The computers on the LAN are unable to browse the web except if I turn off Network control rules. It doesn’t matter even if I set ALL the permissions to allow, including “Allow IP In/Out from any to any where ip protocol is any.”.
Any suggestion on this ?
Also, it works instantly each time i turn off network control rules. I’m able to ping either comps on the network from either comps. I’m also able to ping the cable isp gateway server from my local networked computer.
Now, problem is that somehow Comodo firewall blocks more things than it shows in that network control page ? I also even have protocol analysis, and block fragmented IP Datagram turned off.
Checked a few more things, and it seems that for some reason CPF network control system causes DNS to not resolve for my networked computers, even with everything set to allow.
Anyone else with the same problem ?
I’m going to use windows firewall for now…
Allow All and disabling network monitor is the same. Have you checked your CPF logs? What entries do you see?
As another workaround, try diabling security->Advanced->Application behavior analysis->Monitor DNS queries option.
Also please paste the screenshot of your network rules for us to see whats happening.
Egemen
Included are 4 screenshots:
The first and second screenshots of my network rules doesn’t allow my second computer to open a new site (tested: yahoo.com, dogpile.com) whose ip is not cached (it’s fine on using google as it has been opened when it’s turned off, thus the ip cached). The second I disabled it (screenshot 3), the tested pages (yahoo,dogpile) loads instantly when I refresh them.
Screenshot 4 is the logs I get (obviously the ‘allowed’ logs are due to rules from screenshot 2, and the ‘disallowed ones’ are from screenshot 1 rules).
All the blank spots on screenshot 1-3 shows my internet ip and the ip that my cable router gave me. And the blank spots on screenshot 4 originally shows my internet ip.
Disabling the DNS query monitoring doesn’t help either. It still only open if i disable network control rules.
[attachment deleted by admin]
[attachment deleted by admin]
Assming the hosts that are blocked are under the ZONE - nVidia, it seems to me your ZONE IP addresses are not set correctly. Can you recheck if your Zone has correct IP addresses?
The Nvidia Zone is my local network, with the rules there added from adding the local network to trusted zone, and yes, it have the correct ip which is 192.168.0.0-192.168.0.255.
Citadel is the name of my computer, which have the internet ip address, and the network ip address given by the cable modem (192.168.197.1).
The address range on the other network interface is as it should be as well, from 0 to 255 of my internet ip address.
I believe there must be something inadvertently blocked when the network control is on, even with the rules allowing everything.
Well, thanks for the help anyway, I’ll just change to another firewall so my friend can go online as well.