New COD MWII Blocked By pfSense

EmJeezy

@johnpoz i think the pcap i need to do is WAN and not local. Problem is with the WAN pcap i cannot filter (at least not from pfsense) on the local IP.

johnpoz

@emjeezy no lan is fine.. That sniff has zero traffic going to any internet address in it.. To get to the internet you have to send it to pfsense right? But pfsense isn't seeing any traffic going to the internet in that sniff.

EmJeezy

@johnpoz

You have some remote desktop connection in that sniff - I see the RDP 3389
yes i am remoted onto my gaming pc right now

Trying the pcap again on lan..

johnpoz

@emjeezy nor did see even any dns queries in that sniff. Only thing see in there is part of remote desktop connection.

You most likely filled up your sniff before you even started anything because you didn't change the limit from 100 to 0

EmJeezy

@johnpoz said in New COD MWII Blocked By pfSense:

You most likely filled up your sniff before you even started anything because you didn't change the limit from 100 to 0

right, i forgot to change the 'count' to 0. changed it now and running another pcap while trying to connect to COD..

johnpoz

@emjeezy make sure you flushed the clients local dns cache as well - so we can see if any dns queries it asks for are not being answered.

EmJeezy

@johnpoz

copy. will do.

EmJeezy

@johnpoz So fighting the pcap size, too large to upload here. Set count to a thousand packets and ran. Hopefully it captured some useful traffic. updated pcap attached.

packetcapture(2).pcap

johnpoz

@emjeezy well can see no dns responses for stuff being asked for

EmJeezy

@johnpoz humm..yah thats my machine asking my firewall for dns..thats normal. Wonder why my firwewall would fail to answer. I have 8.8.8.8 set as primary and 9.9.9.9 as 2ndary dns server.

rcoleman-netgate

@emjeezy What is DNS Resolver set up for?
And System->General for the DNS calls?

EmJeezy

@rcoleman-netgate

mine is set to:

I will say i do have my dns resolver enabled too ->

johnpoz

@rcoleman-netgate

I didn't find any that didn't have a record.. From the ones that he showed no response for. I queried for them and they all responded.

But like that one with loginservice.prod in the name - if that doesn't get an answer, it highly unlikely to be able to login ;)

rcoleman-netgate

@emjeezy Is DNS resolver running? Check Status->Services

EmJeezy

@rcoleman-netgate

it is running ->

johnpoz

@rcoleman-netgate he got a response for the ngx nvidia one - even though did seem delayed..

But don't see any other responses - maybe they were delayed as well, and the sniff stopped before they came in? But yeah checking to make sure they do respond would be step 1 in trying to figure out what is going on.

rcoleman-netgate

How about going to Diagnostics->DNS Lookup and running a few of those?
I couldn't get the ergeron one to resolve but I did get steampowered to

EmJeezy

@johnpoz just tried to resolve this from my pc with a simple nslookup + a ping 'iw9.steam-loginservice.prod.demonware.net'..nothing.. are you able to resolve that on your end..?

EmJeezy

@rcoleman-netgate

EmJeezy

Also set a static google dns on my pc, flushed dns cache and tried sigining into COD, same issue...