Outllook synchronization

Help for v3
1

Hello,

Rentely I upgrade CF from version 2 to version 3.0.14.276.
When I connect through VPN tunneling to my company and try to get my email from the exchangeserver, outlook cannot connect to the exchangeserver (although I can ping the exchangeserver). The firewall events doesn’t show extra information.
The VPN network is added as trusted and is allowed tcp/udp for anything.

With version 2 I had no problem to synchronize.
Does anybody have a clue?

2

Is Outlook defined as an Email Client? If so, you will have to add the VPN ports to the rules list for it. The View Firewall Events log should show a blocked connection attempt which will show the port that was requested. The sending port will have to be discovered by asking your tech guy, or, after writing a rule to allow the connection out, looking for the blocked connection in Event. The easiest way to edit the policy is to go to: Firewall>Advanced>Network Security Policy>(Select the entry for Outlook)>Edit. On the Edit window, click the “Use a Custom Policy” button and click Copy From and select “Predefined Security Policies” and select Email Client. This gives you the base email client rule set. Now click Add. On the dialog, write your “Out” rule: Allow IP Out (Your home IP address or LAN) (your Office network) source port Any target port (the port discovered in the View Firewall Events above) protocol Any. Then write the In rule:
Allow IP In (your Office LAN) (your home IP/LAN) source port (as discovered) target port Any Protocol Any. Make sure that these two rules are moved above the Block and Log rule. Then click Apply and Apply until you are back to the interface menu.

3

Thank you for your support, but the things you told me, I already configured.
The strange thing is, that nothing is logged in mine firwall eventlog.
Any idea?

4

I think I need more info about your system. Could you include:

  • Your Internet connection type (dial-up/cable/Direct connection/LAN etc)
  • Operating system and Service Pack Level
  • How you are logging in to the OS (Admin, User)
  • Other real-time security applications installed (AV, AS, HIPS etc)
  • Security related applications which have been removed/disabled before installing CFP
  • Security related application which have been removed/disabled after installing CFP
  • Detail the problem, such as which applications are running when you have the problem
  • Please include any custom rules
  • CPU
  • details of your home network connections: router? ethernet? etc.
    It would also be useful to have you check that you have had your LAN detected. Click Firewall>Common Tasks>My Network Zones and note any entry there. Also, click Firewall>Advanced>Network Security Policy and click the Global Rules tab and note the rules there in your next post.
5

I had the same issue with Outlook and I solved it with the following settings:

  • Firewall->Tasks->Stealth Ports Wizard
  • Select “Alert me to incoming connections”

Then Protocol analysis should be disabled.

  • Firewall->Advanced->Attack Detection Settings->Miscellanous
  • Uncheck “Do protocol analysis” option

unfortunately since I have upgraded to new 3.0.14 I cannot anymore select the “incoming connections” option (even if I select it and get no errors, the problem still remains and the selection has gone when I reopen the options page!) (:AGY)
Rolling back to previous version did not solve the problem. (:AGY)

Any help?

6

There seems to be some problem with Outlook and firewalls generally. See:

It mentions using Outlook Web Access as a work-around - but I have no experience with that. There is another work-around that might be doable using the Global Rules: Click Firewall>Advanced>Network Security Policy. Click the Global Rules tab and then Add the following two rules:
Allow
IP
In
(describe or leave blank)
Source Address (the IP address of the remote network)
Target Address Any (shorter that writing your own IP address range)
IP details Any

Next:
Allow IP
Out
(describe or leave blank)
Source Address Any (can only be your computer)
Target Address (the IP address of the remote network)
IP details Any

This may work, but as the Microsoft article states, the problem occurs when the packets are processed and I don’t know if this will leave them unprocessed.

7

I had solved this issue using the two steps I mentioned earlier. With the new Comodo firewall version 3.0.14 this solution does not work anymore. (:AGY)
I rolled back to previous PC state (via backup) and now Outlooks (with 3.0.13) works again. :BNC

Quote:
"unfortunately since I have upgraded to new 3.0.14 I cannot anymore select the “incoming connections” option (even if I select it and get no errors, the problem still remains and the selection has gone when I reopen the options page!) "
This happens also in 3.0.13, this option adds a rule in the firewalls rules, it does not remain selected. Anyway, I repeat, with Comodo upgrade I cannot use anymore Outlook. ???

8

Thnx for your help.

I did some investigation, using netstat.
This are the results:

proccess pid localip localPort remotelIP remotePort state protocol
OUTLOOK.EXE 3856 10.100.40.61 3769 10.100.1.34 1044 ESTABLISHED TCP
Unknown 0 10.100.40.61 3768 10.100.1.34 135 TIME_WAIT TCP
Unknown 0 10.100.40.61 3748 10.100.1.34 3009 TIME_WAIT TCP
System 4 192.168.2.2 3721 62.58.. 1723 ESTABLISHED TCP

As you can see, the VPN session is working (I can eg reach servers through UNC).
But with outlook I got some TIME_WAITS.

Any idea?

9

The Microsoft article is not encouraging, but try the following.
First, create a Port Set: Click Firewall>Common Tasks>My Port Sets>Add. On the Add balloon, choose A New Port Set and name it “Outlook Ports” and click Apply. Select the (Add ports here) line and click Add and choose a New Port. Type 135 in the Single Port box and click Apply. Click Add again and choose A New Port and type 3009 in the single port box and click Apply and Apply.
Next write a rule on the Firewall>Advanced>Network Security Policy>Global Rules tab:
Click Add and on the dialog, write:
Allow
TCP
In
Source: 10.100.1.34
Destination: Any
Source Port: Outlook Ports
Destination Port: Any

Then click Firewall>Advanced>Network Security Policy>Application Rules tab. Locate and select the Outlook policy and click Edit. Choose “Use a Custom Policy” and click “Copy from” and “Predefined Policy” and choose Email Client. Then, click Add and write the following in the dialog:
Allow
TCP
Out
Source: Any
Destination 10.100.1.34
Source Port: Any
Destination Port: Any
Then click Apply, Apply, and Apply.

Finally, click Firewall>Advanced>Attack Detection Settings>Miscellaneous
Uncheck “Do protocol analysis” option
The article was not encouraging about this working, but it is worth a try.

10

I second what pistarino said, it works in 3.0.13.268 but not in 3.0.14.276.

The problem starts when you install CFP 3.0, even if CFP 3.0 is disabled or shutdown (so no rules are involved). If you connect through VPN, server names can not be properly resolved, so Outlook can not connect to Exchange.

In 3.0.13.268 this can be fixed by using the Firewall->Common Tasks->Stealth Ports Wizard-> Select “Alert me to incoming connections”, but that does not work in 3.0.14.276.

I don’t know what changed, but for now I’m back to using 3.0.13.268.

On the bright side, the uninstall / reinstall process is a breeze, so you can just uninstall 3.0.14.276 and reinstall 3.0.13.268, if you don’t have too many custom configurations.

Overall, great app, looking forward to a fix.

11

Lovely product - great stuff - but as an average home user I’m tired of reading forums and opening ports and generally mucking around so I can receive Outlook messages. After a while believe it or not you just get plain sick of it. (:SAD)

12

As an average home user you’re having problems reading email from an Exchange server via a VPN tunnel?

That’s quite a home you got there. :wink: