TipRadar.com - Forums and community

Full Version: useing comodo to allow only vpn
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
i wanted to share this tutorial with you because many ask how to do it. i wont be shareing my own firewalls configuration for security purposes. i dont use comodo but i use too. this will help many people who need a step by step instruction without begging for help online. enjoy.

Step by step instruction on how to setup Comodo Firewall to allow specific applications access to the internet only when vpn is active.

Note this is not for high security, it only prevents your application from going online without the VPN.

With Comodo firewall (100% free version), you can set a network zone based on an adapters MAC, make a pre-defined rule for that zone, and apply that rule to certain applications.

A. Create a network zone, Get the MAC for the TAP-Win adapter
1. (XP) Start / Run and type CMD, press enter.
(Win7) Start and type CMD, press enter.
2. You should see a black box called a DOS box with a blinking cursor.
4. Look in the mess of junk for the section that says TAP-Win32.
5. You need the part that says Physical Address . . . . . . 00-??-??-??-??-??
6. Leave this window open for now.

B. Create network zone, Add in Comodo
1. In Comodo, goto Firewall / Advanced / Network Security Policy / My Network Zones
2. Add / New Network Zone
3. Name it vpnmac (press apply)
4. Select vpnmac
5. Add / New Address
6. Choose "A MAC Address" and enter the Physical Address from earlier.
7. You should see your new Zone with the New rule.
8. Press OK.

C. Make a Pre-Defined Rule
1. Open Firewall / Advanced / Predefined Firewall Policies
2. Click ADD
3. Enter a Name, vpnonly
4. Add...
Action: Allow
Protocol: IP
Direction: In
Source Address: Any
Destination Address: Zone / vpnmac

5. Add...
Action: Allow
Protocol: IP
Direction: Out
Source Address: Zone / vpnmac
Destination Address: Any

6. Add...
Action: Block
Protocol: IP
Direction: In/Out
Source Address: Any
Destination Address: Any

7. You should now have 2 green rules and then a Red one.

D: Apply rule to Applications
1. Open Firewall / Advanced / Network Security Policy / Application Rules
2. Choose the application that should only work with vpn active (vpnroute), or add an new one.
3. It will open to "Application Network Access Control"
4. Here choose the Predefined Policy "vpnonly"
5. If there are other rules already, they will be removed. To keep any existing settings, you'll have to improvise here.
6. Apply
7. OK.

Do this to all apps that should only access through the VPN (vpnroute)

E. Testing...
1. In the above example, I made a rule for Google Chrome.
2. Disconnect from vpnroute
3. Open Chrome - it is unable to load the home page.
4. Enable vpnroute
5. Refresh Chrome - it works.
Thanks for this information Skittles.

Thanks a lot. Applause