Various sites and services being blocked - how to fix?
-
@silence
I could I guess.
Please tell me what you'd like to see specifically, so I can do it all at once to save time.
You mentioned the dashboard, but also the firewall logs?
Those are on different screens, right? -
@elmojo, Status > System logs > Firewall
and System information in dasboard
-
@silence Album Link: https://ibb.co/album/rGsxLQ
I'll add to this if needed as we discuss...
Thanks! -
@elmojo, System > General Setup > DNS SERVER SETTINS > DNS SERVER = 8.8.8.8
-
@elmojo, Firewall> Rules> Wan and send screenshot
And Firewall> Rules> Lan and send screenshot
-
@elmojo, Status> System logs> Firewall and then share new logs
-
@silence
I'm sorry, I don't understand what you're saying.
If you're telling me to set my DNS to Google's 8.8.8.8, then no.
I just got that fixed earlier in this thread with @Gertjan's help. Having a DNS specified in my settings we preventing most anything from working.
Removing the DNS entry entirely and using the default setting has got it working to this point.As for the other screenshots, I'll add them to the album shortly.
EDIT: Album updated.
-
@elmojo, I have multiple pfsense and everything has this configuration, I never have any problem.
127.0.0.1 is wrong
-
@elmojo, I am a bit confused because it has wan interfaces?
I try to understand what use you want to give your pfsense to help with a configuration.
-
@silence said in Various sites and services being blocked - how to fix?:
@elmojo, I have multiple pfsense and everything has this configuration, I never have any problem.
127.0.0.1 is wrong
I dunno man, I'm just going by what I was told by @Gertjan. Maybe you know more than he (she?) does, maybe it's the other way around. I guarantee you both know more than me! lol
All I know is that I had it set to 8.8.8.8 when I first set it up, and nothing worked right. Removing that entry and letting it default caused a few things to work a bit better, but not everything.
I don't see anything in my rules about port 53. What do you mean? It set those up during the wizard, I have not set any rules myself.@silence said in Various sites and services being blocked - how to fix?:
@elmojo, I am a bit confused because it has wan interfaces?
I try to understand what use you want to give your pfsense to help with a configuration.
What's confusing about the WAN interfaces? Do you mean the rules, or the blocking entries, or ???
-
@elmojo, Status > System Logs > System > DNS Resolver
and send screenshotDiagnostics > DNS Lookup >
-
@silence album updated
I really appreciate your help, by the way.
I realize something is super sketchy here. Do you think this is fixable, or should I just burn this thing back to factory defaults and start over? I don't have much configured, so if you think it would help, I can (hopefully) get it set back up again. :)I'm most worried about getting the WAN configured to play nice with my DSL, but I think we got that sorted out now.
-
@elmojo, Firewall> Rules> Wan> Add
Create this rule in your wan interfaces to block all
Then go to Interfaces> wan and uncheck this option
-
@silence
I'm willing to try, but can you explain the idea first please? All documentation and videos I've watched say to not disable that "bogon blocking" feature. -
@elmojo I am not very theoretical, it is simply the logical thing that I do when I configure new pfsense to disable default rules and I add this rule to block and monitor all traffic in the wan.
-
@silence That makes sense. Please excuse my (extreme) ignorance, but if we block all WAN traffic, won't that block pretty much all incoming data? Or is it only for requests that originate outside my LAN, thus making them likely to be malicious?
EDIT: I did as you show above. The logs look like this now... https://ibb.co/xL9k0cf
-
@elmojo, Apply this setting just as the image shows.
-
@elmojo, Switches from (Lan Net) To (*) In both rules
-
@silence
Okay, both done, no improvement.
I have now lost access to the Amazon app again on my phone, likely due to the DNS change.
I still cannot access the FireTV home screen, or Netflix. I can, oddly, access Amazon Prime Video on my TV. I'm not sure if that was working before or not, I never tried. -
@elmojo, try to enter again and then go to firewall logs and send me a screenshot ...
It must be quick. I want to see what blocks this.