Comodo, ICS and dhcp

Frequently Asked Questions (FAQ) for Comodo firewa
1

Hello, i’ve recently changed from zonealarm to comodo in my home pc (i’ve been using comodo for quite sometime on my notebook though).
While using zonealarm at home’s pc dhcp and ics worked well (had to lower the security to medium though).
now that i’ve started to use comodo i can’t get dhcp or ics to work in a consistent way.
i’ve tried setting a trusted zone on both computer and still it doesn’t work. i should need to set anything on my notebook (guest) even file sharing and remote desktop works if i set IPs manually but not internet. any help or comment that might help is appreciated .
Thx in advance.

2

I have the same problem.
I have even tried turning off network monitoring & still dhcp request gets blocked.
Any ideas ?

Thanks
Denise

3

It is very common for ZoneAlarm to be conflicting after uninstall, especially where connectivity comes in.

I know ZA has developed their own after-the-fact uninstaller to address some of these issues. There’s also a link provided in this thread, to a 3rd-party ZA uninstall cleaner-upper application.
https://forums.comodo.com/index.php/topic,7369.msg53910.html#msg53910

I do hope those help.

LM

4

Thank you - I checked that ZA had been completely uninstalled.
The problem was still there.
However, I found that svchost.exe had acidently been blocked - hence the problem.

Thank you for your help.
It is good to know that ZA is completely removed and I have learnt alot today.

Denise

5

That sure would do it… :wink:

Here’s hoping that’s ROOKIE’s problem as well.

LM

6

Hello,

I have a similar problem I have Comodo installed on my machine that is connected to my ADSL modem. I have a windows laptop and a Linux desktop that I’ve tried to connect using ICS through the “modem PC”. When I connect the first time, I don’t get an IP address over DHCP. If I set Comodo to allow all then I can obtain an address. To add insult to injury…after the first the first dynamic IP allocation succeeds, I can enable Comodo, disconnect the client PC and reconnect it and it is able to obtain an IP address. I have sniffed the network connection with Wireshark (ex-Ethereal) and can see that the client sends a DHCP discovery and the host responds with an offer and then the client just sends DHCP requests until the client times out.

Any help would be really great. I’ve been fighting with this for several months now…

Thanks,
Phil

7

virophil,

Here’s the basic steps involved with setting up ICS & Comodo.

  1. Make sure ICS is fully working prior to installing Comodo.

  2. Install Comodo FW on Automatic install, rather than selecting an Advanced install (this avoids some potential problems)

  3. After rebooting, got to Security/Tasks/Add a Zone. The IP range for the zone should encompass all resources/computers on the network that need connectivity.

  4. Then in Security/Tasks/Define a New Trusted Network, use the Zone you just created to set the trusted network. This will add two rules to the top of Network Monitor (Rule ID 0 & 1). The first will Allow All Out from Any (ie, that computer) to Zone. The second will Allow All In from Zone to Any (ie, that computer). This allow unencumbered communication between them.

Unless there’s something else going on, that will provide the connectivity you need.

LM

8

I have done all this, including the automatic install and setting a trusted zone and I am still having problems. I can do dhcp fine from my linux box in the trusted zone, but only if I turn the Network Monitor to off. As soon as I turn it to off, I can do whatever I please, but when it’s on I can’t do dhcp or anything.

The internal network (LAN) always gives out IPs in the range 192.168.0.0-192.168.0.255, and this is set as the trusted zone’s IP address range. It’s bizarre.

The other thing is that when the firewall is off, I can ftp to the linux box at ‘box.mshome.net’, which windows ICS seems to put into the hosts file but when the firewall is on and Network Monitor is off, I cannot use the domain name, but have to use the IP address for the server.

It seems that Windows ICS puts a host name into the following file;

C:\WINDOWS\system32\drivers\etc\hosts.ics

With the Network Monitor off it puts the following entry in the file;

# Copyright (c) 1993-2001 Microsoft Corp. # # This file has been automatically generated for use by Microsoft Internet # Connection Sharing. It contains the mappings of IP addresses to host names # for the home network. Please do not make changes to the HOSTS.ICS file. # Any changes may result in a loss of connectivity between machines on the # local network. #

192.168.0.245 box.mshome.net # 2007 8 1 20 12 30 23 281
192.168.0.239 Larry.mshome.net # 2007 8 4 16 5 46 47 156
192.168.0.1 wally.mshome.net # 2012 8 6 11 12 30 23 281

Larry is my laser printer, and it’s actually not net connected at all at the moment, so I don’t know why it’s there, but wally is my main PC and box is the linux box, and they’re both up to date.

Any help appreciated.

9

I am having the EXACT same problem. Exactly. Application Monitor and Component Monitor are turned off. The zone is wide open… yet it will not establish DHCP using ICS.

Did you ever resolve this???

10

Have you tried v3 on this? They have improved implementation for these.

LM