Comodo Firewall and Netgear Wireless Modem/Router and Firewall.

I have just installed a Netgear Wireless Modem Router /Router with the supplied CD, this also has a firewall. I also have running Comodo Firewall Pro and the two seem to be working together without problem?

However since installing the Netgear wireless I find that I am unable to send E-Mails or attachments. If I switch of the Wireless Network and connect to the internet with my old Speedtouch line modem, I am able to send the E- Mails etc.

Could there be a conflict between the two firewalls? or does the Comodo Firewall need to be set up somehow for the wireless network.

I do not wish to get rid of my Comodo Firewall as I have found it to be very good.

Any positive advice would be very much appreciated. I am a Senior Surfer and not a P.C. geek so any advice would need to be in the form of an idiots guide.

Thanks in advance.

Hello Retcop. First of all welcome to the Comodo forums. Retcop is that short for retired cop?

What version of the firewall are you using?

Can you show a screenshot of the firewall logs? They are under Firewall → Common Tasks → View Firewall Events. Following is a tutorial on how to post a screenshot.

How to post a screenshot?

To copy a screenshot of the active window push alt+print screen to copy the active window to the clipboard (pushing print screen will copy the complete window to the clipboard not just the active window). The window is now copied to the clipboard. Paste the image in any image editing program, Paint, Paint.net, the Gimp etc. Use the “crop” function to resize the canvas to size of the image. Now save the file as 32 bits png image.

At the forum push the reply button. Or when using the Quick reply type some text and push the preview button.

Underneath the text box click on Additional options. Push the Choose button and navigate to the file and select it. When you want to post more images click on the more attachments link.

When done typing push the Post or Preview button.

Thanks for coming back so quick.

Yes is the answer to Retcop -31 yrs. Didn’t have much to do with P.Cs out on the streets other than P/ Constables.

Comodo Version 4.1.150349.920.

I attach the screenshot.

Thanks once again.

[attachment deleted by admin]

From the screenshot I see no direct clue to email program being blocked. What email program are you using? Do you see blocks logged regarding your email program? Can show a screenshot of the email program being blocked. To see a longer period of time push the More button at the bottom and you will another more extensive logging screen.

Also I need more information about your connection. Are you on ADSL or cable? What are the version numbers of your Speedtouch and your Netgear?

When looking at the logs I see a change in Destination Address. Is that where you changed from the Netgear to Speedtouch or vice versa?

What strikes me as odd is that both destination addresses point out there is not a router in between. In case of the Netgear that would mean the router is switched off or your computer is facing the internet directly. This is usually being referred to as Exposed Host or Demilitarized Zone (DMZ) in the router’s settings.

I am using Mozilla Thunderbird(latest). Windows XP. The following Log 2 screen shot shows 9/11/2010 6.45:05 pm Protocol IGMP Source 192.168.0.1. Destination 224.0.0.1. Blocked. I tried to send an attachment and E-Mail at this time. I was using Wireless Netgear.

I am on ADSL. The Thompson Speedtouch is 330 - I have no problems when connecting directly through this. Log 3. Screenshot is when I was using Speedtouch a.m. today.

The Netgear Wireless Modem Router is Model DGN1000.

When I try to send E-Mail etc with Wireless I get message:-Message could not be sent because the connection to SMTP server smtp.tiscali.co.uk. was lost in the middle of the transaction ( it gets to 85% of the sending then stops).

I am definitely using the router when on wireless, the router connection and the sender connection are both highlighted on the task bar, and the speedtouch modem is disconnected from the telephone line.

When I installed the Router from the supplied CD I had to switch off the Comodo Firewall because the CD wizard could/ would not complete with the Comodo Firewall on.

I am clutching at straws now, but does Comodo Firewall need to let Netgear run as trusted. If so how does one do it? and would it expose my system.

Thanks for your time.

[attachment deleted by admin]

Log 2 attached

[attachment deleted by admin]

For some reason, your LAN rules don’t work.

In order for your local ip 192.168.0.x to connect to your router i assume to be 192.168.0.1, you need to allow broadcasting requests to these ip: such is the situation with your 224 and 239 requests, as well as withe the bootp request (ports 67 and 68).

Nevertheless, your first screenshot shows the interception of totally abnormal requests (notably from telnet port 23); ssh 22 is also unusual, but might be needed to communicate with your peculiar router.

And i see nothing logging whatever mail communication (ports 25 and 110).

I am an old user of cis v3, but quite new testing with cis v5.
Assuming the firewall is, in both instances, set as cis in proactive mode and firewall as advanced, the firewall is supposed to ask you about whatever communication, and gathering whatever it does not know about in “system” in cis v3 and “windows operating system” in v5.

In order to allow you LAN, you should, if not done, go to the firewall network security rules and:
-create a network zone, let’s call it LAN: ip 192.168.0.1 to 192.168.0.255
-eventually create a global rule:
Default is allow IP inbound if the source is 192.168.0.1-192.168.0.255
Changing it to IP, both, if source AND destination is 192.168.0.1-192.168.0.255 is better.
-Go to application rules and delete windows operating system if present: now, the firewall should ask you for the appropriate connexion rules.
Basicall, you should be asked to allow from both scvhost.exe and system for what fails: bootp request ports 67-68 (has to adress not one of your lan ip, but the broadcasting adress), and communications between your lan ip, including the router’s one.

Beware, cis is very buggy in this regard and allows all ip and protocols from remembering these requests: modify soforth, the only needed ports over the lan are the netbios ports 137-139 and port 67 udp, but you don’t care as long as you state that source and destination are either only the lan range, either the needed broadcasting ip as a destination for this lan range.

Thanks for all your help. I will try as you say.

If it doesn’t work, I will just send my E-Mails through the Speedtouch. I only got the wireless for my grandsons Nintendo Wii, so they could get on line and update it etc.

If I ■■■■■ the problem I will post and let you know.

Thanks again for your time.

The bootp rule is:
svchost.exe
allow udp out from any ip to 255.255.255.255 source port any dest port 67

lan rules must allow:
for svchost:
alllow tcp in from (lan zone) to (lan zone) source port any dest port 135
for system:
allow tcp in from (lan zone) to (lan zone) source port any dest port 137-139
same, tcp out
same, udp in
same, udp out

Can you post a screenshot of your Global Rules (Firewall → Advanced → Network Security Policy)? Also try making the rule for svchost.exe to Outgoing Only. Application rules can be found in Firewall → Advanced → Network Security Policy → Application Rules.

Screen shots attached.

[attachment deleted by admin]

Hi Moderator,

I hate to say this but I do not think it is the Comodo firewall causing the problem.

I decided to try to send e - mail attachment with Comodo Firewall disabled. Even with the Comodo Firewall disabled it would not send an attachment it got to 85% and stopped just as it did with Comodo enabled. So I think if Comodo Firewall was causing the problem it would have allowed the attachment when it was switched off.
I don’t know why I didn’t think to try it with it switched off in the first place.

I think I will have to go back to the drawing board and look for another answer or contact Netgear.

I apologize for not thinking to do this in the first place.

How big is the attachment you are sending? ISP’s usually have a limit of how big an attachment can be sent. I think mine has a 10 MB limit.

I looked at your screenshots. The rule for svchost.exe is fine. There is a problem with your Global Rules though. The block rule should be at the botto’; on your system it is at the top. Please drag and drop it to the bottom.

Hi Moderator,

Thanks for that I have moved the block rule to the bottom.

I am only trying to send Word Documents of about 20.0KB.

I have been in contact with Netgear if they come up with a solution I will let you know on this post in case others suffer the same problem when they decide to go wireless.

At the moment if I need to send attachments, I switch to the lined Speedtouch modem.

(I wish my brain was 30yrs years younger - my grandchildren are growing up with this technology and leaving us old ones way behind!!!)

Hi Moderator,

Situation has been resolved…

Heard back from Netgear. In case anyone else has been having trouble with Netgear Wireless.

Told me to access their site :- http://routerlogin.com/basic setting.htm > WAN Setup > Reduce the MTU to 1300 > Apply Changes. (It was 1492 before I changed it).

Lo and behold I can now send E-Mail attachments via the wireless network.

I don’t know what this does/how it works or what it is but it now works.

Thanks for your input, I am learning a little every day about Firewalls, Set Ups, Screenshots etc.

Thanks once again.

Thanks for reporting back. Good call to also contact the Netgear folks. Always good to look at problems from different angles. Must be your cop education… :-TU

Maximum Transmission Unit size was the problem. Moderator scratches his head and wonders why didn’t come up with the idea to look further than the firewall… :o

Hi Moderator,

Spoke to soon, went to send an attachment the next day and I was back to square one. Stuck at 73%.

I am now on my third adviser at Netgear trying to solve this problem.

I have told them that if it is not resolved pretty soon this Netgear stuff is going back to the store from hence it came!!!

One thing that has me wondering. When they told you to change the MTU to 1300 in the router did they also tell you to change the MTU on your computer. I am totally sure that is needed. Ask them if having your Windows set to its default MTU, which is 1500, and the router set to 1300 can lead to the problems you are facing?

Hi,

I check my Netgear router, WNR1000v2 and the MTU is set to 1500 and so is my windows. I have not had any problems with email.

Joel

The MTU issue, if any, would be relevant to the ISP and local computer, not to the router.
On the computer side, it depends upon the connexion protocol (PPPOE,PPPOA…) and of the connexion type (ethernet, wireless…) and has to be changed in the registry manually or using specific tools.

A procedure for such settings (in french, i’m sorry, use google translation if needed):
http://www.dslvalley.com/dossiers/mtu/mtu.php