pulling my hair out: single website cannot access on one system
Hello all. I have a problem and I'm hoping someone can help me solve it.
I have an issue accessing a certain website (www.gpugrid.net) from only one of my systems on my network. literally every other website works perfectly fine. I don't know why this one computer cannot seem to access this one website.
the hosts that work all appear to be my systems running Ubuntu (5+ of them including VMs), as well as my windows 10 work computer, and my windows 10 personal laptop. they all work fine, and can access www.gpugrid.net fine.
the kicker is that the system that CAN'T load the website, CAN ping it via the command prompt either with the domain name or the straight IP (18.104.22.168). i've tried multiple browsers (Firefox/Chrome/Edge). and the system will also not communicate with this site via BOINC (which is really what I'm trying to do). I've flushed all dns caches as well as ARP with no effect. I've even gone so far as to add this IP/domain to my hosts file to try to weed out a DNS problem, and it still will not connect.
Now for why I think this is a pfsense issue. if I reboot the pfsense system, the website DOES work, and BOINC communication works... for about the first 30 seconds. then it stops working again, this is repeatable. Also, if I make a VPN connection from the trouble PC to the VPN server at my parent's house, then its working again also.
8GB DDR3L-1600 ECC
pfSense 2.4.5 (just upgraded, was on 2.4.4 with the same issue)
pi-hole running on a VM in my main server (192.168.1.250)
pi-hole (backup) running on a pi (192.168.1.253)
DNS Resolver enabled
Enable Forwarding Mode checked
System->General Settings has my two pihole systems as the DNS servers (192.168.1.250,192.168.1.253)
I can ping the gpugrid site from both pi-holes
both piholes are using Cloudflare DNS (22.214.171.124,126.96.36.199)
not that i need to, but I have whitelisted www.gpugrid.net in pihole
I'm not doing anything else fancy with pfsense, just a couple ports forwarded for my OpenVPN server and my Plex server. everything else is pretty vanilla.
I realize the complexity with running pi-hole this way, but I have also tried disabling them, as well as removing them from the network completely and setting pfSense to use the straight Cloudflare or Google DNS with no change in behavior. but this shouldn't matter anyway since i shouldn't be using the DNS anyway with the IP put straight in the hosts file.
everything says it should work, but it's just...not. even with two systems sitting right next to each other on the same network.
I'm not a network wiz, I just want it to work and this is frustrating the hell out of me lol. is there any Obi-wan out there that knows how to diagnose WHY it wont load this ONE website on this ONE system?
Try a port test to the site from pfSense. That should work though if other clients behind it can access the site.
Run packet captures to see what's happening. Is traffic for the site actually arriving at the internal pfSense interface?
Is it leaving the WAN? If not where is it leaving, if anywhere?
I assume you do not have Snort or Suricata running?