Comodo Help
Find the desired product help
Comodo Dome Firewall

Comodo Dome Firewall

Dome Cloud Firewall Admin Guide

English

Print Help Download Help
Network Configuration
  • Introduction To Dome Cloud Firewall
    • Login To The Dome Cloud Firewall Module
    • Get Started
  • The Dashboard
  • The Main Interface
  • View And Modify System Status And General Configuration
    • Configure GUI Settings
    • View And Update DCF Version
    • Create And Schedule Backup Of DCF State
      • Manually Create A Backup
      • Schedule Backup Operations
      • Encrypt Backup Archives
      • Export A Backup
      • Import A Backup Archive From A Local Computer
      • Roll Back DCF Sate To A Previous Time Point
      • Reset DFS State To Factory Defaults
  • View Dome Cloud Firewall Status
    • System Status
    • Network Status
    • System Usage Summaries
    • Network Traffic
    • Network Connections
    • SSLVPN Connections
  • Network Configuration
  • Configure ICAP Services
  • Manage Firewall Configuration
    • Firewall Objects
      • Manage Firewall Address Objects
      • Manage Firewall Object Groups
      • Manage Firewall Schedules
      • Active Directory Integration
    • Source Network Address Translation
    • Configure Virtual IP For Destination Network Address Translation
    • Configure System Access
    • Configure Firewall Policy Rules
      • Manage Firewall Policy Rules
      • Manage VPN Firewall Rules
  • Configure HTTPS Proxy Services
  • Configure Virtual Private Network Settings
    • SSL VPN Server
      • Configure General SSL VPN Server Settings
      • Manage SSL VPN Client Accounts
      • Configure Advanced SSL VPN Server Settings
      • Configure LDAP Server Settings
      • Configure Clients To Connect To Dome Cloud Firewall
    • SSLVPN Client
    • IPSec Configuration
    • L2TP Server Configuration
    • IPsec / L2TP Users Configuration
  • View Logs
    • Realtime Logs
    • Configure Log Settings
  • About Comodo Security Solutions

Network Configuration


The 'Network Configuration' screen shows settings configured by Comodo to connect your networks/clients to LAN and/or internet zones.

  • To open the 'Interface Configuration' screen, click 'Network' on the left then 'Interfaces'.




The 'Interface Configuration' table shows interface devices configured by Comodo with their status and other details.

Interface Configuration Table - Column Descriptions

Column Header

Description

Interface Name

Name of the CF port. The font color indicates the type of network zone to which the port is connected.


Red - External networks, like WAN, for Internet connection.


Green - Local Area Network to which workstations are connected.

Status

Link status of the interface device. The status can be one of the following:


Green Tick - Link is active.


Red Cross - The link is not active.


Question Mark - No information about the link from the device driver.

Zone Type

The network zone type of the interface. The network zone can be one of the following:

  • Internet
  • LAN
Place your mouse cursor over the question mark beside zone name to view the type of network zone interface (Static or Dynamic).

IP

The IP address of the interface device connected to the port.

Netmask

The netmask of the network zone connected through the interface.

MAC Address

The Media Access Control (MAC) address of the interface.

Actions

Displays control buttons for editing and deleting the port entries.

- Opens connection settings and allows you to edit the parameters of the interface.

  - Disconnects the interface and clears the port.

  - Indicates whether the port is enabled or disabled. The checkbox also allows the administrator to switch the port between enabled and disabled states.

 

Updating Network Interfaces


The interfaces configured by Comodo can be updated for both LAN and Internet interfaces such as IP address / Netmask, default gateway, primary DNS and so on. The following sections provide detailed explanations on updating the network zone interfaces:

  • Update WAN network zone to connect to the internet
  • Update LAN network zone

Update WAN network zone to connect to the internet


The setup for external networks involves configuring network parameters and preferences for the internet zone.


To configure the external network zone

  • Click on the edit icon  in the row of the port to which the interface device for connecting to external network/internet.

The pane for configuring the network interface device will open.



  • Zone - Select 'Internet' from the drop-down. The configuration options for external network interface devices will appear:
  • Type - Choose the interface type through which DCF is connected to the Internet. The available options are:
  • ETHERNET STATIC - The external network interface is in a LAN and has a fixed IP address and netmask. An example is a router in which DCF is assigned a fixed IP address.
  • ETHERNET DHCP - The external network interface receives its network configuration through dynamic host control protocol (DHCP) from a local server, router, or modem.
  • PPPoE - The external interface is connected to an ADSL modem through an Ethernet cable. Select this option only if the modem uses the Point-to-Point Protocol over Ethernet (PPPoE) protocol to connect to the service provider.

The following sections explain configuration parameters for each interface type:

  • ETHERNET STATIC
  • ETHERNET DHCP
  • PPPoE

ETHERNET STATIC

  • Configure the following for the external network zone



Device Settings

  • Device - The port to which the interface device is connected. The port is pre-selected.
  • IP Address - Enter the IP address of the interface device
  • Netmask - Choose the network mask containing the possible masks from the drop-down (e.g. /24 - 255.255.255.0)
  • Add additional addresses - If additional IP address(es)/netmask(s) are to be added to the interface, select the 'Add additional addresses' checkbox and enter the additional IP address(es)/netmask(s) of different subnets one by one per line.
  • Default gateway - Enter the IP address of the default gateway through which DCF connects to internet in the 'Default Gateway' text box
  • DNS Settings - Enter the IP addresses/hostnames of the primary and secondary DNS servers to be used in the respective fields.

Uplink Settings

  • Uplink is Enabled - The uplink will be activated by default. Deselect this checkbox if you don't want to enable the uplink device at this time. You can enable the uplink at a later time in two ways:
  • Select the checkbox in the 'Actions' column of the 'Interface Configuration' interface.
  • Select the 'Active' checkbox beside the uplink in the Uplinks box from the Dashboard.
  • Start uplink on boot - The uplink will start automatically on every restart of DCF. Deselect this checkbox if you want to manually start the uplink only when required.
  • Uplink is managed - The uplink will be managed by DCF and its details will be displayed in the Dashboard. Deselect this option if you do not want the uplink details to be displayed in the Dashboard. You can switch the uplink to managed state at any time by selecting the 'Managed' checkbox beside the uplink in the Dashboard.
  • Backup Profile - Select this checkbox if you want to specify an alternative uplink connection to be activated in the event this uplink fails and choose the alternative uplink device from the drop-down.
  • Additional Link check hosts - The uplink reconnects automatically after a time period set by your ISP, in the event of a connection failure. If you want the appliance to check whether the uplink has connected successfully, you can try to ping known hosts in an external network. Enabling this option will reveal a text field where you should enter a list of one or more perpetually reachable IP addresses or hostnames. One of the hosts could be your ISP's DNS server or gateway.

Advanced Settings:

The Advanced Settings pane allows you to specify the MAC address and the Maximum Transmission Unit (MTU) of the data packets for the interface device. These settings are optional. If you need to specify custom values for these fields, click on the '+' sign beside 'Advanced Settings' to expand the 'Advanced Settings' pane.

  • Use custom MAC address - DCF has the capability to automatically detect the MAC address of the device connected to the port specified and populates the same in the MAC address column. If you need to specify a different MAC address to override and replace the default MAC address of the external interface, select the ' Use custom MAC address' checkbox and enter the MAC address in the text box that appears below the checkbox.
  • Reconnection timeout - Specify the maximum time period (in seconds) that the uplink should attempt to reconnect in the event of a connection failure. The reconnection timeout period depends on the ISP configuration. If you are unsure, leave this field blank.
  • MTU - Enter the Maximum Transmission Unit (MTU) of the data packets that can be sent over the network.
  • Click 'Save'.

A confirmation dialog will be displayed.



  • Click 'OK'.

DCF will restart for your settings to take effect.

  • Network configuration activities like date, time, type of event, subject id, component name and the event outcome are logged.

Tip: You can edit the network configuration e.g. for changing selected parameters like hostname or the network range of a zone, at any time depending on changes in your network. Click 'Network' > 'Interface', click the 'Edit icon'   in the 'Internet' row of the table, make the changes and save the changes.


ETHERNET DHCP

  • Configure the following for the external network zone with Ethernet DHCP interface




Device Settings

  • Device - The port to which the interface device is connected. The port is pre-selected.
  • DNS Settings - Select whether the DNS servers are to be automatically or manually assigned. If the latter, select the 'Use Custom DNS Settings' checkbox and enter the IP addresses/hostnames of the primary and secondary DNS servers to be used.

Uplink Settings

  • Uplink is Enabled - The uplink will be activated immediately after the creation of it. Deselect this checkbox if you don't want to enable the uplink device at this time. You can enable the uplink at a later time in two ways:
  • Select the checkbox in the 'Actions' column of the 'Interface Configuration' interface.
  • Select the 'Active' checkbox beside the uplink in the Uplinks box from the Dashboard.
  • Start uplink on boot - The uplink will start automatically on every restart of DCF. Deselect this checkbox if you want to manually start the uplink only when required.
  • Uplink is managed - The uplink will be managed by Korugan and its details will be displayed in the Dashboard. Deselect this option if you do not want the uplink details to be displayed in the Dashboard. You can switch the uplink to managed state at any time by selecting the 'Managed' checkbox beside the uplink in the Dashboard.
  • Backup Profile - Select this checkbox if you want to specify an alternative uplink connection to be activated in the event this uplink fails and choose the alternative uplink device from the drop-down.
  • Additional Link check hosts - The uplink reconnects automatically after a time period set by your ISP, in the event of a connection failure. If you want DCF to check whether the uplink has connected successfully, you can try to ping known hosts in an external network. Enabling this option will reveal a text field where you should enter a list of one or more perpetually reachable IP addresses or hostnames. One of the hosts could be your ISP's DNS server or gateway.

Advanced Settings:

The Advanced Settings pane allows you to specify the MAC address and the Maximum Transmission Unit (MTU) of the data packets for the interface device. These settings are optional. If you need to specify custom values for these fields, click on the '+' sign beside 'Advanced Settings' to expand the 'Advanced Settings' pane.

  • Use custom MAC address - By default, the appliance automatically detects the MAC address of the device connected to the specified port and populates the MAC address column with this information. If you need to specify a different MAC address (and replace the default MAC address of the external interface), select the ' Use custom MAC address' checkbox and enter the MAC address in the text box that appears below the checkbox.
  • Reconnection timeout - Specify the maximum time period (in seconds) that the uplink should attempt to reconnect in the event of a connection failure. The reconnection timeout period depends on the ISP configuration. If you are unsure, leave this field blank.
  • MTU - Enter the Maximum Transmission Unit (MTU) of the data packets that can be sent over the network.
  • Click 'Save'.
  • Network configuration activities like date, time, type of event, subject id, component name and the event outcome are logged.


Tip: You can edit the network configuration e.g. for changing selected parameters like hostname or the network range of a zone, at any time depending on changes in your network. Click Network > Interface, click the 'Edit icon'  in the 'Internet' row of the table, make the changes and save the changes.


PPPoE

  • Configure the following for external network zones with PPPoP interface




Device Settings

  • Device - The port to which the interface device is connected. The port is pre-selected.
  • Add additional addresses - If additional IP address(es)/netmask(s) are to be added to the interface, select the 'Add additional addresses' checkbox and enter the additional IP address(es)/netmask(s) of different subnets one by one per line.
  • Username - Enter the login username for Internet connection as provided by your Internet Service Provider (ISP)
  • Password - Enter the login password as provided by your ISP for Internet connection
  • Authentication Method - Enter the method of authentication used by your ISP for your device to connect to internet from the drop-down. The options available are: Password Authentication Protocol (PAP); Challenge Handshake Authentication Protocol (CHAP); or both. If you are not sure about the authentication method, choose PAP or CHAP (Default).
  • DNS Settings - Select whether the DNS servers are to be automatically assigned or manually assigned. If the later, select the Use 'Custom DNS Settings' checkbox and enter the IP addresses/hostnames of the primary and secondary DNS servers to be used.

Uplink Settings

  • Uplink is Enabled - The uplink will be activated immediately after the creation of it. Deselect this checkbox if you don't want to enable the uplink device at this time. You can enable the uplink at a later time in two ways:
  • Select the checkbox in the 'Actions' column of the 'Interface Configuration' interface.
  • Select the 'Active' checkbox beside the uplink in the Uplinks box from the Dashboard.
  • Start uplink on boot - The uplink will start automatically on every restart of DCF. Deselect this checkbox if you want to manually start the uplink only when required.
  • Uplink is managed - The uplink will be managed by DCF and its details will be displayed in the Dashboard. Deselect this option if you do not want the uplink details to be displayed in the Dashboard. You can switch the uplink to managed state at any time by selecting the 'Managed' checkbox beside the uplink in the Dashboard.
  • Backup Profile - Select this checkbox if you want to specify an alternative uplink connection to be activated in the event this uplink fails and choose the alternative uplink device from the drop-down.
  • Additional Link check hosts - The uplink reconnects automatically after a time period set by your ISP, in the event of a connection failure. If you want DCF to check whether the uplink has connected successfully, you can try to ping known hosts in an external network. Enabling this option will reveal a text field where you should enter a list of one or more perpetually reachable IP addresses or hostnames. One of the hosts could be your ISP's DNS server or gateway.
Advanced Settings:
The Advanced Settings pane allows you to specify the MAC address and the Maximum Transmission Unit (MTU) of the data packets for the interface device. These settings are optional. If you need to specify custom values for these fields, click on the '+' sign beside 'Advanced Settings' to expand the 'Advanced Settings' pane.
  • Use custom MAC address - DCF has the capability to automatically detect the MAC address of the device connected to the port specified and populates the same in the MAC address column. If you need to specify a different MAC address to override and replace the default MAC address of the external interface, select the ' Use custom MAC address' checkbox and enter the MAC address in the text box that appears below the checkbox.
  • Concentrator name - Enter the identifier of the remote access concentrator setup by your service provider (Optional, usually not needed).
  • Service Name - Enter the name of your ISP (Optional, usually not needed).
  • Reconnection timeout - Specify the maximum time period (in seconds) that the uplink should attempt to reconnect in the event of a connection failure. The reconnection timeout period depends on the ISP configuration. If you are unsure, leave this field blank.
  • MTU - Enter the Maximum Transmission Unit (MTU) of the data packets that can be sent over the network.
  • Click 'Save'.
  • Network configuration activities like date, time, type of event, subject id, component name and the event outcome are logged.


Tip: You can edit the network configuration e.g. for changing selected parameters like hostname or the network range of a zone, at any time depending on changes in your network. Click Network > Interface, click the 'Edit icon'  in the 'Internet' row of the table, make the changes and save the changes.


Update LAN network zone


The setup for internal networks involves configuring network parameters and preferences for the LAN zone.


To configure the internal network zone

  • Click on the edit icon  in the row of the port to which the interface device for connecting to the LAN zone is plugged-in.




  • Zone - Displays 'LAN' by default. This cannot be edited.
  • Device - The port to which the interface device is connected. The port is pre-selected.
  • IP Address - Enter the IP address of the interface device, as pre-configured in the network
  • Netmask - Choose the network mask containing the possible masks from the drop-down (e.g. /24 - 255.255.255.0)
  • Add additional addresses - If additional IP address(es)/netmask(s) are to be added to the interface, select the 'Add additional addresses' checkbox and enter the additional IP address(es)/netmask(s) of different subnets one by one.
  • Hostname and Domainname - Enter the host name of your network server and the domain name of your network in the respective text fields
  • Click 'Save'.

A confirmation dialog will be displayed.



  • Click 'OK'.
DCF will restart for your settings to take effect.
  • Network configuration activities like date, time, type of event, subject id, component name and the event outcome are logged.


Tip: You can edit the network configuration e.g. for changing selected parameters like hostname or the network range of a zone, at any time depending on changes in your network. Click 'Network' > 'Interface', click the 'Edit icon'  in the 'LAN' row of the table, make the changes and save the changes.

Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2024. All rights reserved.