Dome Firewall Virtual Appliance is here!

RT-AMS · October 28, 2017, 3:59am

This is great news as it makes buying PC for this easier.

Can you still have a wifi zone with only 2 NIC using VLANS ?

BOSS · October 28, 2017, 8:35pm

Great, looking forward to it.

Noiden · October 30, 2017, 9:35am

Hmm, is this if you running it “bare metal”? Because I’m running with two NIC’s on a virtual machine now without any problem.

BOSS · November 2, 2017, 4:14pm

So is this ready to download?? I am at a place to try it if so!!

BOSS · November 2, 2017, 4:40pm

Well, tried to redownload the ISO, from your link earlier in the post, it did not have a version nuymber so I assumed it was the latest version. It did not work either. I guess I will go to the site to see if there is any versioning on there so I know what I am downloading.

Edit: I went to your site, and tried to download it, would not take my credentials in the fields, says I am not a user, but I already have the license for it in my partner portal. Could you please get me the link to download the latest version?? I kinda need it today, as I will not be in a place to try this again for some time.

Raymond_Co · November 2, 2017, 6:24pm

Hi @BOSS,

Would this be the link that you are referring to? https://download.comodo.com/dome-repo/dome-fw-image/domefirewall.iso

We did try to access the same link but was never asked for any credentials.

BOSS · November 2, 2017, 7:36pm

Nope, on this page https://cdome.comodo.com/firewall/ I am also trying to in stall the UTM from the link you sent, I keep getting an error in the kickstart file, on line 8.
Unknown command: block

Install exited abnormally [1/1]

The system will be rebooted when you press Ctrl-c or ctrl-Alt-Delete

Any ideas on how to get around this issue??

Anna_C · November 2, 2017, 10:38pm

Hello @BOSS,

We will communicate with you shortly via email for the process in resolving this case in downloading ISO.

Thank you for your patience.

aoit · November 7, 2017, 7:53pm

I had this issue as well, but I was trying to install it from a bootable USB flash drive. I then burned the ISO to a DVD and it installed without a problem.

BOSS · November 7, 2017, 10:15pm

I was using a USB DVD burner to try it, it did not work, so I got an internal DVD ROM, and it gets to this point, before it did not even get this far. But thanks for the idea, I will look into it more when I get onsite again, in a few days.

Raymond_Co · November 8, 2017, 6:28pm

@BOSS, for installation firewall, you will need two ethernet adapters.

aoit · November 8, 2017, 8:22pm

I am currently testing the Comodo Dome Firewall on a physical appliance and have a question about the SSL Interception. Currently I am blocking certain categories, except if the blocked category is accessed by SSL. If I turn the SSL Intercept on, the blocked category is then inaccessible but google and msn and others are not accessible by saying incorrect certificate. What can I do about that? In the help it stated there was an HTTPS Exception list, but I currently do no have that tab in my deployment.

Anna_C · November 9, 2017, 12:49am

Hello @aoit,

We will collect information from our developers and provide you with an update as soon as we can regarding with your query about SSL Interception.

Thank you for your patience.

Emily_C · November 9, 2017, 6:59am

Hi @aoit

It might be the old version of dome firewall that was previously downloaded, due to the changes lately, (a couple of months ago) Chrome looks for additional things in SSL certs.

There were no reported issues with the latest Chrome version as far as the latest Comodo release is concerned.

May we ask for your Dome Firewall version? Which browser and version do you use for testing such cases?

Thanks,
~Emily

aoit · November 15, 2017, 2:16am

Emily,

The version is 2.1 and i tried with both Chrome and Edge browsers

Anna_C · November 15, 2017, 3:32am

Hello @aoit,

We will work with our development team for the process in resolving this case. We will create a support ticket and please do reply at your convenience.

Thank you for your patience.

aoit · November 23, 2017, 6:10pm

I haven’t heard anything more regarding the SSL intercept issue. Is there an update?

Rick_C · November 23, 2017, 8:54pm

Hi @aoit
We will update you through the support ticket email as soon as we get an update from the product development team.

vitalsupport · November 26, 2017, 6:46am

@aoit Sounds to me that have to install Comodo’s SSL proxy certificate on the computers so they trust the certificate they are being presented. Let’s say you go to the HTTPS version of the MSN.com website. The browser is expecting the certificate it gets from MSN.com to match the URL you entered. However, when it’s going through the SSL proxy the firewall is connecting to MSN.com on your behalf and your browser is now seeing a Comodo proxy certificate that does not match the MSN.com domain so the browser complains about the mismatch. Installing the proxy certificate resolves that by allowing the browser to trust the proxy cert.

Comodo’s cDome Standard docs talk about the setup of the proxy cert in the firewall. https://help.comodo.com/topic-436-1-901-11536-.html
I did not find a Comodo doc explaining how to install the proxy cert at the computer or browser level. This is a link to a Cisco doc on the subject: https://support.opendns.com/hc/en-us/articles/227987007-Block-Page-Errors-Installing-the-Cisco-Root-CA. Of course, you have to use the proxy cert from the Comodo firewall, not Cisco’s.

Regards,
-felipe

bulut · November 26, 2017, 4:57pm

Hi aoit,

You have installed the SSL cert on the browser right ?
That can be achieved by going to Proxy > HTTP in your Dome Firewall UI then select HTTPS tab on top.

On that screen you should see a “Download” link in red. Upon click, it will download the SSL Cert of Dome Firewall and after you install that into your browsers, SSL Interception should work just fine.