winxp cannot login into domain

after installed comodo firewall, windows xp system cannot login into any domain which it used to be able to login. any suggestions?

Does your Log show anything as being blocked?



there is nothing in the log (of comodo).
meanwhile, i’ve add the local ip addresses as trusted network area,
but the windows xp box still cannot connect to the domain server.

If you turn off Network Monitor on the firewall does that allow you to connect?

Security>Network Monitor>at the top of the rules list


yes, it works.
however, does it mean my computer is lesser protected?

the protection strength' indicator is now showing good’ instead of `excellent’ in the past.

If it works without the Network Monitor on then it more than likely is a rule that is causing the problem. You can turn it back on again. And yes it means you basically have no protection.

Could you clear the Log by right-clicking on it anywhere and choosing “Clear All Logs”. Then try to connect again then right-click on the log again and choose “Export HTML” and then post it here using Additional Options below this text entry window. Maybe we can see what the problem is.

You might have to save it as a .txt file as I’ve noticed some people are having trouble posting .html files.


You can also Copy & Paste from the HTML file into your post, rather than attaching a file…

That way it will be in the same layout as the HTML file (for easy reading). :wink: You can mask out your private IP address (will match the IP showing in lower-right corner of your posts) with “x” for privacy.


well, i check with the administrator and found out the ip address of the domain server. after that, i check the log of Comodo. i found the udp communication from the domain server was completely blocked. i tried to put a rule in `network monitor’ to allow the tcp and udp traffic from the domain server’s ip (i put the new rule at the last of all other rules). it didn’t help. anyway suggestion?

Given the scenario, you may find it best to do this, to ensure you can communicate with the domain server (do this for any domain server you need to connect with).

Open Network Monitor.

  1. Right-click Rule ID 0 and select Add/Add Before. Build the rule as follows:
    Action: Allow
    Protocol: IP
    Direction: In
    Source IP: the Server’s IP address
    Destination IP: Any
    IP Details: Any

  2. Right-click Rule ID 0 (which will be the one you just made) and select Add/Add Before.
    Action: Allow
    Protocol: IP
    Direction: Out
    Source IP: Any
    Destination IP: the Server’s IP
    IP Details: Any

If you want, you can change the “IP Details” section of each rule to just UDP, rather than Any. That may be sufficient. However, there may be some scenario that requires additional Protocol types, and you don’t want to be cut off because of a rule that’s too limiting.


i have to report that it didn’t work for me. sorry…
anyway other suggestions? (:SAD)

Sure. Follow the steps below…

Goto Activity/Logs. Right-click an entry and select “Clear all Logs.”

Try to connect to the network/login to server. When it fails,

Goto Activity/Logs. Right-click an entry and select “Export to HTML.” Save the file, and reopen it. Do a “Save as” and change the type to text instead of HTML (ie, change the extension to .txt). You can attach the text file to your post under Additional Options.

We’ll take a look at it and see what’s being blocked, then go from there…


sorry about the late reply.
alright, the log is attached.

[attachment deleted by admin]

I know LM won’t be back on til Monday so maybe I can help you out.

Let’s get rid of one block entry in the log at a time to see if that gets you running.

Write this rule and place it at the very top of your Network Monitor rules list:

ALLOW-check the checkbox
Source IP:
Destination IP: ANY
Source Port: ANY
Destination: 712


no good.
after adding the new rule, still can’t connect to the domain server.

by the way, the ip of the domain server is
should i use this one instead of

Ok, let’s make sure that all of your rules are in the right position in the Network Monitor list.

The 2 rules that LM told you to write should be at the top of the list and should be using the domain server address in those.

LM’s rules should cover any communication between the domain server and you, if you use the domain server’s IP address where he says to use it.

If those rules of LM’s are at the bottom of the list then just move them to the top of the list. Try that and see what happens.


I guess I didn’t answer your question very well.

Use LM’s 2 rules and also write the rule that I gave you and put them at the top of your Network Monitor list of rules.

Keep in mind that you may have to write some more rules to get it working so hang in there and don’t give up. ;D


no luck.
i put all three rules which provided by both LM and you, but they didn’t work for me at all.
any other suggestions…

Could you please save a new log, doing it the same way as you did before, and post it here so we can see what else is being blocked. Clear it then try to connect and then save it after you try and connect again.

Also could you please take a screenshot of your Network Monitor rules so we can look at those also.

thanks for your patience,


log and snapshot

[attachment deleted by admin]