But that’s all a side note… now on to the ‘good stuff.’ You might print this out in case you have any difficulties connecting while we’re in the process…
I see only one issue at the moment. Go to Application Monitor, open the rule for svchost.exe, and change it from TCP/UDP In to TCP/UDP In/Out. Since Outbound is not currently allowed for that application, it cannot communicate with the servers as it needs to, for your connectivity. So that should help.
Okay, Set & Forget, then.
Turn Protocol Analysis & DNS Queries back On; as I said, you shouldn’t need to have them turned off.
Then go to Security/Advanced/Miscellaneous, move the Alert Frequency slider to Low (it’s already there by default) or Very Low (Very Low gives you one alert per application; no details… this is the best for your ‘set & forget’). If you want set & forget, I really think Very Low is the way to go.
While you’re there, make sure the 2nd box from the top, “Do not show alerts for applications certified by Comodo” is checked, both “Skip Loopback…” boxes are checked, and towards the bottom, the box to update the certified safelist is checked (sorry, I don’t remember the exact wording on that one, and am not at a computer with CFP 2.4 right now). (Yes, I’m working completely from memory at this point…). OK>
Then go to Security/Tasks/Scan for Known Applications. Follow the prompts; it may suggest you reboot when finished, but you don’t have to just yet.
On your desktop, go to Start/Run, and type “cmd” (without the quotes). When the DOS window opens, type “ipconfig /all” at the prompt.
This will give you information (which you will need). Make a note of these IP addresses: Default Gateway, DHCP Server, DNS Server.
I’m guessing that your DHCP & DNS Servers will either be the same, or sequential (unless you’re behind a router, in which case you will have DHCP & DNS that are router IPs, and probably a DNS that’s your ISP’s). To set up an example, let’s just say that you use a router, and have the following:
DHCP: 192.168.0.1
DNS: 192.168.0.2, and 123.345.45.56 (which would be your ISP’s server)
In CFP, go to Security/Tasks/Create a Zone (we’ll do this twice, once for each IP address range). Name the first one (for instance) Router. For the starting IP, put 192.168.0.1; for the ending IP put 192.168.0.2.
Now Create a Zone again. Name it ISP DNS. For the first IP, put 123.345.45.56 (as per my example); for the second, put the same again.
Now go to Security/Tasks/Define a New Trusted Network (we will do this twice also; once for each Zone). Select the first zone from the dropdown menu. Then do it again, for the second zone.
Each time, it will create two rules at the top of your Network Monitor (positions Rule ID 0 & 1). The first will Allow IP Out from Any (your computer) to Zone; the second will Allow IP In from Zone to Any.
So for the case of this example, you would have four new rules at the top of your Network Monitor. These rules will allow all necessary communication to establish and maintain your internet connection. It can be done without creating trusted zones/networks, but it requires more tweaking; this way is the sure-shot no interrupts method.
Now you reboot, and you should be all set. There is only thing that might occur; it will depend on your ISP. It is possible that they don’t have just one local server for you to access; they may have a range. If so, it is possible that at some point in time it would not be able to update your connection. The easiest thing to do would be contact your ISP and find out the IP range for the DNS servers that you access. Go back into Security/Tasks/Modify a Zone. Open the ISP DNS zone, and change the start/finish range to match what they tell you. And that’s it. You can do this even if you don’t experience a problem, to forestall such from occurring.
I know this is a lengthy post; if you have any questions that need clarified, please ask and I will do so.
LM