Comodo Firewall blocks Cisco Anyconnect VPN

Question

I am running Comodo Internet Security Firewall (6.3) and trying to connect to work using Cisco AnyConnect VPN client. I can make the connection but can't do anything else, not even ping by IP address.

The only solution I've found is to disable the Comodo Firewall Driver. That solution (along with the alternative: uninstalling Comodo) is mentioned in this article, but I would like to keep Comodo and the firewall driver in place.

As soon as I deselect the Comodo driver and press OK, things work; as soon as I reselect the driver and press OK, things stop working. As mentioned in the article, turning the firewall off does not solve the problem.

I tried setting the Alert Frequency to Very High, in an attempt to get a popup message reporting the problem, but this doesn't help. I've also changed a number of firewall rules to write to the firewall log, but still no clues.

Any other thoughts on how to solve this?

score 2 · Answer 1 · edited Nov 26 '14 at 14:31

2

As it is written here https://dotcio.rpi.edu/node/409

There are only two options:

- Use Control Panel. Open Network and Internet option and there open Network and Sharing Center.
- Select Change adapter settings, right-click on Cisco AnyConnect Secure Mobility Client Connection and there choose Properties.
- Then deselect the Comodo driver and click OK.
Delete Comodo

edited Nov 26 '14 at 14:31

Nifle

34,998

answered Nov 26 '14 at 14:07

mowgli_

21

score 0 · Answer 2 · answered Jul 29 '14 at 10:27

Yes, COMODO had a long history of not being compatible with VPNs however here is workaround:

Open Comodo->Firewall->Advanced->Network security policy->Add…->Select->Running processess…->System Idle Process (or System if you don’t see System Idle Process)

Now, you should be back to Application Network Access Control window.

Select Add…

Action: Allow Protocol,

IP Direction: Out,

Description: GRE Out Allowed Check, if you want, “Log as a firewall event if this rule is fired”

Source Address: Any (or select what you think is better),

Destination Address: Any (or select what you think is better),

IP Details: GRE

Hope it could help

score 0 · Answer 3 · edited Jul 18 '15 at 22:25

0

I know this is a late answer, but it may help others.

Go to Firewall Advanced Settings. Set up a new network zone for the VPN.
Still in Firewall Advanced settings, create new GLOBAL rules to allow all IP in/out to the VPN network zone.

This will allow pings and traceroute (but traceroute must have the -I option).

edited Jul 18 '15 at 22:25

G-Man Says 'Reinstate Monica'

8,029

answered Jul 18 '15 at 18:04

Nemo

31

Comodo Firewall blocks Cisco Anyconnect VPN

3 Answers3