Comodo firewall on Windows Server 2003 Standard R2

ludidomagoj · February 20, 2007, 4:16pm

Greetings,
I need help with configurating Comodo firewall on Win 2003 Server who runs SQL Express and Terminal Server in app mode!
Server has 2 NIC’s.

On 1st NIC is LAN for SQL and admin RDP (NO GATEWAY AND NO DNS)
On 2nd NIC is open Internet 1Mb/1Mb optic for WAN RDP connections

What I want is next:

Config Comodo to allow all LAN requests for SQL Express 2005 so everyone on LAN can work without problems trougth NIC 1
Config Comodo to allow all RDP requests from WAN and LAN
If it’s possible, enter WAN IP ranges who can connect on RDP
BLOCK ALL OTHER FROM WAN !
Config mail reports

Thank you in advance (:WAV)

Little_Mac · March 1, 2007, 10:57pm

Welcome to the forums (:WAV)

At the present, 64Bit platforms are not supported/compatible for CFP. Version 3 (due out soon for beta testing) will be 64Bit & Vista ready.

If I’m not mistaken, 2003 Server is 64Bit, correct?

LM

gordon · March 2, 2007, 5:22pm

That depends on whether you have the 32 or the 64 bit version (:WIN)
Comodo works just fine on 32bit w2k3. Another plus for Comodo (V)
Sorry, but I don’t think I know enough about RDP and Comodo yet to be of any help
with your actual question … Maybe Little Mac has some ideas ?

ludidomagoj · March 3, 2007, 10:05am

It’s Windows 2003 Standard Editon R2 32 bit running as:
Terminal Server in application mode,
File Server,
Print Server,
DHCP Server,
WINS Server
and SQL Express SP1 32 bit

I didn’t installed it server because it’s production server and I wouldnt like to mess it up and spend next 6 hours reinstalling and configuring it, not to mention lose my precious job (:TNG)

P.S. I installed it on many personals PCs where I haven’t got any problems at all (:WIN)

Little_Mac · March 5, 2007, 2:58pm

Okay, this should be do-able…

For the 1st NIC (for the SQL & RDP), where you want all traffic allowed, do the following:

Go to Security/Tasks/Add a Zone. You will give the Zone a name, and define it in accordance with the IP address range of the related NIC.

Then go to Security/Tasks/Define a New Trusted Network, and select the Zone you just created. This will add two rule to the Network Monitor (at the top of the list) ~ One rule to Allow IP Out, one rule to Allow IP In; this way all traffic can go from computer to the Zone, and back, without limitations. Reboot.

For the WAN, you’ll need/want to create Zones for the IP Range (or each IP, depending on your needs and the IP configuration) for what you want to allow to connect w/RDP. Then use those Zones to manually create Network Monitor Rules to allow the traffic; you can set the Port, IP, etc, to control the connection and create tighter security. You might see this thread about Network Rules. https://forums.comodo.com/index.php/topic,1125.0.html; it’s a great source of information.

On configuring the mail reports, please give some more info on what you mean, and what you’re wanting to do. That’ll help us go in the right direction.

LM

ludidomagoj · March 6, 2007, 12:43pm

Ty in advance, I’ll look into it ASAP at my “lab server clone”.

About mailing, Im interested to get all warnings by mail where I can also check it every morning while drinking coffe or get crittical mails what would be forwarded to my cell phone.

I ask this because we have several tries of unauthorised access to our server from Internet and I find Comodo as FIRST AID solution because for our needs ISA server cost way to much !

I’m looking forward to day when I’ll say: (S)

Little_Mac · March 6, 2007, 2:45pm

Just to make sure I understand correctly, you want Comodo Firewall to email you reports about blocked traffic?

LM