Comodo and xbox360

efjay · May 18, 2006, 1:31pm

Is anyone using an xbox360 to connect to their pc with Comodo installed? I have tried to set up rules according to the instructions here http://support.microsoft.com/kb/910635 but i can only connect to my pc with the firewall disabled. Any help would be appreciated, thanks.

panic · May 18, 2006, 5:49pm

G’day,

This should work if you add your local LAN as a trusted zone in CPF. This can be done by opening CPF and clicking on the SECURITY button. In the SECURITY pane, click on the TASKS button and then click on ZONE. Give your zone a recognizable name and enter the start and end arresses of your LAN segment and then click OK to save it.

One small point, make certain your addreesses are correct, as this release of CPF doesn’t have a way of deleting zones once they are set. I believe that a future relase will allow you to see and manage the established zones.

If this fixes the issue, can you post a reply here, so everyone knows.

Hope this helps,
Ewen

efjay · May 18, 2006, 7:48pm

Thanks for the tip, unfortunately that didnt work.

egemen · May 18, 2006, 10:28pm

Can you follow the following steps :

1-Goto Security->Network Monitor,
2- Double click on the BLOCK IP IN… rule i.e. the last rule in default configurations,
3- Select Create an alert when this rule is fired option and click OK button.

After following these steps, please retry your XBox connection. Activity->Logs section should now show you what CPF blocks. If you can paste the logs here, then we can have an idea about what is going on.

Thx,
Egemen

efjay · May 19, 2006, 7:57am

Thanks egemen. I will try that when i get home from work and post the log.

efjay · May 19, 2006, 8:00pm

Ok, here is the log from todays attempt. I notice it lists some ports not mentioned in the Microsoft support page.

Date/Time :2006-05-19 22:31:14
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.101, Port = 2869)
Protocol: TCP Incoming
Source: 192.168.0.100:54419
Remote: 192.168.0.101:2869
TCP Flags: SYN
Reason: Network Control Rule ID = 1

Date/Time :2006-05-19 22:31:04
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.101, Port = 2869)
Protocol: TCP Incoming
Source: 192.168.0.100:54419
Remote: 192.168.0.101:2869
TCP Flags: SYN
Reason: Network Control Rule ID = 1

Date/Time :2006-05-19 22:30:59
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.101, Port = 2869)
Protocol: TCP Incoming
Source: 192.168.0.100:54419
Remote: 192.168.0.101:2869
TCP Flags: SYN
Reason: Network Control Rule ID = 1

Date/Time :2006-05-19 22:30:54
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.101, Port = 2869)
Protocol: TCP Incoming
Source: 192.168.0.100:54419
Remote: 192.168.0.101:2869
TCP Flags: SYN
Reason: Network Control Rule ID = 1

Date/Time :2006-05-19 22:30:44
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.101, Port = 2869)
Protocol: TCP Incoming
Source: 192.168.0.100:27917
Remote: 192.168.0.101:2869
TCP Flags: SYN
Reason: Network Control Rule ID = 1

Date/Time :2006-05-19 22:30:39
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.101, Port = 2869)
Protocol: TCP Incoming
Source: 192.168.0.100:27917
Remote: 192.168.0.101:2869
TCP Flags: SYN
Reason: Network Control Rule ID = 1

Date/Time :2006-05-19 22:30:29
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.101, Port = 2869)
Protocol: TCP Incoming
Source: 192.168.0.100:27917
Remote: 192.168.0.101:2869
TCP Flags: SYN
Reason: Network Control Rule ID = 1

efjay · May 19, 2006, 8:04pm

Here is my config from the network monitor

[attachment deleted by admin]

pandlouk · May 19, 2006, 8:07pm

Hi, efjay
You must move the rules you have created up, over the default block rule. This should solve the problem.
You can also change the rules from In/Out to In. The default Out rule covers the outgoing trafic.
But you could have avoided all this trouble if you had added as trusted zone 192.168.0.0-.192.168.0.255. For doing this go to “Security → Tasks → Add a Trusted Zone”

egemen · May 19, 2006, 8:48pm

Yes,

You need to move your rules up or move your blocking rule down. Actually, as pandlouk wrote, you can solve this problem by defining your trusted zone. It is the easiest way.

Egemen

efjay · May 20, 2006, 8:43am

Thanks for the replies, I did already try to add a trusted zone as panic suggested for the range that covers my routers dhcp assignment - 192.168.0.100 to 192.168.0.199 and that didnt work. I will try moving the rules and creating another zone if that doesnt work. Is there any way to delete the previously manually created zone? From the ini files maybe?

Edit: Actually it seems i didnt complete the zone adding procedure. After defining the zone previously i didnt add it as a trusted zone. When pandlouk mentioned “trusted” zone i noticed the wizard for trusted zone and after going through that it now works. Thanks to all for the help. Hope this helps someone else.