Hello,
I try co connect to an existing IPSec Server (from my company).
The problem I have is that when comodo is enabled, he doesn’t let the IPSec connection create because of the default last rule that will drop all protocols not (on Network monitors). (Protocol 50 in the log)
Because of this rule, I have to disable comodo firewall when I want to work with IPSec.
How can I let the protocol 50 pass throught Comodo?
It is the protocol, not the port.
Thank you
Marc
First off, I have no personal experience with using IPsec (so take the following with a grain of salt) but I hope I can offer some info to at least get you started.
In theory you would need to create a zone for your company’s server and then add that zone as a trusted network.
At that point you many need to add an application control rule to allow UDP traffic on ports 500 and possibly 4500. I’m not sure how this works in practice but I would assume it may be the network service via svchost that would need to use these ports.
The easiest way to add the needed rules is to temporarily change your ‘Alert Frequency Level’ to very high and uncheck the ‘Do not show any alerts for the applications certified by COMODO’ on the Security/Advanced/Miscellaneous dialog and then attempt to connect to your company’s server. If all goes as planned you should see some alerts for the above mentioned ports - allow and remember the alerts - and the rules will be created for you.
Let me know if this works - if not, I’m sure there is someone on the boards with more experience that can get this sorted out for you
Thank you for your answer.
I don’t have the laptop to do tests at the moment. I will try as soon as I have the laptop again, and tell you if it worked.
Thank you
Marc
PS
I did some more reading on the subject and discovered that depending on which authentication scheme is used by the server, you may need to allow fragmented IP packets. You can enable this if needed on the Miscellaneous tab of the Security/Advanced/Advanced Attack Detection and Prevention dialog.