CPF 3 Home LAN issues

Hello all,
I am having trouble configuring a trusted network (Home LAN) to be totally trusted. In CPF version 2.4 one would define a trusted network for the PCs inside a hardware firewall (wired/wireless router) on as many PCs as CPW was installed and it would work flawlessly (file and printer sharing, remote desktop of any flavor, computer management, etc.). With version 3 a trusted network does not work the same way. I will try to be as specific as I can in the following:

Using Comodo Personal Firewall version

  1. I define a Network Zone using “My Trusted Zones” named “Home LAN” with an IP range of
  2. I use the “Stealth Ports Wizard” to “Define a new trusted network - stealth my ports to EVERYONE else”. “I would like to trust an existing ‘My Network Zone’” with a Zone Name of “Home LAN”.
  3. Checking the “Network Security Policy” “Global Rules” finding two new rules labeled “Allow All Outgoing Requests If The Target Is In [Home LAN]” and “Allow All Incoming Requests If The Sender Is In [Home LAN]”.

At this point everything is as familiar as it was in version 2.4. The problem is my other PCs that would be in “Home LAN” cannot access file shares on this PC.
The following works the same as turning CPF off (shares can be accessed, etc., the two PCs interact as if they are truly “trusted”):
If I modify the “Predefined Firewall Policy” labeled “Outgoing Only” to “Allow And Log TCP OR UDP From In [Home LAN]” with the following configuration:

  • Source Address Zone: Home LAN
  • Destination Address: Any
  • Source Port: Any
  • Destination Port: Any

I hope this is clear enough and I hope there are words of wisdom to come as I don’t think either workaround is ideal.


-U No Hu

Hi ooounohu - what you describe is odd, since the Outgoing Predefined Firewall Policy would have to be applied to an application before it had any effect on the operation of the Firewall. The Predefined Policies are just convenient sets of rules that can be quickly applied to a range of applications (At least AFAIK). Are you using a router? Are you using firewalls on your other computers in the LAN? There has to be more to this than the change you have mentioned.


If you have a look at


and search for the PDF attachment. The steps therein describe how to manually setup a zone and how to manually write rules that will allow LAN traffic and ICS to work. Please note that you will have to use IP addresses to suit your LAN and not necessarily those shown in the PDF example.

Hope this helps,
Ewen :slight_smile:

Please bear with us - we’re doing our best.

There have been almost a million downloads and there are only so many of us willing to try and help out on the forums.

If you see a post that you can answer, please don’t hesitate to jump in.

Ewen :slight_smile:

I’m not sitting in front of my home PC at the moment but here goes nothin’…

Actually, CPFv3 automatically configured the “system” as well as “svchost.exe” applications with the “Outgoing Only” Predefined Firewall Policy. When I first encountered the issue I checked as many logs as I could in CPF and found that “System” was being blocked using the other PCs IP. Being that I could not modify the rules for “system” because it already had a predefined policy I modified the predefined policy and bingo, it worked.

Ewen, I saw that post in my searching for but thought that your instructions did the same as what the Stealth Ports Wizards does but I see that I am incorrect. I will try your instructions this evening and report the results.

My apologies Ewen, I meant to point out that others were having the same issue. I was not trying to insinuate a lack of support. I will edit that post so as not to deter other users.
I guess I am really asking if the difference in results between versions 2.4 and 3 is a bug or intentional.

Thank you very much for the help, it is appreciated.
-U No Hu

Help before I do too much damage!
I am also running a small network where one PC acts as the gateway. I have just installed Comodo V3 and it spotted my network. The only thing I didn’t accept was the network name which I changed. However it has blocked the network PC’s. I have desperately tried to create new zones but fear that I am just going around in circles and have changed some permissions.
Is there any way that I can ask it to just start again and reconfigure from scratch?
Any help gratefully appreciated.

Welcome to the forums Gilgen…

Does uninstall - install sound okay for you? ;D

You could just export the default settings after installing. If you mess up, just import.
The problem is, I’m not sure if the import would reset everything. I recall reading that
this might not be the case.


I am no programmer or IT-specialist, so I have uninstalled v3 and will wait for a proper manual.
Please let us know via email/website/forum when it’s ready.
Until then i will use v2