Hi there I have recently installed Comodo V3 on my machine and overall I find it to be very good in protecting my system. However when I use a program call Terrapin ftp to upload pages to my website I get the following message.
Server refused . Could not open data connection port 34427 . Connection port timed out.
This occurs when Comodo Firewall is set to safe mode and when Defense & Security Level is set to safe mode.
I have found though by disabling both the Firewall and Defence & Security levels the transfer go’s ahead with no problems.
Is there a way I can set Comodo so that I can have it running at safe mode without having to disable the program and then run the risk of forgetting to reset to safe mode.
Sorry in advance if my question is basic to other forum users however I am willing to learn. Thanks in advance.
I`m not a big user of ftp but the first thing you could try is to give Terrapin the pre-defined firewall policy “ftp client” in application rules.
To do this look in Firewall/Advanced/Network Security Policy/Find the entry for Terrapin,highlight it and click “Edit”/Now check the box “Use a pre-defined policy” and from the drop-down choose “Ftp client”/APPLY to close all windows.
Cheers,
Matty
ps,Is there anything in the logs? look under Firewall/View firewall events and Defence+/View Defence+ events… hit More to get more options
Hi Matty
Thank you for your reply.I have followed your instructions and am still getting the same problem.
I looked in Application rules and changed it as you sugested it now reads as follows
C:\Program files\Teripin FTP\ftp95.exe Ftp Client
Ticked Allow access to loopback zone
Ticked Allow outgoing FTP Connection Requests
Ticked Allow Outgoing FTP-PASV requests
Ticked Allow Incoming FTP-DATA Requests
Ticked Allow Outgoing DNS requests
Crossed Block and log all unmatching requests
I then viewed Firewall/View firewall events
Application C:\Program Files\Teripin FTP\ftp95.exe
Action Blocked
Protocol TCP
Source IP xxx.xxx.xx
Source Port xxxx
Destination IP xx.xx.x.xxx
Destination Port xx
Is Crossed Block and log all unmatching requests the problem
Hi Shellshock try putting a rule in place to allow the blocked traffic(assuming the Source IP being blocked is the pc you are transfering from).
Open Firewall/Advanced/Network Security Policy/Find the entry for Terrapin and highlight it/choose “Edit” and now check “Use a Custom Policy”/Now click Copy From—>predefined security policies—>FTP client[this should then give you the same rules as FTP client in the window]/Now below the rules click on “Add” then,
Action=Allow(tick logging if you wish)
Protocol=TCP
Direction=Out
Source Address=xxx.xxx.xx.xxx(this should be your IP address)
Source Port=Any(it could vary)
Destination IP=xxx.xx.x.xxx(this should be the IP of your website)
Destination Port=xx(the port shown in the logs)
Hope this sorts it,if not post back with same info,eg if your still getting the block logs
Cheers,
Matty
ps Here`s something i read on the Terrapin site which may be useful
Can I Connect through a Firewall
Yes - select View…System Options and select the Proxy tab. Half way down the page on the right hand side you will see a check box headed 'Use Passive Data Connections (PASV). Check the box and then click on Apply and OK.
Normally data transfer connections (i.e. when files are to be transferred etc.) are made by the FTP server connecting to your computer. Your firewall will block these connections. The PASV setting will notify the FTP server that all data transfer connections are to be made from your computer to the FTP server.
Hi Matty Thanks for the advice . The info you found on the Terrapin Website is very useful All I have done is just altered the setting of Teripin ie PASV and loo and behold I am now able to transfer files using Terpin TFT without having to disable COMODO.
So once again a very big thank you for your help and advice.Shellshock