Jump to content
Not connected, Your IP: 18.191.107.181
Sign in to follow this  
Sailorman

[SOLVED] Keep getting warning on PortForward Check

Recommended Posts

I set up VPN and installed Comodo FW (3 times, BTW. As I soon found out, any remnant of ZoneAlarm will render Comodo inoperable and it's a tenacious program that is nearly impossible to get rid of entirely).

Anyway, I generated a tcp/udp forwarded port automatically, leaving the fields for remote and local port blank.

The resulting local port is the same port for "local", (13761), and appeared on the top of the result box, whatever that signifies.

It is entered in Bittorent as the listening port and seems to be working fine, as verified by the connection log in Comodo.

The configuration for Comodo Firewall is working fine and the outbound connection drops if Air is disconnected.

I am connected to the internets via a simple cable modem and one PC running 32 bit Win7.

So, if any port is being automatically forwarded by my modem, it's news to me. I know zero about ports or forwarding and less about routers, therefore don't know how to tell one way or the other.

Nonetheless, the port check always gives me the warning "DANGER! Reachable on real IP over the external port 13761, tcp protocol." and the red token.

I want a green token dammit!!

What can I try? What am I doing wrong? I've spent at least 20 hours tweaking this and I give up.

TIA

Share this post


Link to post

I set up VPN and installed Comodo FW (3 times, BTW. As I soon found out, any remnant of ZoneAlarm will render Comodo inoperable and it's a tenacious program that is nearly impossible to get rid of entirely).

Anyway, I generated a tcp/udp forwarded port automatically, leaving the fields for remote and local port blank.

The resulting local port is the same port for "local", (13761), and appeared on the top of the result box, whatever that signifies.

It is entered in Bittorent as the listening port and seems to be working fine, as verified by the connection log in Comodo.

The configuration for Comodo Firewall is working fine and the outbound connection drops if Air is disconnected.

I am connected to the internets via a simple cable modem and one PC running 32 bit Win7.

So, if any port is being automatically forwarded by my modem, it's news to me. I know zero about ports or forwarding and less about routers, therefore don't know how to tell one way or the other.

Nonetheless, the port check always gives me the warning "DANGER! Reachable on real IP over the external port 13761, tcp protocol." and the red token. :angry:

I want a green token dammit!!

What can I try? What am I doing wrong? I've spent at least 20 hours tweaking this and I give up.

TIA

Hello!

It is likely that your modem/router keeps all ports opened, exposing you to correlation attacks. If you can configure your router, make sure to close (or put on stealth mode) port 13761.

If you can't configure it, with Comodo detect your network zone related to your router (probably 192.168.*.*). Go to "Firewall"->"Network Security Policy" and tell Comodo to drop incoming packets for that zone toward port 13761 (tab "Global Rules").

Please do not hesitate to contact us for any further information.

Kind regards

Share this post


Link to post

Evidently I can't configure my router.

(Home #2 is my router, I assume. Comodo Identifies it as 192.168.56.1/255.255.255.255)

So, I tried to use Comodo to set up the Global Rule as follows:

"Block TCP or UDP In from In (Home #2) to MAC Any Where Source Port Is Any and Destination Port is 13761"

"Block TCP or UDP In from MAC Any to In (Home #2) Where Source Port Is Any and Destination Port is 13761"

I Wasn't sure whether to use Home #2 as the source or destination, so I tried it both ways.

Still I get the Red warning.

What have I done wrong?

Share this post


Link to post

Evidently I can't configure my router.

(Home #2 is my router, I assume. Comodo Identifies it as 192.168.56.1/255.255.255.255)

So, I tried to use Comodo to set up the Global Rule as follows:

"Block TCP or UDP In from In (Home #2) to MAC Any Where Source Port Is Any and Destination Port is 13761"

"Block TCP or UDP In from MAC Any to In (Home #2) Where Source Port Is Any and Destination Port is 13761"

I Wasn't sure whether to use Home #2 as the source or destination, so I tried it both ways.

Still I get the Red warning.

What have I done wrong?

Hello!

The second rule looks correct. Make sure it is not overridden by previous "Allow" rules: put it on top.

Kind regards

Share this post


Link to post

Did it that way and put in on top of global rules. I'm still getting the red token.

Any other ideas? This is getting frustrating.

Share this post


Link to post

Did it that way and put in on top of global rules. I'm still getting the red token.

Any other ideas? This is getting frustrating.

Hello!

Do you get a gray token when your torrent client is not running?

Kind regards

Share this post


Link to post

Did it that way and put in on top of global rules. I'm still getting the red token.

Any other ideas? This is getting frustrating.

Hello!

We performed an independent port scan (that is, independent of the test which gives you a red token) on that port on your real IP address, and we can confirm you that you are reachable on that port on the IP address you were connected from. Something replied back on TCP. So the red token is correct.

First, determine the program which is responding on that port, turn it off and re-perform the test. You should obtain a gray token. If not, there's some other thing listening on that port, TCP.

If you obtain correctly the gray token, check with Comodo that the Home #2 network zone is really the zone for which you want to drop the incoming packets. You can also try to block all the packets for that zone NOT coming from the Air server entry-IP address you're connected to: if the zone is correct, you should lose connectivity when you disconnect from the VPN server.

Additionally, add a rule for the BitTorrent client, block it for all outgoing packets NOT coming from IP range 10.4.0.0->10.9.255.255, so that the torrent client can't send out any packet outside the tunnel.

We're looking forward to hearing from you.

Kind regards

Share this post


Link to post

Hi,

Yes, gray/blue "Not reachable on server IP over the external port 13761, tcp protocol. Error : 110 - Connection timed out"

I've got the ports on "stealth" on a "per case" bases (option 2) via Comodo, if that makes any difference.

Thanks

Share this post


Link to post

Hello!

First, determine the program which is responding on that port, turn it off and re-perform the test. You should obtain a gray token. If not, there's some other thing listening on that port, TCP.

O.K.. That must have been bittorent. I turned it off and got a gray token.

If you obtain correctly the gray token, check with Comodo that the Home #2 network zone is really the zone for which you want to drop the incoming packets. You can also try to block all the packets for that zone NOT coming from the Air server entry-IP address you're connected to: if the zone is correct, you should lose connectivity when you disconnect from the VPN server.

I will try blocking tht zone before I check with Comodo. Lord knows when I'll hear anything from them.

Additionally, add a rule for the BitTorrent client, block it for all outgoing packets NOT coming from IP range 10.4.0.0->10.9.255.255, so that the torrent client can't send out any packet outside the tunnel.

This part I have already done and it seems to work perfectly according to the logs.

We're looking forward to hearing from you.

Kind regards

You will. Count on it.

Thank you.

Share this post


Link to post

Hi,

Yes, gray/blue "Not reachable on server IP over the external port 13761, tcp protocol. Error : 110 - Connection timed out"

I've got the ports on "stealth" on a "per case" bases (option 2) via Comodo, if that makes any difference.

Thanks

Hello!

Thus it is sure that the the torrent client is the responsible, as expected from the red token.

With your new setup, you will be prompted by Comodo what to do with incoming packets, however we're afraid it will not be easy to discern which packets you should accept and which reject, because you will see them coming anyway from the same, real IP address, regardless whether they have been sent through the tunnel or directly to your real IP address.

Kind regards

Share this post


Link to post

Hi,

Yes, gray/blue "Not reachable on server IP over the external port 13761, tcp protocol. Error : 110 - Connection timed out"

I've got the ports on "stealth" on a "per case" bases (option 2) via Comodo, if that makes any difference.

Thanks

Hello!

Thus it is sure that the the torrent client is the responsible, as expected from the red token.

With your new setup, you will be prompted by Comodo what to do with incoming packets, however we're afraid it will not be easy to discern which packets you should accept and which reject, because you will see them coming anyway from the same, real IP address, regardless whether they have been sent through the tunnel or directly to your real IP address.

Kind regards

I haven't run into that yet, as I haven't been doing downloading, only seeding. I haven't been prompted yet. I'm waiting to get the other problem solved so that I will be able to safely assume anything incoming will have been sent through the tunnel.

I'm about to disconnect from Air now to check if the Home #2 is the correct ip range.

My new global rule is:

Block TCP or UDP In/Out Frmo IP Not 69.163.36.66 (entry vega) to In (Home #2) Where source port is Any and Destination Port is Any

Thanks

Share this post


Link to post

Well I'm back. Unfortunately.

The last rule didn't do anything.

I stayed connected.

I take that to mean that either my rule was written wrong, or Home #2 is not the correct zone.

I will edit that rule with any other zone that seems to make sense in the list of zones on Comodo.

I looked through the list of connections with an ipconfig/all command in the cmd window.

Is there any clue to be gotten from that mess?

Thanks

Share this post


Link to post

Well I'm back. Unfortunately.

The last rule didn't do anything.

I stayed connected.

I take that to mean that either my rule was written wrong, or Home #2 is not the correct zone.

I will edit that rule with any other zone that seems to make sense in the list of zones on Comodo.

I looked through the list of connections with an ipconfig/all command in the cmd window.

Is there any clue to be gotten from that mess?

Thanks

Hello!

Sure, ipconfig /all will display all the adapters and relevant info about them.

Kind regards

Share this post


Link to post

O.K., Here's the ipconfig file. I think "Home #2" was the Ethernet adapter VirtualBox Host-Only Network: It has the IP address put into Home #2 Zone by Comodo.

Now, the question is; out of what is left, what is forwarding my port? There's no mention of my crappy little cable modem here of course.

***************************************************

C:\Users\User>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : User-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : xxxxxx.com

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP-Win32 Adapter V9

Physical Address. . . . . . . . . : 00-FF-CE-0B-94-9A

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IPv4 Address. . . . . . . . . . . : 10.4.xx.xxx(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.252

Lease Obtained. . . . . . . . . . : Monday, April 09, 2012 10:39:13 AM

Lease Expires . . . . . . . . . . : Tuesday, April 09, 2013 10:39:13 AM

Default Gateway . . . . . . . . . :

DHCP Server . . . . . . . . . . . : 10.4.xx.xxx

DNS Servers . . . . . . . . . . . : 10.4.x.x

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft Loopback Adapter

Physical Address. . . . . . . . . : 02-00-4C-4F-4F-50

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::b03d:xxxxxx:xxxx%13(Preferred)

IPv4 Address. . . . . . . . . . . : 10.xxx.xxx.x(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.xxx.0

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 48xxxxxxx

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-6F-3A-DBxxxxxx

DNS Servers . . . . . . . . . . . : fec0:0:0:xxxx

fec0:0:0:xxxxx

fec0:0:0:xxxxx

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :xxxxxxx.com

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controlle

r

Physical Address. . . . . . . . . : 00-1A-A0-09-67-86

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::607a:xxxxxxx(Preferred)

IPv4 Address. . . . . . . . . . . : 65.xxxxx(Preferred)

Subnet Mask . . . . . . . . . . . : 255.xxx0

Lease Obtained. . . . . . . . . . : Monday, April 09, 2012 12:28:52 AM

Lease Expires . . . . . . . . . . : Monday, April 09, 2012 3:37:29 PM

Default Gateway . . . . . . . . . : 65.35.xx.x

DHCP Server . . . . . . . . . . . : 10.96.240.1

DHCPv6 IAID . . . . . . . . . . . : 234887840

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-6F-3A-DB-00

DNS Servers . . . . . . . . . . . : 65.32.5.111

65.32.5.112

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter

Blah, Blah, Bah, Blah,........................................

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Share this post


Link to post

O.K., Here's the ipconfig file. I think "Home #2" was the Ethernet adapter VirtualBox Host-Only Network: It has the IP address put into Home #2 Zone by Comodo.

Hello!

This explains why the rules did not have the expected effect.

Now, the question is; out of what is left, what is forwarding my port? There's no mention of my crappy little cable modem here of course.

...we don't understand this question, anyway from your paste it appears that the network card you're interested in is the Broadcom 440x 10/100 Integrated Controller.

Kind regards

Share this post


Link to post

AAAHHHH......:woohoo: The problem was that it was too simple!! :dry:

All this time I was thinking it was a the cable modem forwarding my port when it was just a stupid ethernet card.

Anyway I GOT A GREEN TOKEN!! And you've been great for waking me through this.

Thank you VERY MUCH. I can go to sleep tonight, and it's not even noon yet.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...