Many thanks for that post and the reminder to look at the firewall events log. I have to configure the CFP only rarely and so forget what to look at and where in the product. Anyway now notes have been taken for the future.
To document it for others (including the obvious), here all that I did from the start:
Ensure that remote desktop connection has been enabled.
Right click on “My computer”
Select Tab “remote”
Select “remote desktop”
Comodo Firewall on remote computer:
In the firewall section – in the left column, select “advanced” – network security policy – global rules
You have to allow TCP port 3389 IN thru the firewall. The firewall log should show that port as being blocked when you try to remote in.
The rule would look like this:
ALLOW - check the checkbox if you want to log
Source IP: the IP of the PC you are connecting from
Destination IP: Any (or the IP address of the computer being connected)
Source port: ANY
Destination port: 3389
Now move this rule to the top, so that this rule is executed first.
In the firewall section– in the left column, select “advanced” - network security policy – application rules
Find the entry for svchost.exe
And change the part:
Block and log IP in …….
Add the exception for the IP address of the source computer
And I set the network defense (under summary) to “training mode” on source and destination computer while I did my first rdp connections. Once it worked, I set it all back to safe mode.
This is valid for the source computer with CIS (firewall only installed) and the destination computer with CIS (firewall only installed). The one computer that is already at a remote destination and still has the old CFP v3, will be tested as soon as I find time to go there.
That did the trick for me. Not being a network and security specialist, I would like to know if this config does not pose any special risks?