Firewall disabling open nat?

Hi this is my first post ive searched and check the faq’s but couldnt find a thread which covers my problem. Basically ive been trying to set up a dedicated server on mw3 but even after enabling upnp, NAT and forwarding ports my nat type is still strict I had this same problem when trying to open my NAT on MW2. Ive read and followed endless guides and can now only guess that comodo firewall is the cause of my problem. Could this be the case? and if so is there a fix/ work around for this problem. im new to this sort of thig so apologise in advance if i havnt given enough info and will add more if/when its need, thnx in advance for any and all replies

I assume mw2/3 is some sort of server application, a game? if so, depending on the configuration of the firewall, you may need to open some ports in Global rules. can you please post more detail regarding your current firewall configuration and explain what mw2/3 is.

sorry i was refering to Modern Warfare 2/3 of the call of duty series, ive defined the app as trusted and my firewall is currently set to safe mode. I’m also using windows 7 and employing comodo’s secure dns

I can now comfirm that it is comodo’s firewall that is the cause because when i run the game using windows fire wall my nat is displayed as open

Can you please provide details of the settings you’re using for Global rules:

Network Security Policy/Global Rules.

Allow IP Out from MAC Any to MAC Any where Protocol is Any
Allow ICMP Out from MAC Any to MAC Any where ICMP Message is FRAGMENTATION NEEDED
Allow ICMP Out from MAC Any to MAC Any where ICMP Message is TIME EXCEEDED
Block IP In from MAC Any to MAC Any where Protocol is Any

As I mentioned in my first post, you’ll have to create a Global rule to allow inbound connections to the game server. A quick look around suggests you need to open port 28960 for TCP and UDP, just make sure you place the rule above the block rule.

Action - Allow
Protocol - TCP or UDP
Direction - In
Source Address - Any
Destination Address - Any
Source Port - Any
Destination Port - 28960

You’ll have to check if any other ports are required. You’ll also have to forward the port(s) in your router, if you have one.

I tried creating that rule but my nat is still strict i even added global rules for the other ports i have forwarded previously (on router settings), maybe there’s more ports to be added.

But tbh although i really appreciate you taking the time to reply and help me with this and are eternally grateful, after having this problem for over two years it seems the only logical thing to do is do go back to using windows firewall when I wish to host.

This problem seems far to insignificant for me to warrant wasting any more time on other than to apply a fix that works. But pls dont get me wrong i am in no way ungrateful for the time you have given to help solve this problem its just ive been pro-verbally banging my head against a wall for far too long with this problem.

I can only assume if creating the global rules for the ports i was recommended to forward by sledge hammer games (and yourself) doesnt work then it must be my routers upnp being restricted by comodo. Later (when im feeling less frustrated with this long standing problem) i will try find each and every port i need to forward and do so plus creating global rules and reply to let you know if that works

Many thnx for your time and I apologise for lack of patients

Edit: made a paragraph structure for an easier read

There is one thing that needs to be added to Radaghast’s explanation.

Incoming traffic first goes through Global Rules, hence Radaghast’s advice, and then through Application Rules. In short there will also need to be an application rule in place that will receive incoming traffic.

The easiest solution for testing is to give the MW3 the Trusted Application rule. That way it will accept all incoming traffic as well as outgoing traffic. Once you have established a working server situation for MW3 you can consider to make the application rule tighter.