Comodo Dome -- Bug Report and Feature Request Thread

Can we get a bug report and feature request sticky like the other pages please?

One feature request id like to have would be when removing the agent from a machine have it remove that device from the list of Roaming Agents (retaining the data though, so reporting still works).

@Joners We appreciate the recommendation. We will have the team look into this as a feature request.

Hey Joners,

Thanks for the input. We have this in our roadmap plus further improvements including use of Roaming Agent behind captive portals and within company network (e.g Active Directory/internal server communication cases), improvements for Agent itself and Roaming Agent Management interface.

Please keep your feedback coming and lets make this thread sticky.

A Linux/Unix update agent would also be very nice.

Hello @sse1177,

We would like to know more about your request, Please correct me if I’m wrong, you would like to have a roaming agent available for Linux/Unix? Thank you and looking forward to your response.

For the firewall:

  • Customized Zones
  • More DHCP options (For example for PXE or multiple gateways)
  • Always on VPN
  • More URLs in the catalogs (e.g. youp*rn.com is not listed as pornographic).
  • Site2Site VPN: Defining multiple remote networks (Not just a single range).
  • Use AD Users as Administrators.
  • Radius support.
  • Exceptions (URL-List or patterns) for the Advanced Threat Protection

Hello @Weatherlights,

We appreciate the suggestions. Before we send this to the development team, we would like to know more about what you want to see in these features. The developers can flesh out these features once we can provide elaborate details.

Thank you.

Hi Riley

thank you for your reply. Sure :slight_smile: Hope this will explain everything a little bit:

  • Customized Zones: Very simple… I want to define my own zones to organize my network and firewall rules. LAN, WIFI, DMZ and Internet are good but I have far more zones, like an AD Zone, a Guest Zone etc.
  • More DHCP Options: I usually have to fallback to Microsoft DHCP for some networks since most implemented DHCP servers do not provide advanced options. For example multiple gateways, class based routes or PXE paramters. PXE is required for OS deployment for example. I would love to see the DFL as the only DHCP server in the network but for that matter it needs to provide more advanced features.
  • Always on VPN: My dream is a VPN solution that is authenticating the computer and is always connected (like Microsoft Direct Access) so that computers can always access content on the local network without dailing in. Best would be if this VPN solution is online before the user logged in. I am using OpenVPN currently for this but many of my colleagues are searching for a firewall with such a feature.
  • Site2Site VPN: At the moment I can just define a range of addresses that are on the remote network but this can only be a single range. But sometimes you have multiple address ranges on the remote network like 10.1.0.0/16 and 172.16.8.1/24.
  • Use AD Users as Administrators: You know… just having one administrator account: Makes management easier.
  • Radius support: FWL should be able to work as a radius client so that authentication can be managed by a radius server. This allows a network administrator to define more advanced security roles and manage network access from a single location.
  • Exceptions for the URL-List: When an automatic updater is downloading stuff over HTTPS it needs to access files directly and will fail when a firewall intercepts the traffic (for example with a download page).

Oh and what I forgot:

  • IPv6 support (if not implemented yet)
  • ISO-File for the central management tool… I am using Hyper-V for virtualization and OVA is not my file type :).

Hello @Weatherlights,

We appreciate for providing additional details to the features. We will have our development team check on your suggestion and we will keep you posted on this forum page and to the support ticket that will be associated with the request. We greatly appreciate your suggestions which surely helps to improve the product. Thank you

For Comodo Dome firewall:

Google Safesearch option. This will disable searching of adult content on google search image and url.
Youtube For School. This will disable searching of adult content on youtube search.
Proxy Autoconfiguration file generation and allow from proxy to bypass certain user’s (from AD) / computer MAC or IPs.
Customize Comodo Dome FW block message and Template.
Allow to send comments or errors to Admin when a page is incorrectly categorized from blocked contect page.

Hey.

I have something that I would call a bug or at least ‘not good’.

When ever I edit a firewall rule or something similar the firewall drops all connections (This includes remote desktop and so on). This makes it quiet hard to configure anything during business hours since the users are getting disconnects and have the feeling that everything is not reliable.

It would be cool if existing connections are only dropped if the firewall rule affects them,

This evening Dome Standard has started to block Microsoft.com which isnt in any category we are blocking.

The error page being displayed is also not the custom page we have designed.

Widgets on the dome dashboard are no longer updating.

  • Add a way to manage Onsite/Hosted “Dome Firewall Central Manager and Virtual Appliance” from a central point, just like Cisco Meraki or Vmware Vcental where you just have to add your Onsite/Hosted device/instance to the Central Management and from it make necessary changes without having to go to the device/instance itself?.
  • Ability to map the instance/Device from a site and location perspective like, ex: Site= Company Address / Location:Office or HR or IT Room / GEO Localization: Coordinates HERE.
  • Security based added for tech/admins/etc…

Hello @axatech,

Thank you very much for providing us your suggestions. Your input is important to us as it will help to improve the usefulness of C1 for the entire users community. We will create a support ticket for your requests and please reply at your convenience.

iOS Activation Link for CDome Agent / VPN

The iOS activation link doesnt work if you try and click on it when using Outlook for iOS or via Safari. We exclusively use Outlook for iOS for all of our mobiles as per MS’s recommendations for Office 365. The link starts… “shieldmobile://details/?uuid=”

Hi @Joners
We will definitely forward your concern to our product development team so it can be remedied ASAP. A support ticket will be sent to you acknowledging your concern. Thank you.

Hi @Joners,

This is actually because iOS does not let you redirect users from an e-mail to somewhere unless it is their own mail application. At the moment, there is no work-around for it. We are discussing to change our all scenario for activating the apps because of this. Right now, this is the way it works. Our development team will try to improve our user experience with apps in the future.

One the basic functionality of firewall is vlan interface, just like pfsense or asa. Please make it happen.

@mahdi.asgari ,

We thank you for sharing your input. We’ll make sure that our Product team gets this info for analysis. We’ll make sure to inform you of their feedback. Thank you for supporting the Comodo Community.

Where is the VPN Policy Tab in the Free version?
Installed 2.5.0.