I have a router. Computer A is in the DMZ on this router. Computer B is using ICS from computer A. Computer B has no problem connecting to the internet and joining games. I cannot, however, host games on computer B. I have set starcraft as a trusted program. I have comodo running on both computers. I am concerned there is two levels of blocking going on. Any help is much appreciated!
edit: Using Comodo 5.0.163652.1142
Make sure that both on computer A and B the necessary port(s) are open.
Read the following tutorial I made. Substitute the port numbers and protocol for your situation.
To open the port TCP 1723 for example
First step is to determine the MAC or Physical address of you network connector. Go to Start → Run → cmd → enter → a black box will show up and enter the following → ipconfig /all (notice the space before /all) → enter → now look up the Physical address and write it down.
Notice that Physical address = MAC address
Firewall → Network Security policy → Global Rules → Add → fill in the following:
Action: Allow
Protocol: TCP
Direction: In
Description: Incoming Port
Source address: Any
Destination Address: Choose MAC address and fill in the found MAC/Physical address
Source Port: Any
Destination Port: 1723
Then push Apply → Now make sure that the new rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.
Ok, so I set this rule up in global on computer A:
Allow
TCP & UDP in/out
Source = any
Destination = mac address of the adapter that computer B is plugged into
ports both = any
This rule on computer B:
Allow
TCP & UDP in/out
Source = any
Destination = mac address of computer B
Ports = 6112-6119 open both ways
The rule on computer A should allow all traffic through to computer B correct? The rule on computer B should allow starcraft to host right?
Starcraft is a trusted program on computer B. I am running custom policy mode on both computers.
Set direction to IN.
The rule on computer A should allow all traffic through to computer B correct? The rule on computer B should allow starcraft to host right?That's how I assume it works. I have never worked with ICS but it seems the logical way to do.
Starcraft is a trusted program on computer B. I am running custom policy mode on both computers.The policy of Starcraft also needs to allow incoming traffic. Easiest, for testing, is to make Starcraft a Trusted Application in Network Security Policy --> Application Rules. Once we got it working you can edit the application rule for Starcraft further.
Notice that the when a program is in Trusted Files it does not allow for incoming traffic with the default rule it gets.
The policy of Starcraft also needs to allow incoming traffic. Easiest, for testing, is to make Starcraft a Trusted Application in Network Security Policy --> Application Rules. Once we got it working you can edit the application rule for Starcraft further.
Starcraft is a trusted program on computer B. Still no luck. Do I need to set further rules for a trusted program? A trusted program has complete access from an outgoing standpoint right? Incoming is based on global rules…?
I overlooked something in your previous reply. My bad here. I made the changes in blue.
Let us know how things go after these changes.
Doesn’t seem to be working. Is there some config file or screen I can give you to check?
ipconfig /all & my settings ?
Did you give Starcraft the Trusted Application policy in Network Security Policy → Application Rules. That is mandatory
Still no luck. Do I need to set further rules for a trusted program? A trusted program has complete access from an outgoing standpoint right? Incoming is based on global rules...?Incoming traffic goes first through Global Rules (need to open a port there) and then it goes through the Application Rules. That means that Starcraft needs a policy in its application rule that allows incoming traffic at the give ports. Easiest for testing is to give Starcraft the Trusted Application Policy.
Did you give Starcraft the Trusted Application policy in Network Security Policy --> Application Rules. That is mandatory
Yea, did that.
Incoming traffic goes first through Global Rules (need to open a port there) and then it goes through the Application Rules. That means that Starcraft needs a policy in its application rule that allows incoming traffic at the give ports. Easiest for testing is to give Starcraft the Trusted Application Policy.
Ahh, I see. That certainly makes a little more sense to me now. I still cannot get it to work though.
Ok, I tried deleting all rules(except IMCP) and put both computers into training mode. I went about doing everything that I would normally do. I could not host in training mode. I tried setting up the same rules after I went out of training mode as well. Still no luck…
Edit: I tried to disable Comodo and all associated programs via services/msconfig/task manager. I still can’t open these ports. Is Comodo still protecting my computer even though it is completely shut down?? I really don’t want to un-install it.
When you wanna play SC/BW games with more than one user behind the same router.. it won't work.... here is the solution... for each gaming PC behind the router do this: a. use regedit to edit/create: HKLM\Software\Battle.net\Configuration REG_DWORD "Game Data Port" (choose a unique so far unused port for each client) b. Then on your router forward each of those ports to the correct client computer... (UDP, not sure if TCP needed)
Wow, if that works, that’s pretty nice offchu. Unfortunately at present I am not playing with more than one computer. Thanks though, good info.
Good news! I had to forward the ports on my router even though I was in the DMZ(never had to before). I can host on computer B.
Bad news! If I install Comodo on computer A I cannot host. I’ve tried every iteration of what we went over thus far. Do I need to restart when I change settings?
Can you show us the logs of the Firewall of computer A to see what is going?
Got a switch, can’t host…Deleting firewall. I haven’t had a virus in 3 years. I will just re-format when the next one hits.