Package Manager unable to communicate to pfsense.com
-
Hello,
I'm running two pfsense boxes through the same ISP.
One is at the office and the other is at the ISP's colocation facility.
The one in the co-location facility hasn't ever been able to bring up the package manager screen while the one at the office can.
I get a message "Unable to communicate to pfSense.com. Please check DNS, default gateway, etc." when I go to packages.
I've seen a couple of posts in google about this. One mentioning allowing DNS server list to be overwritten by DHCP/PPP on WAN and the other about a problem at pfsense's ISP.
I'm not quite sure where else to turn.
Thanks in advance.
-
You have to make sure that your pfSense can resolve hostnames. In case you have static IP assignment at your colocation (I guess you have) make sure you have entered some valid DNS servers at system>general. When not using DHCP or PPPoE WAN untich the override box (though it should not be needed). To test if DNS is working go to diagnostics>ping and try to ping pfsense.org.
-
On the system I can't view the packages, I get…
Ping output:
PING pfsense.org (69.64.6.21) from 76.9.192.250: 56 data bytes
--- pfsense.org ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
On the system that I can see the packages, I get...
Ping output:
PING pfsense.org (69.64.6.21) from 76.9.192.242: 56 data bytes
--- pfsense.org ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
Additionally, from the shell on both systems.
traceroute from the unable to communicate to system
traceroute to pfsense.com (69.64.6.21), 64 hops max, 40 byte packets
1 76.9-192-249.beanfield.net (76.9.192.249) 0.570 ms 0.569 ms 0.484 ms
2 76.9-207-126.beanfield.net (76.9.207.126) 0.357 ms 0.339 ms 0.237 ms
3 * * *
4 207.219.123.125 (207.219.123.125) 0.562 ms 0.590 ms 0.480 ms
5 toroonxngr00.bb.telus.com (154.11.6.23) 0.608 ms 0.463 ms 0.491 ms
6 chcgildtgr00.bb.telus.com (154.11.11.30) 11.229 ms 11.207 ms 14.480 ms
7 peer-02-ge-3-0-2-41.chcg.twtelecom.net (66.192.252.101) 11.352 ms 11.219 ms 11.365 ms
8 206.222.119.82 (206.222.119.82) 20.854 ms 20.855 ms 20.879 ms
9 gsr2tw.bluegrass.net (69.64.6.33) 20.774 ms 20.735 ms 20.706 ms
10 * * *
11 * * *
That third hop consistently shows up as such.
Traceroute from the one that is able to see packages.
traceroute to pfsense.com (69.64.6.21), 64 hops max, 40 byte packets
1 76.9-192-241.beanfield.net (76.9.192.241) 1.085 ms 1.071 ms 0.877 ms
2 76.9-207-126.beanfield.net (76.9.207.126) 0.821 ms 1.119 ms 0.855 ms
3 srp-6-0-bdr2.tor1.beanfield.net (66.207.209.9) 1.485 ms 0.826 ms 0.566 ms
4 207.219.123.125 (207.219.123.125) 1.004 ms 1.137 ms 1.146 ms
5 toroonxngr00.bb.telus.com (154.11.6.23) 164.659 ms 184.189 ms 1.864 ms
6 chcgildtgr00.bb.telus.com (154.11.11.30) 17.166 ms 11.632 ms 11.683 ms
7 peer-02-ge-3-0-2-41.chcg.twtelecom.net (66.192.252.101) 11.603 ms 11.640 ms 11.969 ms
8 206.222.119.82 (206.222.119.82) 21.200 ms 137.032 ms 99.030 ms
9 gsr2tw.bluegrass.net (69.64.6.33) 21.176 ms 21.458 ms 21.196 ms
10 gsr1.bluegrass.net (216.135.95.6) 36.252 ms 36.235 ms 35.968 ms
11 * * *
12 * * *
-
Both machines run 1.2 release? Is there the possibility that something is filtered in front of the box that is not working?
-
Yes, both running 1.2 release.
Possible it's blocked but that makes no sense to me (bearing in mind I'm not a routing guy) considering the traceroute hops look very similar.
Also am I supposed to be able to ping www.pfsense.org from anywhere?
Regardless of 3 different service providers, I'm unable to ping it.
Cheers
-
ping is icmp (which we actually don't allow). the packagemanager uses tcp. do both machines use the same dns servers?
-
Yes they do.
I assume the output of the ping showing that www.pfsense.org resolving to 69.64.6.21 shows that it's working.
Oddly, from other machines behind that pfsense install, I can telnet to port 80 and traceroute without that pause at hop 3 or 4.
I'm wondering if it's the ISP. But they're not great at figuring out what is wrong when I mailed the results of the two traceroutes to them. I'm thinking that consistent pause in the traceroute is somehow related…
Cheers
-
Well, looks like it was something at the ISP side of things. According to a tech rep, the IP assigned to our WAN interface was conflicting with someone else's subnet.
They didn't elaborate. The traceroute with the third hop stuttering isn't fixed but at least now I can get to the packages.