Jump to content
Not connected, Your IP: 3.144.38.184
Sign in to follow this  
Alfredo2571

Comodo-Settings

Recommended Posts

Hello,

I read the Instructions for setting Comodo Firewall

and I read several Posts on the Forum two.

Now I have some Questions.

What is the best/simple way to set Comodo Firewall?

Do I only have to follow the 14 steps Instruction?

Do I have to set Application Rules two

and block svchost.exe and outgoing Pakets on Port 53 over UDP?

Can I use a single Program by setting only Application Rules?

Kind Regards

Share this post


Link to post

Hello,

I read the Instructions for setting Comodo Firewall

and I read several Posts on the Forum two.

Now I have some Questions.

What is the best/simple way to set Comodo Firewall?

Do I only have to follow the 14 steps Instruction?

Do I have to set Application Rules two

and block svchost.exe and outgoing Pakets on Port 53 over UDP?

Can I use a single Program by setting only Application Rules?

Kind Regards

Hello!

Yes, with those global rules you don't need any application rule to prevent leaks. You may add application rules for particular needs (for example if you wish to block an application completely, even when tunneled).

Kind regards

Share this post


Link to post

10) Do the same for any entry-IP address of the VPN servers you wish to connect to. For example for Castor:

Allow TCP or UDP In/Out From IP 95.211.169.3 To MAC Any Where Source Port Is Any And Destination Port Is Any

Allow TCP or UDP In/Out From MAC Any To IP 95.211.169.3 Where Source Port Is Any And Destination Port Is Any

On Step 10, Is there a way to skip this and add all? Furthermore, where do I find the IPs for all these servers should I have to do it manually?

*edit*

I don't need a list, I can pull them from the application after login.

Share this post


Link to post

10) Do the same for any entry-IP address of the VPN servers you wish to connect to. For example for Castor:

Allow TCP or UDP In/Out From IP 95.211.169.3 To MAC Any Where Source Port Is Any And Destination Port Is Any

Allow TCP or UDP In/Out From MAC Any To IP 95.211.169.3 Where Source Port Is Any And Destination Port Is Any

On Step 10, Is there a way to skip this and add all? Furthermore, where do I find the IPs for all these servers should I have to do it manually?

Hello!

You can't skip that step. You need to allow communications to/from all the servers you want to connect to. Anyway, this is an operation that you need to perform once and for all.

You can find the entry-IP address with our configuration generator (menu "Member Area"->"Access without our client"). Generate the files for all the servers you wish to connect to and look at the line "remote" of the .ovpn files to know the entry-IP addresses of the servers.

Alternatively, ask for the entry-IP list with the "Contact us" form.

Kind regards

Share this post


Link to post

Hello,

testet different Rules,nom it seems to work.

DNS Leak Test is ok.

Can i use these Rules?

Kind Regards

Hello!

The rules do not appear to be complete in order to prevent any leak AND allow DHCP and communications within your home network and with our servers. Please follow the guidelines in this thread:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142

If you have any issue please do not hesitate to send us a report which includes all the required data as described here:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142#3512

Kind regards

Share this post


Link to post

Hello,

I tried the Guide on airvpn.org/index.php?option=com_kunena&a...=3405&Itemid=142,

but it won`t work.

can you give me the missing Rules,to finish my Setting?

Kind regards

Share this post


Link to post

Hello,

I tried the Guide on airvpn.org/index.php?option=com_kunena&a...=3405&Itemid=142,

but it won`t work.

can you give me the missing Rules,to finish my Setting?

Kind regards

Hello!

Of course. Please do not hesitate to send us a report which includes all the required data as described here:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142#3512

All the data are necessary in order to provide you with proper support.

Kind regards

Share this post


Link to post

I just want to thank admin for this useful info(https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142).

I only use Rule 8) and 10) and they work perfectly.

Before I learned this, I deleted the default route to prevent IP leaks, but the deleted route often comes back after I did something like plugging and unplugging the LAN cable and swithing static and DHCP, which were the only ways I knew to create the situation when a VPN dropped.

The tool from dnsleaktest.com also seems to try stop IP leaks.

When I use this tool, browsing web pages seems to become impossible when a VPN drops, but pinging IPs still responds.

So, as the admin insists, the firewall method seems to be the best of these three(... I use all of these when I use a VPN, though, since I don't see any negative impact for that).

Anyways, the admin here is the most knowledge and responsible VPN support guy I came across since bluethought at http-tunnel.

I haven't used AirVPN yet because I currently need a VPN just to hide my real IP but I'll subscribe to it when I go back to Japan, where the law could make innocent average net users a criminal.

PS: Please delete my post above this one(#4716).

Share this post


Link to post

I just want to thank admin for this useful info( https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142 ).

I only use Rule 8) and 10) and they work perfectly.

Before I learned this, I deleted the default route to prevent IP leaks, but the deleted route often comes back after I did somthing like plugging and unplugging the LAN cable and switching static and DHCP, which were the only ways I knew to create the situation when a VPN dropped.

The tool from dnsleaktest.com also seems to try stop IP leaks.

When I use this tool, browsing web pages seems to become impossible when a VPN drops, but pinging IPs still responds.

So, as the admin insists, the firewall method seems to be the best of these three(..., I use all of these when I use a VPN, though, since I don't see any negative impact for that...).

Anyways, the admin here is the most knowledge and responsible VPN support guy I came across since bluethought at http-tunnel.

I haven't used AirVPN yet because I currently need a VPN just to hide my real IP but I'll subscribe to it when I go back to Japan, where the law could make innocent average net users a criminal.

Share this post


Link to post

Hello,

you only use the Rules 8 and 10?

Rule 8 allows communication of the TAP-WIN32 Adapter

and Rule 10 is for connecting to VPN-Servers.

How will this prevent DNS Leaks?

You have no Rules for your physical Adapter,or other Rules as described in the main thread?

Kind regards

Share this post


Link to post

Hello Alfredo,

Actually I wrote a reply to you twice, but they were gone since the sessions were expired, which is pretty discouraging...https://airvpn.org/components/com_kunena/template/default/images/emoticons/sad.png

So, I don't think I can write the detailed answer again.

All I can say right now is those 4 rules are the "maximum" rule set to prevent "DNS leaks"(not IP leaks) on my PC.

I mean, if I add even one more other rule, a dns leak will happen.

I don't know about AirVPN (I'm not an AirVPN user) but I tried more than 10 VPNs available on the net and all worked fine.

I ran DNS tests at dnsleaktest.com, dns-oarc.net and grc.com to confirm that.

You might need all the rules if you do P2P(I don't do P2P) but this rule set seems to work fine for web browsing.

-malta

Share this post


Link to post

For some reasons, I can't edit my post above..

Anyway, here are some corrections.

1. ... "DNS leaks"(not IP leaks) on my PC.

The rule set does prevent IP leaks, too.

Here, I just wanted to emphasize that I was talking about "DNS leaks", not about IP leaks.

Sorry about the confusion.

2. I tried more than 10 VPNs available on the net

All VPNs I tested are free ones.

I've never subscribed to any paid VPN services yet...

I tried more than 10 VPNs available on the net

Share this post


Link to post

I just want to add one more thing.

This is just my non-professional opinion, based on observation.

As I mentioned before, I agree with the admin on that the firewall method is the most pratical way to prevent IP & DNS leaks of the aforementioned methods.

Having said that, I feel the other methods are more appropriate for some cases and so I think we should use them all.

I don't think we can leave all the protection to Comodo.

I mean, what if Comodo also drops or can't hold?

Besides, when I ping an IP after a VPN drops, with delete-default-route method, I get the message that "Destination host unreachable", which sounds like no data can be sent outside the VPN route.

OTOH, as for the firewall method, the message is, "Request timed out", which sounds like to me that an IP leak could happen after the time limit.

- malta

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...