Unable to remote connect to my static IP router

piattj · September 27, 2011, 6:34pm

Hi all

I am trying to remotely connect to my router (I have a fixed IP address) where I have set up port forwarding to a device on the router. I type in the IP/port XXX.XXX.XX.XX:YYYY and it fails to make connection.

If I try from my partner’s laptop, it succeeds immediately. (She uses Win FW)

If I disable Comodo FW & enable the Windows FW, I can connect successfully from my laptop.

What Comodo FW setting have I got wrong?

piattj · September 28, 2011, 8:02am

Any help coming? I see folk viewing - any ideas? Thanx!

Radaghast · September 28, 2011, 10:25am

You don’t mention how you’re trying to connect but as a basic guide, make sure whichever application you’re using, is allowed to make connections outbound, on the port specified.

piattj · September 28, 2011, 10:58am

I’m using a browser (IE9 or Chrome, it makes no difference), typing IP:port of remote router. I have set up port forwarding on the remote router to allow port 1024 to forward to an IP camera.
When I try with Comodo FW on, I don’t reach the remote connection. Works OK with Win FW…
Strange thing is it’s not completely consistent. If I (eg) disable then re-enable Comodo, it sometimes allows a connection. Mostly not. Sometimes it fails after a hibernation of Windows, then restart may kick it into life…

So I enter XXX.XXX.XX.XX:1024 into browser.
Works OK with Win FW
Typically fails with Comodo FW
Any clues? Many thanks…!

panic · September 28, 2011, 11:11am

If you are attempting to connect to a CIS protected system, you will need to have rules in place to allow inbound traffic.

You will need to set up a global rule that allows inbound TCP on port 1024.

Open CIS
Click FIREWALL
Click NETWORK SECURITY POLICY
Click GLOBAL RULES
Click ADD
Add a rule with the following parameters;
Action : ALLOW
Protocol : TCP
Direction : IN
Description : Something relevant
Source Address : ANY (Unless you will always be using a fixed address)
Destination Address : ANY (For an inbound rule, ANY means THIS PC)
Source Port : ANY
Destination Port : 1024
Click APPLY
Make sure the ALLOW rule we have just created is ABOVE any BLOCK rule
Click OK

You may still need to create an application rule for your web server, but the rule defined in steps 1-9 above will at least get the traffic past the first block.

Hope this helps,
Ewen

piattj · September 28, 2011, 11:15am

I am logged into my laptop, running Windows 7 & Comodo FW. I am connecting over the internet to my router using the static IP supplied by my ISP. So I’m not connecting TO a CIS protected device, merely FROM one… The remote device is a standard router, with my IP camera hanging off it with port fwding enabled on the router to the IP camera.
Thanks!

panic · September 28, 2011, 11:25am

LOL. Talk about having the bull by the horns.

Is there anything in the logs? Contacting a web server, even on a non-standard port shouldn’t be a problem.

Ewen

panic · September 28, 2011, 11:30am

Does the CIS protected laptop correctly connect to other website on the standard HTTP port of 80?

piattj · September 28, 2011, 12:23pm

Port 80… same result. No connection…

Logs…some sample entries from FW log below for today - anything relevant jump out?

Thanks!

COMODO Firewall - Log Viewer Logs Firewall Events Date Created 2011-09-28 13:17:56

Records count 653

Date Application Action Direction Protocol Source IP Source Port Destination IP Destination Port

2011-09-28 08:30:04 Windows Operating System Blocked In UDP 192.168.0.1 1900 239.255.255.250 1900

2011-09-28 08:31:32 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:32:02 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:32:22 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:32:25 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:32:31 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)

2011-09-28 08:34:58 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:35:04 Windows Operating System Blocked In UDP 192.168.0.1 1900 239.255.255.250 1900

2011-09-28 08:39:30 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:40:03 Windows Operating System Blocked In UDP 192.168.0.1 1900 239.255.255.250 1900
2011-09-28 08:40:29 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:41:03 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:41:36 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520

2011-09-28 08:44:51 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:45:02 Windows Operating System Blocked In UDP 192.168.0.1 1900 239.255.255.250 1900
2011-09-28 08:45:21 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520

2011-09-28 08:53:14 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:53:21 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:53:30 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:53:42 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:54:05 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:54:08 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:54:14 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:54:33 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:54:35 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:54:42 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 08:55:00 Windows Operating System Blocked In UDP 192.168.0.1 1900 239.255.255.250 1900
2011-09-28 08:55:10 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:55:34 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520

2011-09-28 08:57:09 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:57:58 Windows Operating System Blocked In TCP 192.168.0.1 43771 192.168.0.2 2869
2011-09-28 08:58:01 Windows Operating System Blocked In TCP 192.168.0.1 43771 192.168.0.2 2869
2011-09-28 08:58:07 Windows Operating System Blocked In TCP 192.168.0.1 43771 192.168.0.2 2869
2011-09-28 08:58:27 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:59:04 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:59:37 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 08:59:59 Windows Operating System Blocked In UDP 192.168.0.1 1900 239.255.255.250 1900
2011-09-28 09:00:04 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 09:00:28 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 09:00:31 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 09:00:34 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 09:00:37 Windows Operating System Blocked In ICMP 84.92.6.40 Type(3) 192.168.0.2 Code(1)
2011-09-28 09:00:58 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 09:01:34 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 09:02:08 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 09:02:38 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 09:03:03 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 13:17:15 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 13:17:39 Windows Operating System Blocked In UDP 192.168.0.1 520 192.168.0.255 520
2011-09-28 13:17:47 Windows Operating System Blocked In TCP 192.168.0.1 37036 192.168.0.2 2869
2011-09-28 13:17:50 Windows Operating System Blocked In TCP 192.168.0.1 37036 192.168.0.2 2869
2011-09-28 13:17:56 Windows Operating System Blocked In TCP 192.168.0.1 37036 192.168.0.2 2869
End of The Report

panic · September 28, 2011, 1:01pm

PM sent asking for specific info, incl. your public IP address. Please reply only by PM.

piattj · September 28, 2011, 2:00pm

PM reply now sent. Ta…

Radaghast · September 28, 2011, 2:10pm

What are your firewall application rules for the browsers you’re using?

panic · September 28, 2011, 2:18pm

Have you created a zone that encompasses the 192.168.0.X address range and then used that zone in an ALLOW rule?

Given that you cannot connect to any website, I suspect the root issue is that your firewall has not been configured correctly to allow outbound traffic.

Go through the help files regarding the stealth port wizard.

Ewen

piattj · September 28, 2011, 3:01pm

Yep zone is in place.
I CAN connect to any website. I just can’t connect to my remote IP camera (static IP etc) from my laptop running Comodo FW. My partner’s PC (same except uses Win FW) works fine every time.
I believe there is a Comodo FW setting / rule etc that is getting in the way.
Maybe not?

Happy for further ideas… many thanx!

Radaghast · September 28, 2011, 3:11pm

You mentioned in an earlier post:

Port 80... same result. No connection...

Was this in error? As you say:

I CAN connect to any website

It would be helpful if you could provide detailed infromation regarding the firewall applications rules you have in place for your browsers.

piattj · September 28, 2011, 4:20pm

Well, thanks for your efforts. Seems that the FW is not to blame. After uninstalling CIS, I still have the problem. It must be router related.