Open Port 497 for Retrospect Client

I am trying to configure Comodo Firewall v3 to allow communication between network computers set up as Retrospect server and clients. Retrospect manual says firewall needs to allow commmunication over port 497 for TCP and UDP on all the computers.

I have

  • defined Retrospect as a trusted application-
  • in Network Security Policy, set up Application Rules AND global rules allowing in/out TC/UDP over Port 497

Still getting nowhere, and when i try Telnet_IP address_497 in cmd I receive an error message.

Running XP SP3. I suspect I’m missing something - but I couldn’t find any forum entries that went beyond what I’ve already tried.

What do your rules actually look like? Usually, for a server, the rules looks something like
allow/tcp+udp/in/any/any/any/497 for the server and allow/tcp+udp/out/any/any/any/497 for the client. Using in+out sometimes confuses sources and destinations in CFP. What are your rules for Telnet? Does anything show up in the log? I don’t use Retrospect, BTW.

What’s the error message and what does the CFP log have to say? (should have log option enabled)

PS I’ll let sded handle it.

i had used allow/tcp+udp/in+out/any/any/497/497. I changed it to sded’s suggested rules with ‘in’ for the server and ‘out’ for the client, and only the last 4977. Still no joy. When I try the telnet cmd, I get the response, could not open connection to the host on port 497: connect failed. Nothing is showing up in firewall events

I alos tried to connect from within retrospect from the server to the client using multicast - can’t find client.

I am using Webroot antivirus/spyware and Network magic

What is your telnet setup? telnet normally uses port 23. Have you modified your telnet setup to use port 497 instead? To eliminate other issues for your setup, try allow&log/tcp+udp/in/any/any/any/any similarly for out and see if that works. For the in, you will also need a global rule. Then, with logging still enabled, change the ports to 497 one at a time.

No, I haven’t done anything with the telnet setup. When I called retrospect they just used the telnet routine as a quick way to see if there was communication allowed via port 497.

I set up the network rule with log (I have the same rule for both application and global on both computers - should I be only using either application or global?). allow&log/tcp+udp/in+out/any/any/any/any. After using telnet_ip address_497, the log shows that the communication was sent from the client to the host and received by the host ok (even though the telnet command produced an error). But doing the same from the host to the client did not produce anything on the log, and also an error on the telnet command.

I’m a little mystified