Jump to content
Not connected, Your IP: 3.147.36.106
Sign in to follow this  
dcodelanyto

Comodo firewall set up

Recommended Posts

I have followed the instructions at https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142

and am having connection problems.

Attached are:

- your network zones

- your global rules

- your application rules

- Comodo Firewall events logs

- your client logs

(not sure file is adding, will post to check)

Is there a file size limit? i have tried in chrome and exploder.

Share this post


Link to post

I have followed the instructions at https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142

and am having connection problems.

Attached are:

- your network zones

- your global rules

- your application rules

- Comodo Firewall events logs

- your client logs

(not sure file is adding, will post to check)

Is there a file size limit? i have tried in chrome and exploder.

Hello!

The upload file size limit is 1024 KB.

Your [Home #1] Network Zone is wrongly defined and/or overlaps with AirVPN Network Zone for port 443 UDP.

If your home zone is really 10.4.0.0/24 or similar, please let us know and we'll send you a simple solution which will require you to renounce to use port 443 UDP (not a problem).

Otherwise, please determine your real home network zone, if you're in doubt please send us the output of the command "ipconfig /all" from a command prompt while you are not connected to the VPN.

Kind regards

Share this post


Link to post

logs and rules uploaded, ipconfig uploaded.

I updated home #1 to 192.168.1.1 / 255.255.255.0 with no effect.

The ipconfig is taken from the host computer

virtual ipconfgi returns 192.168.1.11 / 255.255.255.0

subnet & gateway of 182.168.1.1

and same dns servers (i removed swiss foundation dns in early troubleshoot. will add back when basic non airvpn is back up)

Thanks for your attention.

Share this post


Link to post

logs and events attached.

Hello!

From the client logs, apparently you did not follow step 12 of the guide:

12) In order to allow "airvpn.org" resolution even when disconnected (and any other hostname you wish to be resolved even when VPN is disconnected), add to your hosts file the line

85.17.207.151 airvpn.org

Kind regards

Share this post


Link to post

palm to face,

updated host file,

readded swiss dns,

restarted,

ability to connect to airvpn remote server confirmed.

http browser test successful!

leaktest successful!

No resolve without airvpn connection. i can live with that, but any changes appreciated.

THANKS!

Great Service and Great Response!

attached settings for review

Share this post


Link to post

update:

re-did the DNS leak test (dnsleaktest.com) after about 4 hours of intermitten browsing,

no comodo changes, air vpn left engaged and now showing 3 local dns servers listed.

restarted machine, openvpn and airvpn,

connected to vpn, re-tested, confirmed leak.

did i have a false pass previous?

advice?

thanks

Share this post


Link to post

as i reconnect to caster repeatedly, i am noticing that I do not always have the same IP, the last node varies. I am going to try changing the global rules specified in step 10:

where the instruction suggest source address to be of type "IPv4 Single Address" it should be "IPv4 Address Range" where the last node is 0 - 255.

Alternatively i suppose i could define a network zone "Castor" with the range "95.211.169.0 - 95.211.169.255" and have the source address be of type "Network Zone".

but this would be a solution to NOT connecting via airvpn which is NOT the problem i am having . . . I am successfully connecting through the airVPN, but experiencing dns leak. my brain hurts . . .

Share this post


Link to post

Hello!

Unfortunately we can't read your new global rules, can you please send a bigger image? You can safely do that, file size limit is 1024 KB.

Kind regards

Share this post


Link to post

@decodelanyto

Hello!

Perfect, no leaks are displayed from the screenshots.

You can easily check for a DNS leak with Comodo active connections monitoring: if svchost.exe is communicating from 192.*.*.* instead of 10.*.*.* toward any IP, port 53 UDP, that's a DNS leak. For additional checking, please send us again your Network Zones.

Kind regards

Share this post


Link to post

Hi

When I open active connections in comodo,I sometimes do get communications from svchost 192... Instead of 10... Whilst connected to air and with the comodo leaks rules applied.

The destination address is always either 239.255.255.255 or 255.255.255.255 and the port is usually 67,is this a problem I should sort out...

Every other connection is from 10....I then run a check at dnsleaktest.com whilst these svchost exe connections are visible in my comodo active connections log,but the test always returns no leaks message.Any ideas?

Cheers D

Share this post


Link to post

Hi

When I open active connections in comodo,I sometimes do get communications from svchost 192... Instead of 10... Whilst connected to air and with the comodo leaks rules applied.

The destination address is always either 239.255.255.255 or 255.255.255.255 and the port is usually 67,is this a problem I should sort out...

Every other connection is from 10....I then run a check at dnsleaktest.com whilst these svchost exe connections are visible in my comodo active connections log,but the test always returns no leaks message.Any ideas?

Cheers D

Hello!

That's just fine as you can see from the allow rules.

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...