pfsense blocking personal email web sights without any rules configured

pwrobot

Hi all, I just set up a pfsense box for my home network, but as I am trying to use it, I can’t access my yahoo or google mail accounts. I have not changed any of the default firewall rules, other than disabling ipv6 since none of my devices are configured for it and I have no use for it.

I was hoping that there was something I missed in setup that was doing this to me.

All other websites seem to be working, but I have not tried any other protocols.

Tanks ahead of time for the help ahead of time!

rjabellax5

Maybe you haven't configured the DNS Server in General Settings, Or your WAN interface had no IP address received from your ISP router.

pwrobot

@rjabellax5 when I went threw the base setup utility it asked me for a dns server so I put in the google's one's for bolt primary and secondary

Rico

@pwrobot said in pfsense blocking personal email web sights without any rules configured:

I can’t access my yahoo or google mail accounts.

What exactly does this mean?
It times out? Error message?

-Rico

JKnott

@pwrobot said in pfsense blocking personal email web sights without any rules configured:

Hi all, I just set up a pfsense box for my home network, but as I am trying to use it, I can’t access my yahoo or google mail accounts. I have not changed any of the default firewall rules, other than disabling ipv6 since none of my devices are configured for it and I have no use for it.

What about other web sites? Accessing email sites is exactly the same as any other site, as far as pfSense is concerned, unless you have some rule that blocks them.

BTW, no need to disable IPv6, if your ISP provides it. It has nothing to do with your problem. It's also the future of the Internet.

johnpoz

@rjabellax5 said in pfsense blocking personal email web sights without any rules configured

Maybe you haven't configured the DNS Server in General Settings

Not even required - since out of the box pfsense resolves.. To be honest the only thing you should do during the wizard about dns is check the box to not let dhcp set them.

Since you state other site are working, then its not pfsense - pfsense has no clue to if the site is email or not email - they just use https like any other site.

Do you have any other packages installed, pfblocker, ips?

pwrobot

I am getting:
This site can’t be reached
The webpage at https://mail.google.com/mail/u/0/ might be temporarily down or it may have moved permanently to a new web address.
ERR_FAILED
All other web sights work - Netflix, amazon newegg, Pandora discord, YouTube ...
My ISP does not provide ipv6 yet, so it will not work at all.
I did the not let dhcp set dns as you recommended during setup and I have not installed anything other that the default packages included on the iso.
With my old router using stock config it was working fine, so I was expecting this stock setup to work similarly.

johnpoz

And again pfsense doesn't have a clue to what is on that site be it email or not... Look to your browser to why it would give such error, clear its cache.

Your not running any other packages - proxy, pfblocker, snort? etc..

can you go to www.google.com?

ping that mail.google.com - does it resolve to an IP? That is going to be a cname that resolves too

$ ping mail.google.com

Pinging googlemail.l.google.com [172.217.9.69] with 32 bytes of data:
Reply from 172.217.9.69: bytes=32 time=12ms TTL=53
Reply from 172.217.9.69: bytes=32 time=11ms TTL=53

pwrobot

I have cleared the cash now in my browser and still cant get to the site. I am though getting a different message:
This site can’t be reached
The webpage at
https://login.yahoo.com/account/...... might be temporarily down or it may have moved permanently to a new web address.
ERR_SSL_BAD_RECORD_MAC_ALERT
The google access is also sporadic at best.
the ping does come up with:
64 bytes from 172.217.15.69: icmp_seq=5 ttl=53 time=21.149 ms
google.com works just the mail. prefix does not work for any provider.

johnpoz

@pwrobot said in pfsense blocking personal email web sights without any rules configured:

ERR_SSL_BAD_RECORD_MAC_ALERT

Google for that error points to 3rd party antivirus, etc.. None of which has anything to do with pfsense!!