Port not reachable

I have a PC with a service running on port 3456 which can be accessed via a client-browser.
On that PC COMODO-CIS is running

I can always (firewall = active or inactive) reach that HTTP-port 3456 from another PC on the local network.
But that HTTP-port 3456 is not reachable from the internet when the firewall = active. It works when firewall = inactive, meaning it’s blocked (as it should) by the Comodo-firewall

Problem is, I tried already all sort of settings to open the port, but can’t find a working solution. Surely I’m overlooking something …

No one able to put me in the right direction (about which settings are needed) ? - Thanks

If it is working within your LAN but not from the internet, the problem probably lies with your internet facing router.

You will need to have a port forwarding rule on your router to allow inbound traffic destined for port 3456 and forwarded to the internal IP address of your server.

Once this forwarding rule is in place, incoming data would pass through the router to your server where it would then be filtered by the CIS firewall. Given that you’ve already said it works inside the LAN, it sounds like you have CIS configured correctly.

The only thing I can think of that would be blocking it would be your router.

Hope this helps,
Ewen :slight_smile:

Hi, thanks for the reply.
Port-forwarding rules are ok and working correctly.
It should be due to something (missing setting / rule / …) in Comodo-firewall because

[ol]- port accessed from the internet with Comodo-Firewall DISABLED : working

  • port accessed from the internet with Comodo-Firewall ENABLED : NOT working[/ol]

After a failed connection attempt, what shows up in the CIS logs?

Nothing at all (in the Firewall events), very weird !

To be sure I even uninstalled (+cleanuptool) Comodo and re-installed, with 100% the same result.

The calling browser (with port 3456) gets a “The connection has timed out”. As soon I change Comodo-Firewall from “Safe Mode” to “Disabled”, the calling browser gets the expected page.

You need to create an allow incoming global rule with the port set as the destination port.

Thanks, works now.

Seems I made the mistake to specify to much (Source + SourcePort + Destination + DestinationPort)
Would like to know which behaviour is to be expected with the different possible settings