Author Topic: Comodo Firewall Configuration for FullyRouted servers  (Read 22947 times)

Offline Chris

  • BolehVPN Staff
  • Admiral
  • *****
  • Posts: 2200
  • Beneath a cobalt moon
Comodo Firewall Configuration for FullyRouted servers
« on: December 23, 2011, 11:22:03 AM »
I haven't tested out VPNCheck, but you can use Comodo firewall (download it here http://personalfirewall.comodo.com/free-download.html ) and force your applications to only use the VPN.

Once you've got Comodo installed and running, you'll need the mac address of the TAP-Win32 adapter. Start menu > Run > cmd, type in ipconfig /all and look for the TAP-Win32 Adapter. Look for the Physical Address : xx-xx-xx line, copy down the address.

Now in Comodo, click the Firewall tab, click Network Security Policy, then hit Network Zones. Add a new network zone, call it BolehMAC or something. Underneath it, right click the (add address here), click Add. Choose Mac Address from the Type drop down list and type in your TAP-Win32 adapter's mac address. Hit apply.

Now click on Predefined policies, add a new one. Call it VPN Only. Select use a Custom policy then hit Add. Set Action to Allow, Protocol to IP, Direction to IN, and tick Log as firewall event. For Source Address, choose Network Zone and BolehMAC. Leave Destination Address and Ip Details set to any. Repeat the previous steps, this time set Direction to Out. You now have two green rules.

Add a new rule, set Action to Block, Protocol to IP, Direction to In/Out. Leave Source, Destination and IP details set to Any. Hit Apply and then Hit Ok.

Reopen Network Security Policies, look for your browser under the Application rules tab. Select your browser, click Edit, then set it to Use a predefined policy, selecting VPNOnly from the list. Hit Apply, then OK, then view firewall events. Connect to one of our FullyRouted servers, load up a website or start a download in your browser, then disconnect the VPN. Your download should halt immediately, several firewall events should be logged. You can also check active connections in Comodo too.

This should only work for the FullyRouted servers. You'll have to add application rules for uTorrent as well as any other applications you want secured.