site b2b blocked

MaioMaio

I reset my pfsense to default settings (with dns provided by WAN DHCP) but it doesn't resolve this site https://sicomputer.com/b2b.
Could you help me to fix this problem (blocking or resolving)
Thanks

michmoor

@maiomaio You can change the DNS servers under System > General Setup. Try something like google dns or cloudflare.
Also make sure your client is pointing to pfsense for dns.

provels

@maiomaio said in site b2b blocked:

https://sicomputer.com/b2b

Their problem not yours. 404

SteveITS

@maiomaio said in site b2b blocked:

reset my pfsense to default settings (with dns provided by WAN DHCP)

In General Setup the DNS servers are only used by clients on LAN if forwarding is enabled in the DNS Resolver settings. The "DNS Resolution Behavior" choice on that page controls whether pfSense itself uses its own DNS or remote/external DNS first. By default clients on LAN, using DHCP from pfSense, use pfSense for their DNS and Unbound resolves names directly from root servers. Just saying all this to explain why DNS from WAN DHCP is mostly irrelevant.

So all that said what does "nslookup sicomputer.com" return for you?

I also see the error page and the domain is resolving for me.

michmoor

@steveits hey Steve. I’m set up for dns resolver mode and using Cloudflare for DoT settings. Are you saying those settings aren’t used? This has been a confusing piece for me about pfsense.

SteveITS

@michmoor "DNS Resolution Behavior" defaults to ‘local, use remote as fallback’ or however it’s phrased. So by default pfSense uses itself as the primary DNS server.

michmoor

@steveits So out of the box im set up for DNS Resolver. But i will be contacting the DNS servers like Cloudflare that ive set up under System > General setup, yes?

SteveITS

@michmoor If "DNS Query Forwarding" is checked in the DNS Resolver settings then unbound will forward queries instead of resolving DNS itself.

michmoor

@steveits Gotcha im clear now. So yeah its being sent to the CF servers then.
So out of the box, pfsense is in resolver mode and queries root servers by default ignoring the upstream servers given by the ISP..

SteveITS

@michmoor said in site b2b blocked:

out of the box, pfsense is in resolver mode and queries root servers by default ignoring the upstream servers given by the ISP

correct.

MaioMaio

I have set the dns server of the Provider and now pfsense resolve b2b site . I will reset to google dns or opendns and will try to resolve it.

Gertjan

@maiomaio said in site b2b blocked:

https://sicomputer.com/b2b.

If any doubts, use, for example : https://www.zonemaster.net/

See https://www.zonemaster.net/en/result/a5a8b50fd5447ce6

In this case: sicomputer.com is a complete mess, totally unusable.