Remote Desktop completely non-functional with v3? [Merged Threads]

I recently upgraded to V3 and when I try to connect to an IP using Remote Desktop Connection but I just get a black screen in the RDC and it finally says couldn’t connect. I have Windows XP SP2 OS.
Even If I disable the Defence+ and the Firewall it still doesn’t help. Only if I unistall Comodo the RDC works,
Any help is greatly appreciated,
Sameer

I’m having the same issue …

I’m havin the same issue, even if I open port 3389 in Comodo, it is always shown as blocked in the log :frowning:

[EDIT]
I found the solution:

Under “Network security policy” change the rule for “svchost.exe” so that it accepts everything that has a destination port 3389.

I configured the Network Security Policy for svchost.exe to accept everything on Destination Port 3389. I also configured the Global Rules under Network Security Policy to accept everything on Destination Port 3389 … still does not work for me.

Maybe there is something else to modify in the configuration?

Thanks.

Same problem here, can someone please help!!! Shouldn’t it ask to allow the connection?

I “upgraded” from version 2.4 to 3.0 (I use quotes because upgrades shouldn’t wipe out your settings and force you to completely re-configure your rules) and found that Windows’ Remote Desktop Connection doesn’t work anymore - even if I exit the firewall on both machines! Nada, nyet, zip! If I go back to version 2.4, then it’s all fine.

Very shoddy, Comodo. I wasn’t impressed with having to disable the on-access scanner on the antivirus every time I want to edit an Excel spreadsheet (documented bug), but I’m seriously beginning to doubt the efficiency of the Comodo suite.

figured it out. Delete all the pre-defined firewall policies and network security policies and all port sets. And have firewall set to cusom policy mode. Now when you connect, it should ask you.’

BTW, i’m running remote desktop on a non-standard port (port 110) so i can connect from work.

The firewall (v3) now shows alert when run through remote desktop. Thanks for fixing that guys, that was killing me before.

to make the mstsc (Remote Desktop Connection) work you don’t need to delete any thing, only one small change -

goto:
Firewall => Advanced => Predefined network policies => choose “Outgoing Only” → Press on “Edit…” => “edit…” again (on the bottom) => in the direction, while now it’s marked out, change it to “In/Out”

have a wonderful day and week,
full of light and love
yoav

Thanks mahadeva, i wish you posted that earlier before i deleted everything… Oh well.

That’s rather bad thing to do, as it’ll alter other rules (svchost, system, comodo) that are defined by default as well, opening your computer to attacks. You’ll be allowing more incoming connections then you really want, unless you set very strict global rules to fix holes you just made.

We’ll if your going to host any kind of server (remote desktop, IIS, DNS, etc.) you will need to allow incoming connections. Won’t the firewall ask you to allow every incoming connection? Unless there’s some other way to do it.

If you allow all incoming connections via policy like that (by changing default outgoing policy), it won’t ask, since you already gave it permission.

I think that it’s better to either define global policy that lets only ports you need in and assign that policy to correct services or even better, define port that each service needs in the incoming connections in application rules.

For example if you have HTTP server, you’d do something like this:

  • Action: Allow, Protocol: TCP, Direction: IN, Source Address: ANY, Destination Address: ANY, Source Port: ANY, Destination Port: 80 (we accept connections on port 80)
  • Action: Allow, Protocol: TCP, Direction: OUT, Source Address: ANY, Destination Address: ANY, Source Port: ANY, Destination Port: ANY (some services on server might need it)
  • Action: Allow, Protocol: UDP, Direction: OUT, Source Address: ANY, Destination Address: ANY, Source Port: ANY, Destination Port: 53 (for dns lookups)
  • Action: Block, Protocol: IP, Direction: IN/OUT, Source Address: ANY, Destination Address: ANY, IP Protocol: ANY (if it does not match any of previous rules, drop it)

It’s more work this way, but in the end you’ll end with more secure firewall then what you suggested. My Port Sets, My Network Zones and Global policy’s can name this more manageable, however.

Since the upgrade, I can no longer connect via remote desktop. I have opened ports etc…

Any thoughts?

How can i make RD settings in version 3…
If anyone has a suggestion with a screendump that would be more than welcome…

Hi,

How to open port 3389 for Remote Desktop?

Comodo firewall v.3

Can you provide more details on how you got alerts working through remote desktop?

The only way I’ve been able to get any alerts while connected remotely is to stop and restart comodo. I then get alerts, but it seems something is still not 100 percent in doing this.

How do I get remote desktop to function in CPF v3. I’ve seen several examples and people saying to change outgoing rules to in/out, but no one actually doing it the right way.

I’ve created an RDP Policy with In and Out rules for TCP and UDP on port 3389, but it doesn’t work (mstsc is set to Treat As RDP Policy). In my log, I see entries for svchost.exe blocked on TCP destination port 3389. I tried adding a global rule allowing In/Out for TCP or UDP and I get the same error (It’s first in my list before blocking).

Do I need to set svchost.exe up with the RDP Policy? Does anyone have another suggestion? Maybe someone could post a Tutorial. On another note, I was able to get VNC to properly function, but I could be screwing up a setting for Remote Desktop.

I was able to get it working after trying a bunch of different things. What I ended up doing was in the Network Security Policy, I created another rule for C:\windows\system32\svchost.exe which allowed access any access to port 3389. At first this was not working correctly for me, however, since the new rule was placed at the bottom of the list which is below the entry that already existed for %windir%\system32\svchost.exe that was in the list by default. When I moved my rule I created up above that entry, things RDP started working correctly. I am not sure if the rule I created causes the default rule to be excluded, but it did get RDP working for me. Hope this helps.

Crazyhawki - I added my RDP Policy that I created to the svchost.exe process and now it works. I wonder what should be correctly applied to svchost.exe?