
Note: The Cisco CallManager sends keepalive acknowledge messages to the registered devices once every 30 seconds. If Cisco IP Communicator is behind a firewall, or if there is some Access Control List(ACL) configured in the network, the keepalive traffic between the Cisco CallManager and IP Communicator is blocked. In this case, make sure that the firewall/ACL is configured to pass TFTP and RTP traffic using the appropriate port range.
I’m going to go thru the settings now and pray one of them works. I did allow fragmented IP’s through and that didn’t work. I’ll work on the others now.
Well it came down to the unchecking the “Protect the ARP Cache”. I verified it by checking it and then trying to launch the Communicator. I left the “Block Fragmented IP datagrams” unchecked as well.
Now I’m trying to figure out why the ARP cache setting is preventing the IP communicator from registering.
Yes and that’s probably the ‘default gateway’ causing the issues.
Just before and after it seems to have the same MAC so I suspect a bug here.
I’ll notify dev’s to have a look at this post.
Grrrr I had everything typed out and the connection timed out.
I’m using Win 7 pro x64, SP1
Realtek PCIe GBE NIC
HP Pavilion dm4 laptop
Cisco VPN client 5.0.07.0290
I cleared the arp cache and ran the comparison again. I enabled ARP protection and tried running IP comm. The 10.150.0.200 (Cisco VPN) Interface failed to show up in the cache.
I cleared the arp cache again and DISABLED ARP protection and ran IP comm and the 10.150.0.200 Interface showed up.
Why would ARP protection block the VPN Interface (10.150.0.200)?
