Hi there,
Could someone help me to set up my home Lan in network zones. I looked at the help guide but not sure what to choose in ‘Add a New Address’ box.
Thanks
The reason I want to add a new network is because our ip address was one of the APIPA addresses. I don’t know why : usually it is the router address.
So I removed the Local Area Network 1 from Network Zones and now want to put in my proper address but not sure how to.
What is the IP address of your router? Let’s say it is 192.168.0.1 then your local network would be 192.168.0.1/255.255.255.0 (when defining it as an IP address with network mask).
Next step is to use the Stealth Ports Wizard to make your local network a trusted network.
Thanks for your reply EricJH.
The local network was not my router address. It was this other APIPA address which I have now deleted.
So I have to put in a new home network don’t I?
I rebooted the router to see if that made a difference but everything is the same on the router info.
I want to put in a new home network so I can stop the firewall events that keep occurring. It seems that Comodo is constantly blocking on the lan but I dont know why.
We need to know just one IP address of your local network then we can make it trusted.
Can you show a screenshot of the Firewall logs? This way we can see in what IP address range your local area network is in. The logs are in View Firewall Events.
I have set up a new network and have put in the IP in address as 192.168.0.1 - 192.168.0.50 for now.
Is that OK or should i change that?
Is it possible to somehow get Comodo to find a new network automatically?
Sorry, not very technical. No idea about getting screenshots.
Can you see if Automatically Detect New Private Networks is enabled?
How to post a screenshot?
To copy a screenshot of the active window push alt+print screen to copy the active window to the clipboard (pushing print screen will copy the complete window to the clipboard not just the active window). The window is now copied to the clipboard. Paste the image in any image editing program, Paint, Paint.net, the Gimp etc. Use the “crop” function to resize the canvas to size of the image. Now save the file as 32 bits png image.
At the forum push the reply button. Or when using the Quick reply type some text and push the preview button.
Underneath the text box click on Additional options. Push the Choose button and navigate to the file and select it. When you want to post more images click on the more attachments link.
When done typing push the Post or Preview button.
I’ve activated the detection of new networks.
Don’t know if this screenshot attempt will work but here goes.
[attachment deleted by admin]
It worked! I"ve amazed myself!
Does it shed any light on what is happening?
The IP range of your LAN is 192.168.0.x. When written as IP address with subnet mask it will look like 192.168.0.1/255.255.25.0.
Now go to Network Security Policy -->Network Zone → Add → A new network zone → give it a name; let’s say Home Network → Apply.
Now select Home Network → Add a new address → choose IPv4 Subnet Mask → fill in 192.168.0.1/255.255.25.0 → Apply → Ok.
We should be back in the main screen of the Firewall. Next step is to use the Stealth Ports Wizard to make your local network trusted. Choose option Define a new trusted network and make my ports stealth for everyone else.
OK. I’ve done that now.
I edited the one i made earlier so i could keep the same name. I had already enabled the stealth wizard so it said it had already been made trusted. I think that should be OK though.
So hopefully I won’t have any more long lists of firewall events. I’ll find out soon enough.
Thanks EricJH for all your help with this. It’s good to know that with your knowledge I’ve done this properly.
Cheers!
Network Zones, by themselves, have no effect on the operation of CIS. If you wish to use the information in a Network Zone, you have to create a firewall rule that uses the zone. As an example, the pre-defined web browser rule uses the Loopback zone as part of it’s rule set.
Hello again Radaghast,
Unfortunately, I am not knowledgeable enough about comodo to fully understand what you said in your post. Could you elaborate for me please?
Are you saying I need to make a rule in firewall rules about the home network? If so how do i do that?
Thanks.
There is another thing that I would like to know. I read on another post on the forum that it’s possible to make this global rule :
Allow
UDP
In/Out
Source ANY
Destination ANY
Source Port - Range 67 - 68
Destination Port - Range 67 - 68
and to put this as the topmost rule . This is to allow DHCP requests through the firewall.
I did this but would like to know if : a) I should have done this , b) i needed to do this and c)
I should undo this. Is it risky?
Thanks for any advice .
Your original question in this thread, asked how to create a Network zone for your LAN, for which Eric provided instruction. I just wanted to point out that having created a Network zone, you have to actually do something with it for the information contained in the zone to mean anything. You’ve done this by running the Stealth Ports Wizard to create a trusted network. Doing this creates a couple of Application rules and a couple of Global rules containing the Network zone for your LAN.
There is another thing that I would like to know. I read on another post on the forum that it's possible to make this global rule : Allow UDP In/Out Source ANY Destination ANY Source Port - Range 67 - 68 Destination Port - Range 67 - 68and to put this as the topmost rule . This is to allow DHCP requests through the firewall.
I did this but would like to know if : a) I should have done this , b) i needed to do this and c)
I should undo this. Is it risky?Thanks for any advice .
If you haven’t changed the default firewall Application rules, you don’t need to implement this, as it’s already catered for by the Windows System Applications firewall rule. In all honesty, unless you’re comfortable making changes to the default policies, you’re probably better leaving things as is. If you’re interested in looking at basic tutorial, you might take a look at this thread.
OK, thanks.
To undo the global rule that I made can I simply highlight and click on remove or do I need to replace it with a different rule?
You can just delete the rule, by highlighting and selecting remove.
Thanks for that, Radaghast. 