I am very newbie to this firewall and to networking as well. I have a small network of three computers connected to a LinkSys router (2 PC with XP Pro, and one Win2000). Prior to installing COMODO fire wall I was able to see shared folder on the other two computers. Now, I can’t see them when I go to My Network Places. I can’t understand how the Network Control Rules work (ever after reading one of the posts here on this message board).
One other related issue/problem. One of the three computers has a network printer attached. When I try to print to this printer from this (computer where COMODO is installed) I cannot do it. What I have to do is open COMODO and set Network Control Rules to Turn Off. Then I can print.
Can someone please explain (like to a 4 yo :)) what I should do?
Thank you very much for your message. However, I do already have Trusted Zones defined for my NIC card and ranges of IPs (192.168.1.###) and (172.16.0.0 - .255).
Yet, still when I need to print to a printed connected to another computer I have to first set Network Control Rules Off and only then I can print.
Anything blocked in the logs? You can upload an edited copy of it here (right-click in the Log window, export to html, edit out the private IP’s with something like Notepad, click on the Additional Options to upload when posting).
Hmmmm? One point I’m not clear on - you stated “my NIC card” (singular) and then mentioned 192.168.1.### and 172.16.0.0 - .255. Is there a reason you appear to be using two private IP ranges? How are you getting one NIC to talk to two subnets?
First, thank you for your message. What I just did is tried to print to the network printer and then look in the Log. What I see there are the following things that are logged:
I presume that when I initially installed COMODO it automatically set one trusted zone of 192.168.1.0 to 192.168.1.255.
Then, on the advice in this forum, I added a trusted zone, using the wizard. The wizard automatically set the IP range of 172.16.0.0 to 172.16.0.255 (which I think is the IP range of the router). The wizard named it Packet Scheduler Miniport. And I don’t understand the purpose of this. If you know, please explain to me to that I can learn. If you think I should remove this trusted zone, also, please let me know.
After you posted your question about the LOG and I looked at the Log it seems to me like one of my Network Control Rules is what is causing the problem. The rules is the very last one on the list of rules (no 7) and it says:
Block & Log IP In/Out [Any] [Any] Where IPPROTO IS ANY
It seems like above will block Everything. I don’t believe I set this rule (I don’t like to make changes to things I don’t understand).
Do you think I should remove or change the above rule?
That rule must stay. The rules are read from top to bottom and this rule is designed to catch anything that doesn’t confrom to any of the rules above it. It is critical.
If your LAN access is being blocked by this rule, it means that there is no rule higher ijn the list that will allow the traffic.
Do you have any zone rules in the list? If so, can you please manualy type the parameters for the zone rule and post it here. Please use the following format;
Action : XXX
Protocol : YYY
Direction : ZZZ
Description : QQQ
Source IP : WWW
Destination IP : EEE
Source Port : RRR
Destination Port : TTT
As an example, I have a network policy for my home LAN and its parameters are;
Action : ALLOW
Protocol : TCP or UDP
Direction : IN/OUT
Description : Home LAN Access
Source IP : ZONE - HOME LAN
Destination IP : ZONE - HOME LAN
Source Port : ANY
Destination Port : ANY
This rule is at the top of the list and works seamlessly.
Thank you very much for your help. I will create the rule as you suggested (tomorrow when I am in the office with the other two computers network). But I have one quick question, please.
You have mentioned that Source and Destination IP is Zone - Home LAN. When I check the choice ZONE in the COMODO Firewall dialog box, the pull-down with caption Zone has only one entry, my NIC card. Is this what you mean by “HOME LAN”?
The zone name “HOME LAN” is literally the text description of a zone I created. Go through the zone creation wizard to create a zone with a custom name that suits your network. Then, use that zone name in your rules. Naming things in such a context tends to make the rules easier to follow.
