Help for VPN rules

KingAlex97 · March 4, 2024, 8:13pm

Hi,

I am new here and just installed Comodo firewall v12. May I ask is there a default setting for VPN or default VPN rules? I just allowed my WindscribeVPN for now but I’d like to ask for properly setting up rules for VPN like WindscribeVPN.

Thanks all!

panic · March 4, 2024, 9:50pm

Sorry to be the bearer of bad news but at this moment, Comodo does not filter TUN or TAP adaptors.

Citizen_K · March 5, 2024, 1:55am

CIS is capable of filtering TAP adapter but did not support the TUN adapter.

However, I was toying with the latest beta 8124 and it looks like it has started to support TUN adapter and Wireguard protocol. Could you test this? I made a post about in the release topic of 8124.

KingAlex97 · March 5, 2024, 4:04am

Hi Sir,

I’d like to test it but sad to say I dunno how? Can you give me some tips?

Thanks!

Citizen_K · March 5, 2024, 5:19pm

CIS at this moment only supports filtering of VPN traffic when using TAP protocol. Comodo is working on support for WinTun and WireGuard but there is no date when we might expect support for these.

What I wrote in the second paragraph about support for WinTun and WIreGuard was a mistake (I made a mistake while testing).

When using TAP adapter CIS will filter VPN traffic and acts exactly like it does without the VPN active. In that sense there are no special requirements when using CIS with a VPN.

Some people use CIS to act as a killswitch for then the VPN connection would fail. I don’t know from the top of my head how to do so but a search may show up topics about this.

What would you like to test?

KingAlex97 · March 7, 2024, 6:50am

Hi,

Thanks for the reply and explanation. So if there aren’t any rules for a VPN what rule can I use, FTP Client or Allowed Application? At the moment it is set as ‘Allowed Application’.
WindscribeVPN has WireGuard and killswitch. I seem to remember reading something about what you mentioned about CIS being a sort of a backup when the VPN Killswitch fails but it was for AirVPN. I don’t have AirVPN though.

Citizen_K · March 7, 2024, 6:36pm

CIS will also filter VPN traffic when using IPSec/IKEv2.

I did a quick look up and saw that Windscribe supports OpenVPN protocol. Make sure when you use OpenVPN it uses the TAP adapter (CIS does not support TUN protocol).

Can you point me to the post about using CIS as Killswitch for AirVPN? I will try to figure out if that solution may also work for Windscribe.