Comodo FW + Putty issue.

Hello Everyone and greetings from India!

Firstly, let me congratulate the Comodo team for putting in their best efforts toward building a quality product like CIS premium.

I never had any issues with Comodo AV or its firewall. Until just recently!
I’m attempting to access to one of my Virtual Machines running CentOS 7.xx. on Win 7 SP1. Comodo firewall keeps blocking putty access to one of my Virtual Machines running CentOS 7.xx.
The putty connection just simply timeouts with the message,
‘Network error: Connection timed out’.

Here’s what I have done -

On the CentOS side:

  • sshd is running.
  • selinux has been diosabled.
  • firewalld has been configured properly.
  • both networks are on the same gateway.
  • ping request from centos to windows goes through.

On Windows side:

  • I use a wifi-adapter to connect to my router.
  • IP ping to the centos vm is successful.
  • Isolated the issue to be caused by Comodo Firewall.
  • Putty connects to the VM as soon as I disable the firewall for (let’s say) 15 mins.
  • Have created multiple firewall rules for TCP out /22 for putty.exe

Hence, the issue is caused by the Comodo Firewall. Please let me know if there’s any particular setting/custom rule to be created on Comodo, I’d be glad to do it.

What’s your expert take on this?

PS - I also a referred few similar posts that discusses this scenario, however nothing seems to be working for putty on my end besides disabling the firewall. So I made a post here.
:slight_smile:

What VM software are you using? And which network setup is being used for the vm(bridge, host-only, NAT)? Also what is the exact version of CIS that is installed?

VMware Workstation Pro 12.

Network type is bridged.

Comodo Intrernet Security Premium - 10.0.2.6420
Database ver-28109

Let me know if any further details are required.

It is a bug that now affects Windows 7 using a wireless network adapter for bridge networking, it used to only be an issue on W10. The workaround is to create an application firewall rule for Windows Operating System and set it as an outgoing only ruleset, or a rule to allow out TCP connections as it is not need for UDP connections because it will be allowed without a rule for UDP.

To create the application rule use browse > running process and select Windows Operating System.

Thanks futuretech!

I’ll go through steps you’ve suggested.

And I really hope the noted bug (soon) gets fixed in one of the future releases of Comodo.

I AM IN!!

Many thanks to futuretech for the workaround suggestion.

I had a custom firewall rule created previously (during troubleshooting), to specifically allow a source IP to a destination IP with outgoing request only for port 22. And as per this suggestion,
I added, from Application Rules, Browse > running process and selected ‘Windows Operating System’.

And bingo! I was able to access the VM-Centos via putty.

Once again, thanks for the brilliant suggestion futuretech and hope you have a nice day (when you get to read this!).

See you around!