Simple network separation

Hi fellows!

I run the Comodo firewall - newest version - on a Windows 7 x64 server in a lab and testing environment. I host different services for that lab on that box. I want to separate the box from the general network:

But these services shall only be available internally in 192.168... That’s a fairly trivial thing, however Comodo seems to be bloated with a lot of features. - I don’t find where I can configure that globally for every outgoing connection. It’s just an internal server.

Does anybody know how to do that?


HI Squ,

Welcome to the forums, if i understand it correctly you are trying to establish the following.

Your hosting service1 and service2 on this box? and you only want to allow your “internal network” to access service1 and service2 so “others” can’t access it, whilst still allowing the “server” to access everything everywhere?

If so we are looking at something we could build with the global rules.
Let’s assume service1=web server on TCP 80 and service2 = SMTP Server on TCP 25.

Now go to Firewall, Advanced, Network Security Policy, and switch to “Global rules” tab.

Now create a new rule with

Block (and log)
Source IP subnet / and tick “Exclude”
Source Port ANY
Destination ANY
Destination Port 80

and the same fore Destination Port 25

This should block all but 192.168.x.y to access those ports, if you have lot’s more you can also create a “Port Group” and select that in the Destination Port list so you can block/allow multiple ports with one firewall rule, you can create new port groups on Firewall, Common Tasks “My Port Sets”.

Hope this helps out a bit.

That is very helpful indeed. Thank you for this fast answer!

Your welcome