Firewall Walkthrough with Example

curatrix_pl · July 19, 2017, 8:35am

Good Morning

I am fairly new to Comodo ITSM, and this is the first time i am trying to configure the firewall. I have a number of new rules to add, but was hoping that someone would be able to provide me with a walkthrough for allowing an App through so i can relate the settings to what i already know. I have viewed the KB articles on the firewall, and whilst they explain what each setting is, they are missing a realworld example for it. If someone could provide me the steps to allow access to a SQL Server running behind a Comodo firewall on port 1433 from all LAN addresses, this would be much appreciated.

Many Thanks
Paul

Jordan_C · July 19, 2017, 9:33am

Hi @curatrix_pl ,

Please refer to these links:

Firewall Settings: https://help.comodo.com/topic-399-1-786-10204-Firewall-Settings-.html#Creating_and_Modifying_Network_Policie

Creating and Modifying Firewall Rulesets: https://help.comodo.com/topic-399-1-786-10204-Firewall-Settings-.html#fw_select_the%20application_that_you

Step 1 - Select the application that you wish the ruleset is to be applied.
Step 2 - Configure the rules for this application ruleset.

Please let us know if you need anything else. Thank you.

curatrix_pl · July 19, 2017, 10:35am

Many Thanks for your reply Jordan

I have already reviewed those articles and am still at a little bit of a loss. Are you able to provide step by step actions for a real world example so i can relate that to other firewall products.

For example, we have a customer that runs a Windows PC with SQL installed. They require LAN access to the SQL Server on port 1433.

What do i need to enter into to allow this connection to work for the LAN:

Application Rules
Global Rules
Rulesets
Portsets

I have tried using ‘Safe’ mode to see if the SQL Server is marked as a safe application by Comodo, but it doesn’t appear to be. When i enable the firewall in ‘Safe’ mode, it blocks communications, if i disable Comodo firewall, connections work for the SQL Server.

Jordan_C · July 19, 2017, 12:44pm

Hi @curatrix_pl ,

Please go to Configuration Templates>Profiles>select the name of profile>Firewall

Application Rules - click add>Type new file group target or select existing>click ok
Global Rules - click add>firewall rule
Rulesets - click add ruleset>firewall rule
Portsets - click add>enter port (1433)
Application Rules - to block/allow access to some addresses/ports only for some application(s)
Global Rules - to block/allow access to some addresses/ports for all applications in both directions (the highest priority)
Rulesets - the set of rules applicable for application rules
Portsets - the set of ports that can be used in application or global rules.

Please be careful about global rules: all conditions in one rule are combined by logical AND operation.

Please let us know if this helps. Thank you.

curatrix_pl · July 20, 2017, 6:51am

Thanks for your response Jordan, but i’m still lost. The rules are much more granular and fragmented than many firewall systems out there. I frequently use Router based firewalls and the setups of these are much more intuitive, such as identifying the source and destination, the service and the zone.

I will attempt to set these rules up on our development environment and come back with any further questions.

Regards
Paul