I'm Still Screwing Up My Network Rules

Dying here. Got a new computer and reinstalled everything. And I can’t get my little home network set up right. I’ve removed my old network rules but the new ones via the Wizard don’t look right. There’s only two, when before there were 4 (including a Block) rule.

I’m attaching a screen shot of the old original rules that were from my old PC, and didn’t allow the network to communicate, and a screen shot of the new rules after I ran the wizard. And they both look quite different than AOwl’s screen shot of what a network with a trusted zone would look like.

Oy!

My network consists of:
— My PC (Desktop)
— My Laptop
— Connected via my D-Link DI-604 wired router

Really, I’ve read the noobie stuff, watched the video, and I can help people work things out in their lives, but this stuff has got me by the hot air balloons!

Thanks for your assistance,
Chamlin

[attachment deleted by admin]

Yeah, you kicked that one right out, didn’t you? :smiley: This is really an easy thing to fix, and we’ll take you right through it. I’ll work off the basis that you still have the “Cleared old then used wizard for Network Control Rules.png” in place. These are the two rules created by the wizard for your LAN to communicate. No problem there.

So go to the 2nd rule (Rule ID 1), right-click and select Add/Add After. Build the rule like this:

Action: Allow
Protocol: TCP/UDP
Direction: Out
Source IP: Any
Destination IP: Any
Source Port: Any
Destination Port: Any
OK.

Then right-click that rule (which should be ID 2), select Add/Add After. Build like this:

Action: Allow
Protocol: ICMP
Direction: Out
Source IP: Any
Destination IP: Any
ICMP Details: Echo Request
OK.

Right-click that rule (ID 3), select Add/Add After. Build like:

Action: Block & Log (check the little box)
Protocol: IP
Direction: In/Out
Source IP: Any
Destination IP: Any
IP Details: Any
OK.

Now reboot. This clears any temporary memory and makes sure the rules set, which we want to make sure happens properly, since you’ve been having trouble.

Post a screenshot of the results, so we can make sure you’ve got everything there.

LM

PS: The three rules I gave are part of the default rules, but not the entirety. You can see these in the screenshot from AOwl’s video.

PPS: Welcome to the forums! (:WAV)

That 1st Rule screenie with 8 network rules (0-7) is exactly what you want. Rules 2-7 are the core rules, and rules 0-1 are added by the Define a New Trusted Network wizard in the Tasks tab.

What you 1st need to understand is that the wizard only creates entries like 0-1. Purging your rules list to “start clean” also wacks the core rules, which no wizard recreates. An important point.

Removing Rule 7 is especially dangerous, as it your catch-all rule that blocks all other communication that doesn’t fit the definitions defined/allowed by the rules above it… super important.

You will either want to (a) reinstall the firewall and start cleanly with the core rules, or (b) just recreate them manually in the same order as in the 1st screen shot.

In the end, your problem may have nothing to do with the comodo network rules… it could also be a blocked application rule that has targeted a core windows component like svchost or system. You may want to included a list of your BLOCKED applications if you’d like us to help you in that area.

I assume you are getting an IP address from your router? If not, another option may be that your D-link is set to use static DHCP assignments, and your scope (IP range) is too small for you new PC (new MAC) to acquire another address.

Another possible issue is the WinXP configuration… WinXp defaults to using “simple mode” which doesn’t always work the best, as well as Local Policies that deny user accounts with no (blank) passwords for example.

It is WinXp isn’t it? Or is it Vista? If it’s vista, maybe you want to take Microsoft up on their new “downgrade” option.

Hopefully that gives you some starting points… the take-away being… if you have Network Rules 0-7 and no core windows applications blocked in the Application Rules, it probably isn’t a CFP issue.

Wow! You guys are both great.

I’ve set Rules 0 - 7 on both the desktop and laptop. (See attached screen shot to verify)

Regarding points above:

#1 The only applications I show blocked are for something called WgaTray.exe (both in and out). I think that’s that annoying Windows Genuine Advantage thing.

#2 How do I know if I am getting an IP address from my router (must be). Isn’t that the 192.168.000? And should there be some second setting for the laptop that’s .001?

#3 & 4 Using XP Pro on my desktop and XP Home on the laptop. How do I know if I’m in simple mode, and what’s the alternative?

#5 Is the way to totally rule out that it’s not CPF to simply turn it off by right clicking on the system tray icon and exiting?

Humble gratitude,
Chamlin

[attachment deleted by admin]

#1 OK, might cause windows update issues, but not sure… certainly not a network breaker.
#2 usually you’ll get a 169.-something address when you aren’t being served an IP. A good check also is to run IPCONFIG on each PC just to validate that the gateway IP is your router IP (the same IP you would use to hit your router config webpage). And yes, a 192.168-type address usually is a typical DHCP assigned address, meaning you are on the network.
#3 & 4 I can’t verify here at the office as I am on a Domain, but memory tells me it is on one of the property tabs of your Network Connection
#5 Instead, I would right-click the CFP icon in the tray and Adjust Security Level to Allow All.

Let me ask a more fundamental question… what makes you think the LAN network doesn’t work?

Example 1… if the issue is that you can’t access a shared printer or directory… testing the network would be… Open a command prompt (START → Run, then type cmd and hit ENTER) and type ipconfig on each PC to ensure the address of each. Let say PC1 is 192.168.0.100 and PC2 is 192.168.0.101. At the same Command prompt type ping 192.168.0.101 from PC1. Do the same on PC2 by typing ping 192.168.0.100 from its Command prompt.

If both return messages like Reply from 192.168.1.XXX: bytes=32 time<1ms TTL=128 that is fantastic!! Your router, network cards and CFP all needed to pass that traffic for it to succeed.

So then where would be the problem on connecting to shares? In many places… like are both PC’s on the same “WorkGroup”? Are exact user account/passwords used on both PC’s? Are blank passwords being used? All of these would be good starting points for configuring Windows to property use/secure/authenticate the network.

Example 2… if the issue is why can’t both PC’s get internet access? The problem may lie with how you connect to your provider. In my town, my provider is ADSL, and typically installs software to access it’s PPOE network. If your provider is like this, than uninstall the software and configuring your router to connect to your ISP will ensure any PC that connects to your network will get internet access.

The rules look fine, with one small detail…

Rule ID 7, you should edit that rule, and check the box, “Create an alert if this rule is fired.” This way CFP will log anything that rule causes to be blocked. This is extremely helpful/necessary for diagnosing connectivity issues.

LM