Comodo preventing HTC mobile internet access

Have just switched from Outpost to Comodo. The problems Outpost was giving have all gone, so i’m more than happy.
However I cannot connect to the internet via the mobile phone, as Comodo is blocking (disabling Comodo fixes this).

I do not understand, since the network zone the htc ‘hd touch’ creates has been given access for all directions/protocols in Global Rules.

Any help much appreciated…

Welcome to the Forum, iBeta.

Two things to check here.
One, Defense+ may be blocking this. What do the logs show? (they may be accessed from Defense+/View Defense+ Events.)

Two, the firewall has two sets of rules, Global, and individual program.

What alerts did you receive when you started your program?

Thanks…

There is nothing in Defense+ logs, and I only have to disable comodo firewall for success.

I get no program alerts in the firewall, just the fact that a new private network has been found. I check the ‘I would like to be fully accessible…’ box.
Comodo then makes 2 global rules in ‘Network Security Policy’:
-Allow All Outgoing Requests If The Target Is In [Local Area Network for HTC]
-Allow All Incoming Requests If The Sender Is In [Local Area Network for HTC]

The network is also added to ‘My Trusted Networks’ as: IP In[device_IP/mask_IP].

I get no other alerts, and the device connects to the computer ok - it just cant access the internet via the pc.

Hello iBeta,

If disabling only the firewall we have isolated this issue to be caused by the FW only and not by HIPS (Defense+) that’s a good thing to know.

Now mobile access usually need DHCP to configure the ip address on your computer once you are connected to the network. So we first need to find out if you need DHCP and configure this to work on the connection.

Can you open a command-box and type
ipconfig /all
And press [ENTER] after that see if your mobile interface shows up:

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
Physical Address. . . . . . . . . : 00-1F-XX-XX-XX-XX
DHCP Enabled. . . . . . . . . . . : Yes

If you are having trouble getting an address from your provider you probably end up with a 169.254.x.y
That should also show up here

Thanks for the info Ronny.

DHCP is enabled. The Ipv4 address is the same one Comodo puts in the ‘My Network Zones’ - ‘Local Area Network for HTC’ Rule.

Yes but is that out of the 169.254 range ? because that’s the range M$ uses if all other fail, and you won’t get a working internet connection with that number…

Oops, Yes it is.

Why is that a problem?

Because that will isolate your pc from the rest of the world.
Try this open a command-box and just before you type the below commands disable the Firewall.

ipconfig /release
ipconfig /renew
ipconfig

[ENTER] after all commands, the first command will release the 169.254 address.
the second command will request a new IP Address from the DHCP server from your mobile provider.
The third will show you what you have got, probably an other address than 169.254.

If that’s the case then we have to create rules to allow DHCP traffic.
At least a global rule with Allow, UDP, Incoming/Outgoing, Src Any, Dst Any, Src port range 67-68, Dst port range 67-68. That should allow DHCP requests globally. If you have done this Enable the firewall again and repeat the above 3 commands (ipconfig…) if there are any alerts during that stage allow them and you should have a working connection from now on.

Ronny

Strangely, the connection error continues.

I tried to make a global rule - Allow-In/out-TCP/UDP-Any

Rebooted the device.

Still the device reports a connection error.

Comodo reports the following events:
10-05-2009 23:49:48 Windows Operating System Blocked 116.230.38.36 20841 10.0.0.3 65529 UDP
10-05-2009 23:49:50 Windows Operating System Blocked 212.75.2.108 1045 10.0.0.3 65529 UDP
10-05-2009 23:49:57 Windows Operating System Blocked 219.122.115.202 19039 10.0.0.3 65529 UDP
10-05-2009 23:50:01 Windows Operating System Blocked 72.38.2.200 21397 10.0.0.3 65529 UDP
10-05-2009 23:50:03 Windows Operating System Blocked 24.161.81.189 64287 10.0.0.3 65529 TCP
10-05-2009 23:50:06 Windows Operating System Blocked 24.161.81.189 64287 10.0.0.3 65529 TCP
10-05-2009 23:50:12 Windows Operating System Blocked 24.161.81.189 64287 10.0.0.3 65529 TCP

10.0.0.3 is the pc’s LAN IP, and 65529 is my P2P port which is forwarded thru the router. I cannot see what this has to do with the device, but thought I’d mention it.

I cannot see that the router should cause a problem - this setup worked in Outpost with no configuration.

Make sure CIS is set to be an “internet connection gateway (i.e an IC server)” . It can be set under Firewall → Advanced → Firewall Behaviour Settings → Alert settings.

What is the IP address handed out to your HTC?

By the way. The Firewall logs just show how CIS blocks unsolicited incoming traffic.

It has always been set as an ICS.

169.254.2.2 is the IP.

Yes, however something is blocking access in Comodo - since disabling fixes it.

Every time I try to connect to the weather service from the device am getting this in the log-
11-05-2009 01:30:52 \Device\HarddiskVolume1\Windows\System32\svchost.exe Blocked 10.0.0.3 35308 207.242.93.89 80 TCP.

Can you show us a sceenshot of your Global Rules?

'is there somewhere to upload the imgs?

Anyway, a screenshot would only give the description of the rule - if I understod right.

Comodo starts with the ICMP Echo block rule as the only one.

On recognising the network from the mobile, it adds 2 global rules allowing in and out, both TCP/UDP and using the Network Zone as the destination or source from or to ANY.

I tried a global allowing any protocol/direction etc etc. and it still wont connect. Am I missing something, or does this point to that rules are not the problem as such?

Thanks for the help… also to know if anyone else has got a htc mobile connection?

You can attach images to your post using the advanced option that is underneath the text box.

Here are some screenshots. As said all rules but the DHCP (suggested earlier in the thread) are auto-generated.

[attachment deleted by admin]

Did you make the UDP DHCP rule as Ronny suggested?

These are packets to so called closed ports, the application u use for p2p wasn’t listening for packets while this happened.

Yes - that is the rule called ‘DHCP server on UDP’. Allow-UDP-In/Out- Src Any, Dst Any, Src port range 67-68, Dst port range 67-68.

Yeah Ronny - that was a mistake. However every time I try to connect the device am getting one of these entries. Always to the same 2 destIP’s, and Port - isn’t 80 HTTP?

-11-05-2009 01:30:52 svchost.exe Blocked 10.0.0.3 35308 207.242.93.89 80 TCP.
or
-11-05-2009 01:30:52 svchost.exe Blocked 10.0.0.3 35308 69.24.209.21 80 TCP.

First one is from AT&T WorldNet Services - Accuweather -htc.accuweather.com
Second one is from Sumner Communications - redirects to http://www.gnn.tv/

So maybe you have a gadget running that triggers these ?

That fits. It is those addresses the device is trying to communicate with.

Should I make a rule for svchost?