Installing via Remote Desktop (terminal services)

I have a remote server that I can only access via remote desktop (terminal services). I’d like to install Comodo firewall through terminal services so I’m starting by testing on a local server.

On the local server I can’t seem to reconnect after the first reboot. I’ve added a rule to allow incoming port 3389 before the restart but after the restart a popup appears on the local desktop saying “Generic host processes for win32 is trying to act as a server… Listen port 3389” Unless this is clicked locally I can’t connect remotely.

Any suggestions?


Hi linuxamp, welcome to the forums.

We’ve tried to help several people in installing CFP remotely & it has proved remarkably difficult thing to accomplish… which given the nature of the product in question, it is perhaps not that surprising. In fact, I don’t think anybody has yet been successful without physically visiting the remote system. I recommend that you go to Comodo Support, register on their system & raise a ticket on this request. I’d, for one, be very interested to hear Supports response on this… I’m not even sure if its officially supported. So, please post any feedback that you get, thanks.

we are building a central management console for CPF…
as soon as its available you will be able to remotely install and manage CPF…


Thanks for the quick and informative responses.

For now I guess I’ll have to stick with Windows Firewall (yuck). FYI, with Windows firewall I was able to add a rule to allow remote desktop before enabling it so I didn’t get locked out.

I’m curious, where does comodo save the firewall settings? I didn’t see anything in the registry, program files or any of the documents and settings directories that look like settings.

I was going to try to set my settings locally, install remotely and overwrite the settings before restarting.

CFPs settings are held in the Local Registry… HKLM\SYSTEM\Software\Comodo\Personal Firewall. But, it creates signatures of all Applications & Components and this makes it problematical trying to import a predefined set of rules & settings (which can be done). However… CFP tends to prompt as soon as the first application/component attempts any Net access because it usually detects the signature of something… if not everything… has changed.

BTW I wouldn’t take it as a good sign that you were able to set-up Windows Firewall remotely with such ease… Windows Firewall doesn’t have any outbound application/component filtering. Shudder.

Just for information (sorry for the english, i’m french…)

You do not restart after install (with Terminal Server).

Just before restarting, you have to modify the following value in registry :

HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Personal Firewall

SecurityValue = 2 (decimal).

After rebooting, the firewall is in the state “All autorised”, so you can setup to your rules and configuration without any problems.


Thanks by the way for this great software which is Comodo Firewall ! :BNC

Merci, JardY!

An obvious solution - set the firewall to disabled prior to restarting which will allow all incoming connections after booting (including your terminal session).

Thank you
Ewen :slight_smile:

I’m trying to to a remote install also but I noticed the HKLM\SYSTEM\Software\Comodo\Personal Firewall\ SecurityLevel key, is this the same as SecurityValue?

ok yes it is.