I’m using free Comodo firewall and need to connect to VPN via SonicWall Global VPN Client. I can only do this if I disable Comodo Firewall. If I put it in training mode it silently blocks ISAKMP. Is there a way to configure firewall to let ISAKMP through?
Could you please point me in the interface where can I set trusted IP range?
Logs show nothing, as I understand log (Firewall | View firewall events) only shows something if I mark the event to be logged in firewall rules. I have such a rule for SWGVC.exe and if I enable do logging for it I can see UDP packets sent to VPN server in question but I don’t see any responses. So I suspect those UDP packets get filtered out earlier in the stack.
I already asked a question about my issue with ISAKMP here https://forums.comodo.com/empty-t50480.0.html. Lately I’ve upgraded to 4.0 version of the free Comodo firewall and still no luck. I have to disable firewall to allow SonicWall to establish VPN connection.
I’ve “wiresharked” the process of both successful and unsuccessfull ISAKMP exchange. If I disable firewall I can see ISAKMP packets coming from my VPN server. I’ve created a global rule (Network Security Policy | Global Rules)
Allow; IP; In/Out; Source Address: My VPN server IP; Destination address: Any; IP Details: Any.
But nevertheless when firewall is enabled no ISAKMP packets are coming. Having to go back and forth to disable firewall every time my laptop wakes from sleep hurts my productivity substantially.
Thanks. When the wireshark session I’ve described was happening I did have (and I do now) the global rule “Allow and Log IP In/Out from to IP Any where Protocol is Any”. It is besides me why this rule is not enough to let ISAKMP packets through and I would appreciate any suggestion how to create an appropriate rule.
I’m using SonicWall v4.2.6.0305. Removing “Block” rule from All Applications and also from Global Rules didn’t have the desired effect. However when I went to “Firewall Behavior Settings” and disabled Block Fragmented IP datagrams on Advanced tab I finally could establish VPN connection with Firewall in the safe mode. I wonder whether it is SonicWall or Comodo misinterpret the definition of correct ISAKMP package?
BTW does it make sense to re-establish the “Block” rules? I’ve tried, but I can’t see how to do this because the rules were saying something about “unmatched packets” and there’re no such settings when I add a new rule.
Well if you wish you could restore the Block IP IN ANY ANY rule on the Global Rules tab, but this will cause all incoming connection requests to be dropped without alerts. In it’s current form you’ll receive an Alert window if there is any incoming traffic that has no predefined rule for it.
The “All applications” block I would leave out because Comodo removed that also on the 4.0.x.779 release.
I also use an other VPN client but don’t have this issue… so it could be a specific SonicWall v.s. CIS issue