Alfredo2571 2 Posted ... Hello, I read the Instructions for setting Comodo Firewall and I read several Posts on the Forum two. Now I have some Questions. What is the best/simple way to set Comodo Firewall? Do I only have to follow the 14 steps Instruction? Do I have to set Application Rules two and block svchost.exe and outgoing Pakets on Port 53 over UDP? Can I use a single Program by setting only Application Rules? Kind Regards Quote Share this post Link to post
Staff 9972 Posted ... Hello,I read the Instructions for setting Comodo Firewalland I read several Posts on the Forum two.Now I have some Questions.What is the best/simple way to set Comodo Firewall?Do I only have to follow the 14 steps Instruction?Do I have to set Application Rules twoand block svchost.exe and outgoing Pakets on Port 53 over UDP?Can I use a single Program by setting only Application Rules?Kind RegardsHello!Yes, with those global rules you don't need any application rule to prevent leaks. You may add application rules for particular needs (for example if you wish to block an application completely, even when tunneled).Kind regards Quote Share this post Link to post
qr46100gb 2 Posted ... 10) Do the same for any entry-IP address of the VPN servers you wish to connect to. For example for Castor: Allow TCP or UDP In/Out From IP 95.211.169.3 To MAC Any Where Source Port Is Any And Destination Port Is Any Allow TCP or UDP In/Out From MAC Any To IP 95.211.169.3 Where Source Port Is Any And Destination Port Is Any On Step 10, Is there a way to skip this and add all? Furthermore, where do I find the IPs for all these servers should I have to do it manually? *edit* I don't need a list, I can pull them from the application after login. Quote Share this post Link to post
Staff 9972 Posted ... 10) Do the same for any entry-IP address of the VPN servers you wish to connect to. For example for Castor:Allow TCP or UDP In/Out From IP 95.211.169.3 To MAC Any Where Source Port Is Any And Destination Port Is AnyAllow TCP or UDP In/Out From MAC Any To IP 95.211.169.3 Where Source Port Is Any And Destination Port Is AnyOn Step 10, Is there a way to skip this and add all? Furthermore, where do I find the IPs for all these servers should I have to do it manually?Hello!You can't skip that step. You need to allow communications to/from all the servers you want to connect to. Anyway, this is an operation that you need to perform once and for all.You can find the entry-IP address with our configuration generator (menu "Member Area"->"Access without our client"). Generate the files for all the servers you wish to connect to and look at the line "remote" of the .ovpn files to know the entry-IP addresses of the servers.Alternatively, ask for the entry-IP list with the "Contact us" form.Kind regards Quote Share this post Link to post
Alfredo2571 2 Posted ... Hello, is there anyone who can post his working global Rules? I tried several Rules,but nothing works Kind Regards Quote Share this post Link to post
Alfredo2571 2 Posted ... Hello, testet different Rules,nom it seems to work. DNS Leak Test is ok. Can i use these Rules? Kind Regards Quote Share this post Link to post
Staff 9972 Posted ... Hello,testet different Rules,nom it seems to work.DNS Leak Test is ok.Can i use these Rules?Kind RegardsHello!The rules do not appear to be complete in order to prevent any leak AND allow DHCP and communications within your home network and with our servers. Please follow the guidelines in this thread:https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142If you have any issue please do not hesitate to send us a report which includes all the required data as described here:https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142#3512Kind regards Quote Share this post Link to post
Alfredo2571 2 Posted ... Hello, I tried the Guide on airvpn.org/index.php?option=com_kunena&a...=3405&Itemid=142, but it won`t work. can you give me the missing Rules,to finish my Setting? Kind regards Quote Share this post Link to post
Staff 9972 Posted ... Hello,I tried the Guide on airvpn.org/index.php?option=com_kunena&a...=3405&Itemid=142,but it won`t work.can you give me the missing Rules,to finish my Setting?Kind regardsHello!Of course. Please do not hesitate to send us a report which includes all the required data as described here:https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142#3512All the data are necessary in order to provide you with proper support.Kind regards Quote Share this post Link to post
maltasan 1 Posted ... I just wanted to thank admin for the this info. Quote Share this post Link to post
maltasan 1 Posted ... I just want to thank admin for this useful info(https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142). I only use Rule 8) and 10) and they work perfectly. Before I learned this, I deleted the default route to prevent IP leaks, but the deleted route often comes back after I did something like plugging and unplugging the LAN cable and swithing static and DHCP, which were the only ways I knew to create the situation when a VPN dropped. The tool from dnsleaktest.com also seems to try stop IP leaks. When I use this tool, browsing web pages seems to become impossible when a VPN drops, but pinging IPs still responds. So, as the admin insists, the firewall method seems to be the best of these three(... I use all of these when I use a VPN, though, since I don't see any negative impact for that). Anyways, the admin here is the most knowledge and responsible VPN support guy I came across since bluethought at http-tunnel. I haven't used AirVPN yet because I currently need a VPN just to hide my real IP but I'll subscribe to it when I go back to Japan, where the law could make innocent average net users a criminal. PS: Please delete my post above this one(#4716). Quote Share this post Link to post
maltasan 1 Posted ... I just want to thank admin for this useful info( https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142 ). I only use Rule 8) and 10) and they work perfectly. Before I learned this, I deleted the default route to prevent IP leaks, but the deleted route often comes back after I did somthing like plugging and unplugging the LAN cable and switching static and DHCP, which were the only ways I knew to create the situation when a VPN dropped. The tool from dnsleaktest.com also seems to try stop IP leaks. When I use this tool, browsing web pages seems to become impossible when a VPN drops, but pinging IPs still responds. So, as the admin insists, the firewall method seems to be the best of these three(..., I use all of these when I use a VPN, though, since I don't see any negative impact for that...). Anyways, the admin here is the most knowledge and responsible VPN support guy I came across since bluethought at http-tunnel. I haven't used AirVPN yet because I currently need a VPN just to hide my real IP but I'll subscribe to it when I go back to Japan, where the law could make innocent average net users a criminal. Quote Share this post Link to post
Alfredo2571 2 Posted ... Hello, you only use the Rules 8 and 10? Rule 8 allows communication of the TAP-WIN32 Adapter and Rule 10 is for connecting to VPN-Servers. How will this prevent DNS Leaks? You have no Rules for your physical Adapter,or other Rules as described in the main thread? Kind regards Quote Share this post Link to post
maltasan 1 Posted ... Hello Alfredo, Actually I wrote a reply to you twice, but they were gone since the sessions were expired, which is pretty discouraging...https://airvpn.org/components/com_kunena/template/default/images/emoticons/sad.png So, I don't think I can write the detailed answer again. All I can say right now is those 4 rules are the "maximum" rule set to prevent "DNS leaks"(not IP leaks) on my PC. I mean, if I add even one more other rule, a dns leak will happen. I don't know about AirVPN (I'm not an AirVPN user) but I tried more than 10 VPNs available on the net and all worked fine. I ran DNS tests at dnsleaktest.com, dns-oarc.net and grc.com to confirm that. You might need all the rules if you do P2P(I don't do P2P) but this rule set seems to work fine for web browsing. -malta Quote Share this post Link to post
maltasan 1 Posted ... For some reasons, I can't edit my post above.. Anyway, here are some corrections. 1. ... "DNS leaks"(not IP leaks) on my PC. The rule set does prevent IP leaks, too. Here, I just wanted to emphasize that I was talking about "DNS leaks", not about IP leaks. Sorry about the confusion. 2. I tried more than 10 VPNs available on the net All VPNs I tested are free ones. I've never subscribed to any paid VPN services yet... I tried more than 10 VPNs available on the net Quote Share this post Link to post
maltasan 1 Posted ... I just want to add one more thing. This is just my non-professional opinion, based on observation. As I mentioned before, I agree with the admin on that the firewall method is the most pratical way to prevent IP & DNS leaks of the aforementioned methods. Having said that, I feel the other methods are more appropriate for some cases and so I think we should use them all. I don't think we can leave all the protection to Comodo. I mean, what if Comodo also drops or can't hold? Besides, when I ping an IP after a VPN drops, with delete-default-route method, I get the message that "Destination host unreachable", which sounds like no data can be sent outside the VPN route. OTOH, as for the firewall method, the message is, "Request timed out", which sounds like to me that an IP leak could happen after the time limit. - malta Quote Share this post Link to post
Not connected, Your IP: 18.188.219.131
Online: 26519 users - 344676 Mbit/s total BW