I have a remote server that I can only access via remote desktop (terminal services). I’d like to install Comodo firewall through terminal services so I’m starting by testing on a local server.
On the local server I can’t seem to reconnect after the first reboot. I’ve added a rule to allow incoming port 3389 before the restart but after the restart a popup appears on the local desktop saying “Generic host processes for win32 is trying to act as a server… Listen port 3389” Unless this is clicked locally I can’t connect remotely.
We’ve tried to help several people in installing CFP remotely & it has proved remarkably difficult thing to accomplish… which given the nature of the product in question, it is perhaps not that surprising. In fact, I don’t think anybody has yet been successful without physically visiting the remote system. I recommend that you go to Comodo Support, register on their system & raise a ticket on this request. I’d, for one, be very interested to hear Supports response on this… I’m not even sure if its officially supported. So, please post any feedback that you get, thanks.
For now I guess I’ll have to stick with Windows Firewall (yuck). FYI, with Windows firewall I was able to add a rule to allow remote desktop before enabling it so I didn’t get locked out.
I’m curious, where does comodo save the firewall settings? I didn’t see anything in the registry, program files or any of the documents and settings directories that look like settings.
I was going to try to set my settings locally, install remotely and overwrite the settings before restarting.
CFPs settings are held in the Local Registry… HKLM\SYSTEM\Software\Comodo\Personal Firewall. But, it creates signatures of all Applications & Components and this makes it problematical trying to import a predefined set of rules & settings (which can be done). However… CFP tends to prompt as soon as the first application/component attempts any Net access because it usually detects the signature of something… if not everything… has changed.
BTW I wouldn’t take it as a good sign that you were able to set-up Windows Firewall remotely with such ease… Windows Firewall doesn’t have any outbound application/component filtering. Shudder.
An obvious solution - set the firewall to disabled prior to restarting which will allow all incoming connections after booting (including your terminal session).
I’m trying to to a remote install also but I noticed the HKLM\SYSTEM\Software\Comodo\Personal Firewall\ SecurityLevel key, is this the same as SecurityValue?
