I have recently installed Open VPN Server on my machine ( so that I can share what ever I want with my friends among our virtual private network). So, my system essentially runs as a server for the VPN. Comodo Firewall is running in Block All mode. So, I have defined a new trusted network zone with IP range 10.8…0.0 to 10.8.0.255.
But still when a client tries to connect to the Open VPN Server (my system) , Comodo Firewall is looking at the real IP of the system (VPN client) and not considering it as with in a trusted network. Could you tell me how to make Comodo recieve connections from my VPN clients ?
A little update!
I have just installed Comodo Easy VPN, and the same problem exists with Comodo’s VPN as well.
I could ping from the my machine to another (no firewall is installed on that machine), but when I ping from that machine my machine is invisible.
I preferred that setup for other systems on the internet,but since the second system I’m referring to is with in a trusted network, I expect comodo firewall should let the connection come in. I think firewall should allow systems in private networks communicate with each other and block other systems in the internet based on whether the network is accepted by the user as the trusted or not!
Sorry for not giving clear information! My Firewall Security is in Safe mode, but in Stealth Ports wizard I have selected to Block All Incoming Connections. But I have both the Open VPN Adapter and Comodo Easy VPN Adapter registerd as trusted network and here is what I see from the Global Rules tab of Network Security Policy wizard:
Allow All Outgoing Requests If The Target Is In [Comodo VPN]
Allow All Outgoing Requests If The Sender Is In [Comodo VPN]
Allow All Outgoing Requests If The Target Is In [Open VPN]
Allow All Outgoing Requests If The Sender Is In [Open VPN]
not only ping ,but access on any port is allowed, in fact it is as if the system is not alive!
If you need more information I can provide that too!
I have made sure that not only ping but every type of connection works if I set Stealth Ports to “Alert me on Incoming Connections, stealth my ports on a per-case basis” option. When I disabled the firewall I could able to telnet and ping my machine by the private IP address.It looks like Firewall is blocking even connections from trusted networks.
Did you add Allow TCP IN from Source IP any Port ANY to Destination IP ANY port 1194 to the firewall global rules too?
Even if there is no progress maybe there will be a new blocked entry in the log.
In order to avoid privaciy issues please compress and password protect the log screenshoot.
uPNP is meant to automatically forward ports from the router to your PC as requested by supported applications. Although user-friendly uPNP can be insecure.
If uPNP is explicitly disabled in the router some applications (eg P2P) need the router port forwarding to be configured manually.
uPNP is based on multicast. The following zone will allow to easily set appropriate rules to support multicast (and uPNP)
Zone: [Special & Local Multicast] is defined as
 IP In [184.108.40.206-220.127.116.11]
 IP In [18.104.22.168-22.214.171.124]
Thanks a lot Gibran! Now it worked!
there were two things that were necesary to get things work as expected:
1. the first tip in your previous post to put a Global rule to allow TCP IN from Source IP Any Port Any to Destination IP ANY Port 1194 has enabled the Open VPN client to establish a connection with the Open VPN server.
I did a mistake yesterday by not posting a screenshot of Network zones;or else you would have have figured that out last night itself ; anyway coming to the point … I have my Open VPN Network zone configured
as 10.8.0.1 -255.255.255.252; which I think is blocking the clients to contact 10.8.0.0 which would be the DNS server for my Open VPN setup. So changing that to 10.8.0.0 -10.8.0.255 (limiting the subnet range, for safety)
has made the trick; now I’m able to connect to and fro with in my subnet (open VPN network).
Thanks a lot for your help with which I would not have achieved this!