winxp cannot login into domain

hamburger · May 8, 2007, 1:59am

after installed comodo firewall, windows xp system cannot login into any domain which it used to be able to login. any suggestions?

jasper2408 · May 8, 2007, 2:58am

Does your Log show anything as being blocked?

Activity>Logs

jasper

hamburger · May 9, 2007, 12:45am

there is nothing in the log (of comodo).
meanwhile, i’ve add the local ip addresses as trusted network area,
but the windows xp box still cannot connect to the domain server.

jasper2408 · May 9, 2007, 1:36am

If you turn off Network Monitor on the firewall does that allow you to connect?

Security>Network Monitor>at the top of the rules list

jasper

hamburger · May 9, 2007, 4:32am

yes, it works.
however, does it mean my computer is lesser protected?

hamburger · May 9, 2007, 4:35am

the protection strength' indicator is now showing good’ instead of `excellent’ in the past.

jasper2408 · May 9, 2007, 12:56pm

If it works without the Network Monitor on then it more than likely is a rule that is causing the problem. You can turn it back on again. And yes it means you basically have no protection.

Could you clear the Log by right-clicking on it anywhere and choosing “Clear All Logs”. Then try to connect again then right-click on the log again and choose “Export HTML” and then post it here using Additional Options below this text entry window. Maybe we can see what the problem is.

You might have to save it as a .txt file as I’ve noticed some people are having trouble posting .html files.

jasper

Little_Mac · May 9, 2007, 6:58pm

You can also Copy & Paste from the HTML file into your post, rather than attaching a file…

That way it will be in the same layout as the HTML file (for easy reading). You can mask out your private IP address (will match the IP showing in lower-right corner of your posts) with “x” for privacy.

LM

hamburger · May 10, 2007, 5:46am

well, i check with the administrator and found out the ip address of the domain server. after that, i check the log of Comodo. i found the udp communication from the domain server was completely blocked. i tried to put a rule in `network monitor’ to allow the tcp and udp traffic from the domain server’s ip (i put the new rule at the last of all other rules). it didn’t help. anyway suggestion?

Little_Mac · May 10, 2007, 2:38pm

Given the scenario, you may find it best to do this, to ensure you can communicate with the domain server (do this for any domain server you need to connect with).

Open Network Monitor.

Right-click Rule ID 0 and select Add/Add Before. Build the rule as follows:
Action: Allow
Protocol: IP
Direction: In
Source IP: the Server’s IP address
Destination IP: Any
IP Details: Any
Right-click Rule ID 0 (which will be the one you just made) and select Add/Add Before.
Action: Allow
Protocol: IP
Direction: Out
Source IP: Any
Destination IP: the Server’s IP
IP Details: Any

If you want, you can change the “IP Details” section of each rule to just UDP, rather than Any. That may be sufficient. However, there may be some scenario that requires additional Protocol types, and you don’t want to be cut off because of a rule that’s too limiting.

LM

hamburger · May 11, 2007, 6:55am

i have to report that it didn’t work for me. sorry…
anyway other suggestions? (:SAD)

Little_Mac · May 11, 2007, 6:53pm

Sure. Follow the steps below…

Goto Activity/Logs. Right-click an entry and select “Clear all Logs.”

Try to connect to the network/login to server. When it fails,

Goto Activity/Logs. Right-click an entry and select “Export to HTML.” Save the file, and reopen it. Do a “Save as” and change the type to text instead of HTML (ie, change the extension to .txt). You can attach the text file to your post under Additional Options.

We’ll take a look at it and see what’s being blocked, then go from there…

LM

hamburger · May 14, 2007, 2:52am

sorry about the late reply.
alright, the log is attached.

[attachment deleted by admin]

jasper2408 · May 14, 2007, 4:27am

I know LM won’t be back on til Monday so maybe I can help you out.

Let’s get rid of one block entry in the log at a time to see if that gets you running.

Write this rule and place it at the very top of your Network Monitor rules list:

ALLOW-check the checkbox
UDP
IN
Source IP: 10.2.194.25
Destination IP: ANY
Source Port: ANY
Destination: 712

jasper

hamburger · May 14, 2007, 4:42am

no good.
after adding the new rule, still can’t connect to the domain server.

by the way, the ip of the domain server is 10.2.194.11.
should i use this one instead of 10.2.194.25?

jasper2408 · May 14, 2007, 4:53am

Ok, let’s make sure that all of your rules are in the right position in the Network Monitor list.

The 2 rules that LM told you to write should be at the top of the list and should be using the domain server address in those.

LM’s rules should cover any communication between the domain server and you, if you use the domain server’s IP address where he says to use it.

If those rules of LM’s are at the bottom of the list then just move them to the top of the list. Try that and see what happens.

jasper

jasper2408 · May 14, 2007, 5:41am

I guess I didn’t answer your question very well.

Use LM’s 2 rules and also write the rule that I gave you and put them at the top of your Network Monitor list of rules.

Keep in mind that you may have to write some more rules to get it working so hang in there and don’t give up. ;D

jasper

hamburger · May 15, 2007, 1:57am

no luck.
i put all three rules which provided by both LM and you, but they didn’t work for me at all.
any other suggestions…

jasper2408 · May 15, 2007, 2:44am

Could you please save a new log, doing it the same way as you did before, and post it here so we can see what else is being blocked. Clear it then try to connect and then save it after you try and connect again.

Also could you please take a screenshot of your Network Monitor rules so we can look at those also.

thanks for your patience,

jasper

hamburger · May 15, 2007, 6:50am

log and snapshot

[attachment deleted by admin]