Comodo blocking new router [Resolved]

I bought this new router, DIR-625. When I plug it in the computer, a pop-up of comodo appear, saying something like a new network zone was found, i accept it, and tick the first case. But When I tried to install my router, it wouldn’t let me to connect to the internet. So I disable it until everything is done. When restarting my computer with Comodo firewall, again, it blocked my connection leaving a message"Limited or no connectivity"… What should I do? ???


Have you tried running the stealth port wizard? Have you tried adding a new Network to your zones?

I just tried the stealth port wizard, then “Define a new trusted network - stealth my ports to everyone else” to everything I found next to zone name(Local Area Network #1, Local Area Network #2 and Loopback zone). Unfortunately, when I restart my computer, I couldn’t connect again, until I disable Comodo. :-\

This sounds very very familiar, as being a DHCP dynamic address assignment problem.

The Dlink router (model DIR-625, good router too) will provide LAN local addresses in the range. When your PC boots, the router will assign your PC an address, say Then you connect to the Internet, and the router does it’s stuff in moving packets around.

When your PC boots, and somehow can’t get an address from your router, your PC will create an address for itself, in the range. CFP will see this as a new LAN, and Windows will tell you “limited or no connectivity”

You can check what address your PC has with an “ipconfig /all” command. Click Start → Run, and enter this

cmd /k ipconfig /all

That’s in a quote box, so you can just cut and paste into the Run. Toward the bottom of that report, is the IP Address of your PC.

If you have the 169.254.x.x address, then you will need to add this rule into CFP Global Rules. Click Firewall → Advanced, Network Security Policy, and the Global Rules tab. Then click Add, and enter this rule

Action: Allow
Protocol: UDP # choose the protocol from the pull down list
Direction: In&Out
Source Address: any
Destination Address: singleIP:
Source Port: any
Destination Port: a port range: start 67 end 68

and then move that new rule to the very top of the CFP Global Rules, so it is the very first rule on the list.

CFP normally handles DHCP address assignment correctly. But sometimes it seems to miss, and it looks like it missed in your case.

Once you have entered this new rule into CFP, you should reboot, and all should work.

Yes, sometimes, I have the 169.254.x.x address and I did everything you said, but when I restart my computer with comodo set on safe mode, the message “Limited or no connectivity” still appears. Am I doing something wrong? :-[

Can you give me a screenshot of your Global Rules?

Open CFP to the Global Rules window, then maximize the window. Press alt-prntscrn to copy the image to the Windows clipboard. Then open Paint (click Start → All Programs, Accessories, Paint), and cntl-v to paste the image. Save the image as a JPG or GIF file, and then attach that file in your posting here.

I’m having the exact same problem,

I just installed Comodo, and it worked fine. Until I had to reboot, now I can’t get connected to the internet now.
I have a DLink DI-624 router.

I did this
cmd /k ipconfig /all

and the IP it displayed was
under autoconfigureation P address it listed
under subnet mask :

I followed your directions on adding a new global rule, and it didn’t work.

Any Ideas?

Alright here it is

[attachment deleted by admin]

Thank you. Your rule construction and placement look good. There have been occasions when folks have reversed the rule order, and things got very confused. Yours is good.

Then we’re left with 3 possibilities.

First, is that CFP is blocking a Windows application that is needs to handle the DHCP packets.

Second, is the router itself configured properly to provide DHCP addresses?

Third, is your Windows network connection configured to accept dynamic addresses?

The default on all three of those possibilities, isthat things “should just work”. But, any one of them outside the normal defaults, and then things don’t just work. Which is what you’ve got.

So, we’ll look at each of these three possibilities in turn.

For the possibility that CFP is blocking a Windows application, we need to look at the Application Rules (the other tab, next to the Global Rules). There are two applications that need to be checked: “svchost.exe” and “System”.
Probably the easiest way to check these is to use the Config Reporting Script that is in the sticky topic at the top of the forum page. This script reads your configuration, puts it in something resembling human-readable text, and presents you a Notepad report which you can save as a file. The you can attach that file in your next post.

For the possibility that your router is somehow misconfigured, you need to login to your router, click Network Settings, and see that the “Enable DHCP server” checkbox is marked. According to the web page I found, it should look something like this:

For the possibility that the Windows network connection is misconfigured, is uncommon, and a bunch of steps to go thru (which is why it is uncommon to be misconfigured). If the other two possibilities don’t turn up something, then will be something to check.

Welcome to the forums, cdoyle!

You’re welcome to follow along as we get Gbytes connection straightened out. Be aware that having potentially different problems in the same topic can get very confusing. If things start presenting the possibility of getting confused, I’ll split your postings to a different topic, so I’ll be able to answer your questions more to the point. For now, same problem, and same router, we can work along here.

So, I’ll ask you to do the same as I just asked Gbytes: login to your router, and check its DHCP settings. And to post your Config Report Script results so that I can see what your Application Rules are.

Thanks for the welcome,

here are my settings

[attachment deleted by admin]

Okay, so I just went in Network Settings, and the “Enable DHCP server” was checked. And thanks for the link ;D.
And here’s the Config Reporting Script

[attachment deleted by admin]

Thank you Gbytes.

Here’s the problem. It seems that svchost.exe has been classifed in CFP as being a “web browser”. Svchost.exe is a great many things, but it isn’t a web browser. It needs to have it’s CFP rule setting changed to be"outgoing only"

To do that, go to the Application Rules tab, and then look down that list to find “C:\WINDOWS\system32\svchost.exe”.

Click on that line to edit. When the rule window opens, choose the button that says to “use a predefined policy”, and select “outgoing only” from the pulldown list. Then click Apply all the way out.

And then a reboot, and it should work. If it doesn’t, then post another Config Report Script report.

yay!! it works!! ;D Thank you so much!! (R)

Fixed mine too!

Good to see that the application rule change is working for both of you.

I’ll keep this topic open for another day or so, in case some follow-on question comes up. Then I’ll lock this topic for reference. After that, if it needs to be re-opened, just PM any of the active moderators.