Comodo Unite (EasyVPN) - CUniteAppendix 2 - How to improve performance by using direct connections
In order to establish direct connections
between clients (highly recommended), system administrators have to open
certain ports on both client computers and NAT/Firewall (if
applicable).
Ports need to connect to servers:
- TCP 443 connect to Unite server/web server
- UDP 8000 for p2p mediator server
- UDP 12000 -13000 – to build direct, peer-to-peer, connection between clients
Background
All connection requests to other machines in your network are initially brokered by the Comodo Unite server. Upon receipt of the connection request, the server will first attempt to set up a direct, peer-to-peer connection between the computers. If it cannot establish a direct connection, then it executes the next best option of establishing a relayed connection.
- A direct connection is, as the name suggests, a straight connection between computers in a Unite network (peer to peer connection).
- In contradistinction, a relay connection means the Unite server acts as 'middle man' between the two computers in the network. Computer A connects to the Unite server and the Unite server connects to Computer B. All information sent from Computer A will pass through a secure, encrypted tunnel through the server to Computer B.
- Speed - With direct connections, data is passed directly back and forth rather than being redirected through the extra hop of the Unite server. Relayed connections are always going to suffer from a certain lag due to this simple fact.
- Reliability- A direct connection will decrease or eliminate the effect of any server issues on your network (for example, server downtime, slow response times during times of high traffic).
Logmein additional Information for (TCP 443)
You can set a static UDP listening port and TCP handshake port by configuring it inSystem - Preferences - Settings - Advanced Settings under Peer Connections. Complete both values if you have multiple Internet connections.
Note:
If you are behind a router you must forward the port's UDP/TCP traffic
from your router to the machine. Follow the instructions for your
router from PortForward.com. If you have multiple machines behind the same router, you will need to choose different ports for each to avoid conflicts.
============================================
I wanted to forward ports 30001 TCP and 30001 UDP to Computer B, just to make eMule work with HighID. But unfortunately, Computer B couldn't get access to these ports with Comodo enabled on Computer A (with ICS).
After many probes I have found a solution!
You need to use the Application Rules, NOT the Global Rules!
In the Application Rules click ADD and bring on the Running Applications window. Then select "Windows Operating System" on the top.
Now create a rule for it:
Action: Allow
Protocol: TCP/UDP
Direction: Incoming
Source address: Any
Destination address: Any
Source port: Any
Destination port: THE PORT OR PORT RANGE YOU WANT TO FORWARD
It has to be like this to make it work! And of course you have to add this rule in the host computer, that runs the ICS.
How do I open ports in Comodo?
Open up the GUI for CFP 3 (2007), go to Firewall-Advanced-Network Security Policy-Global Rules and select Add, then add those rules:
Action: Allow
Protocol: TCP
Direction: In/Out
Source Address: Any
Destination Address: Any
Source port: Any
Destination Port: 3689
Action: Allow
Protocol: UDP
Direction: In/Out
Source Address: Any
Destination Address: Any
Source port: Any
Destination Port: 5353
LibreOffice
Firefox
No comments:
Post a Comment