Google.com blocked but local google domains are not....
-
google.com is not www.google.com
Pinging google.com [216.58.192.206] with 32 bytes of data: Reply from 216.58.192.206: bytes=32 time=10ms TTL=116 Pinging www.google.com [172.217.164.100] with 32 bytes of data: Reply from 172.217.164.100: bytes=32 time=72ms TTL=111
Your get in your "video" is for www.google.com
When fails...
You never WENT to www.google.com - you did a search in firefox browser... You didn't load www.google.com in your browser like I show in my example.
-
@johnpoz said in Google.com blocked but local google domains are not....:
google.com is not www.google.com
Pinging google.com [216.58.192.206] with 32 bytes of data: Reply from 216.58.192.206: bytes=32 time=10ms TTL=116 Pinging www.google.com [172.217.164.100] with 32 bytes of data: Reply from 172.217.164.100: bytes=32 time=72ms TTL=111
Your get in your "video" is for www.google.com
When fails...
You never WENT to www.google.com - you did a search in firefox browser... You didn't load www.google.com in your browser like I show in my example.
The search from FF times out when searching www.google.com. When I visit www.google.com from the browser it works fine.
-
This is what I get when searching from FF on a startpage....
This is what I get if I type www.google.com directly
-
Where is that working - I see a get.. I don't see the OK (200) response. Where is the rest of what that would show if you actually went there and pulled data.. Again see my example.
I want nothing more than to help you figure out what the problem is.. But I fail to understand why this has to be like pulling teeth with a pair of chopsticks..
Here is a simple test.. do a fetch www.google.com from pfsense. Look what you get..
Then do the same test from something behind pfsense.. If pfsense works but your machine is not..
-
@johnpoz said in Google.com blocked but local google domains are not....:
Where is that working - I see a get.. I don't see the OK (200) response. Where is the rest of what that would show if you actually went there and pulled data.. Again see my example.
I want nothing more than to help you figure out what the problem is.. But I fail to understand why this has to be like pulling teeth with a pair of chopsticks..
Here is a simple test.. do a fetch www.google.com from pfsense. Look what you get..
I know but I dont get anymore than that as a reply and then it times out.
Looking a local google domains, its not a problem
-
If you get no response from www.google.com then how does it work when you visit the page?
-
I get this from pfsense
fetch: https://www.google.com: No route to host
I cant visit the page. I get no reply.
Everything else than .com works flawlessly
-
Ah, so a routing problem.
Run
host www.google.com
and show us your routing table.Though you see to be able to ping it..... but maybe not from pfSense itself.
Steve
-
-
...and your routing table?
This could be an IPV6 issue....
Steve
-
@stephenw10 Some IP info in there that I dont want on the forum...
Running netstat -r
-
Can you ping6 to (www.)google.com?
Do either of those other google domains return v6 IPs?
You'll have to check your own routing tables then. Does it all look correct?
Steve
-
-
That would never work.. You don't have a global address it seems, that source is link-local
But not sure how you could not have a route, you have to have a default route.
Do a traceroute to the IPv4 that comes back for www.google.com
But as we have now seen, you are not able to go to www.google.com at all - not that you can go there but searches are not working ;)
Something seems really odd that you can ping, but fetch says no route. Can you ping from pfsense? Or that ping was from your client.
Do you have any vpn setup on pfsense, where your doing policy routing for your clients?
-
Pings work from a client behind pfSense but we have not seen them work from pfSense itself.
So client traffic could be policy routed maybe.
-
@johnpoz said in Google.com blocked but local google domains are not....:
That would never work.. You don't have a global address it seems, that source is link-local
But not sure how you could not have a route, you have to have a default route.
Do a traceroute to the IPv4 that comes back for www.google.com
But as we have now seen, you are not able to go to www.google.com at all - not that you can go there but searches are not working ;)
Something seems really odd that you can ping, but fetch says no route. Can you ping from pfsense? Or that ping was from your client.
Do you have any vpn setup on pfsense, where your doing policy routing for your clients?
The ping was from pfsense itself
-
@stephenw10 said in Google.com blocked but local google domains are not....:
Pings work from a client behind pfSense but we have not seen them work from pfSense itself.
So client traffic could be policy routed maybe.
Outbound NAT
Outbound rules for interface
-
The ping you showed above was from a Windows client it looked like.
Otherwise I have no idea how that succeeded whilst fetch shows no route. Unless something changed in between those. -
@stephenw10 said in Google.com blocked but local google domains are not....:
The ping you showed above was from a Windows client it looked like.
Otherwise I have no idea how that succeeded whilst fetch shows no route. Unless something changed in between those.Just upgraded to 2.5.0 without issues and problem is gone. Why I havent got a clue about....
-
Ha, well take the win.