Comodo Firewall Driver destroys network browsing in Win7

Hi all.

Sorry if this is posted in the wrong section.

I just had a curious experience.
I’ve installed the free CIS on many computers in the past with no problems whatsoever. Great product.

However, today I just installed it on a new Win7 box. I was tearing my hair out because the new pc couldn’t see other (XP) computers on the network.
I have a laptop also with Win7 and Comodo CIS which works just fine.
The two Win7 machines could see each other , though.

After a lot of trial and error I found that disabling the “COMODO Internet Security Firewall Driver” in the settings of my network connection fixed the problem and let me browse the entire network.

So…why?
Have anyone else had this happen?

I guess I can’t just disable the “COMODO Internet Security Firewall Driver” for good but the system, being on a fairly large home network, is somewhat crippled without the full network browsing.

Any thoughts?

did you have any other security software installed before CIS

Nope.
Clean Win7 install.

But I just noticed something.
If I switch to wired LAN my network browsing doesn’t work regardless of the “Firewall Driver” being enabled.
That only seems to have a say in the matter when I’m using the (also new) DWA-131.
Now I’m thoroughly confused :-/

have you tried updating you network card to the newest drivers

Yes, I updated to the latest Realtek LAN driver i could find: 7.46.610.2011
That didn’t change anything.

try running the diagnostics tool under the more tab and see if that returns anything. if it doesnt find anything the only thing i can think of is uninstall CIS then run this tool. maybe someone else in the forum can help figure out the problem

Hi madmital,

Just in case …

Did you make a rule in CIS to allow your home network in your new PC?

Hi, guys.

The diagnostics didn’t find any problems.
Will try the uninstaller tool tomorrow.

Boris, eh…yes…but actually I’m not sure I did it right.
In “Network Security Policy” → “Network Zones” I have added the entire local segment; 192.168.123.xxx
I also tried adding an Application Rule to allow all in/out traffic in the segment, but the program told me that the rule already existed.
Are there any other rules I can try to create?

Yes, to create your local network zone, you should use the “stealth ports wizard” to make you local network zone a trusted one. Go to that wizard and select the first option. In the windows that will open in CIS, choose the 2d option and then enter the addresses or subnet mask of your network.

Are you using Windows 7 ‘Homegroups’? If so, you may want to take a read through this document.

I’m not using HomeGroups, no.

But I got it working now thanks to ‘Boris 3’ :slight_smile:
I ended up doing another clean install - which I guess is besides the point.
Then in “Firewall” tab of CIS under “Network Security Policy” I created a new “Network Zones” of the entire local IP range.
Then under “Stealth Ports Wizard” clicked “Define a new trusted network and make my ports stealth for everyone else” and selected the newly created network zone under “I woulf like to trust of Network Zones”.
Finally I re-ran the “Stealth Ports Wizard” choose the second option “Alter me to incoming connection and make my ports tealth on a per-case basis”.

I’m a bit fuzzy on the “Stealth Ports Wizard”, though.
It’s unclear to me if one option overrides the other. For example in this case I don’t know if the first defining “a new trusted network…” was actually redundant.

But anyway, it works now network-wide computer browsing and all.
Peachy!

Thank you all for your help.

Quote from CIS user’s manual :

Define a New Trusted Network and Make my Ports Stealth for Everyone Else

By selecting this option your machine’s ports is stealthed (invisible) to everyone EXCEPT those networks that you specify as trusted.

Alert me to incoming connections and make my ports stealth on a per-case basis

You see a firewall alert every time there is a request for an incoming connection. The alert asks your permission on whether or not you wish the connection to proceed. This can be useful for applications such as Peer to Peer networking and Remote desktop applications that require port visibility in order to connect to your machine.

Hence, the trusted network zone you have define with the 1st option will not be redundant with your selection of the 2d option afterwards. But if you don’t want to trust another network than the one you defined first, the 2d option is useless in your case.