Comodo and Vmware 17 player issue

Ok So I have home assistant on Vmware player 17 on my Win 11 Machine(host). I am using the recommended bridged connection in Vmware player 17. I am able to access the AI on Win 11 directly and also in home assistant integration no issues as long as the comodo firewall is disabled.

Basically I install the integration in Home assistant providing llama support and as long as the firewall is down I can get it working. Firewall up and the integration breaks. So I tried adding under global settings in commodo the IP and port for llama/home assistant IP as source and my Win 11 host IP as destination. It wont work. So I do the opposite and it work work. Then I add all IP’s and any port and it wont work.

Kindly advise what I am doing wrong please. Using version 12.2.2.8012

thanks

I cant seem to edit the post.

Update: upgraded to the latest version of comodo internet security and still have the issue.

Try adding a rule in Comodo to allow traffic on the specific ports and IPs Home Assistant and Llama use. Make sure it’s set to allow both inbound and outbound traffic.

Thanks. I went to settings>Protection>Firewall>Global Rules

tried a few rules

Action: Allow
Protocal: TCP or UDP
Direction: In or Out
Source Address: Tried both IP addresses and swapped it with destination
Destination Address: Tried both IP addresses and swapped it with source
Source Port : Any
Destination Port: Any

So I have tried this a few times. I went with Any in the ports for the moment to confirm it does not work and the only thing that seems to work is if the firewall has been disabled.

If adding specific IPs and ports isn’t working, try setting up a firewall rule to allow all traffic for the specific application or service, not just the IPs and ports.

Just tried this and it did not work.

Action: Allow
Protocol: TCP or UDP
Direction: In or Out
Source Address: Any Addresses
Destination Address: Any Addresses
Source Port : Any
Destination Port: Any

Hi Mrsash,

Thank you for reporting.
We will check and report this to the team.

Thanks
C.O.M.O.D.O RT

Thanks. Not sure why its not working but this concerns me about other rules.

You need to create an application rule for Windows Operating System and set it to either the outgoing or allowed ruleset. In order to add WOS you have to use the running processes option.

Hmm made sense but did not work for me.

Settings>Protection>Application Rules>
Clicked Add
Clicked Browse> Running Processes and Chose Windows Operating System

I tried the custom ruleset where I allowed the specific IP address and any port and also the pre set ones.

Any updates on the investigation?

Try disabling do protocol analysis, block fragmented ip packets, and anti-arp spoofing. Also remove any application rules for any vmware executables if you have any defined. And leave the wos rule in place while having the allow global rule with both ports and addresses set to any for source and destination. And finally make sure the blocked network zones is empty and check the firewall logs if there is any blocked events. Oh and make sure windows firewall is off for all three profiles just in case somehow its interfering.

Thanks for all that but you might have to lay that out for me please. Not sure what I am doing. Will give it a try.

Update:

Do protocol analysis, block fragmented ip packets, and anti-arp spoofing were all un-ticked already. Haven’t added any rules for VMware and blocked network zones is definitely empty.
Windows firewall says no action needed since it recognises Comodo firewall is active.

The interesting thing is the moment I disable comodo firewall the integration works.

View logs: Firewall Events is blank for some reason. I tried adding filter by date and other parameters and it was still blank.

Can you even ping the vm from the host? What is the current global allow rule defined as? Do you still have the WOS application set as the allowed application ruleset?

Pinging works from host to VM. Global ruleset, hmm assuming whatever Comodo setup. Allow All Incoming Requests If The Sender Is In [Home #1] etc. I removed it now since it wasnt doing anything.

Create a global allow rule with the direction set to in, protocol IP, source and dest. Address any. Then make sure the WOS application rule is the same but with direction set to In/Out. Then try again, if it still doesn’t work, then try changing the vm network type from bridge to nat.

Tried it. No go. Havent tried NAT yet. Will need to check… Will this break anything?

No it shouldn’t but you will probably still need the global allow rule in place.

1 Like

Thanks. I am a bit hesitant to touch home assistant since turning off the comodo firewall fixes the issue but not safe desktop wise. So the issue is Comodo related and would rather get that fixed. Not sure whats happening, since no update from the Comodo team.

So is there any update or any fix of this issue Comodo team?