Need assistance, basic PfSense install, certain webpages won't load.



  • Hi guys, i'm not sure if this is a firewall or NAT related issue, etc, so i posted this in the General forum.

    The basic issue is that we (roomies and I) will get pfsense installed and setup (using an Athlon 2800+ comp with pfsense installed on the HDD), and it will work absolutely flawlessly for 1-2 weeks.  Eventually certain web pages will stop loading from any comp on the network.  For example we can't get www.qwantz.com to load, or www.msn.com to load at all.  There are a few other sites that will not load as well and there doesn't appear to be any rhyme or reason to which sites will and will not load. What is even more bizarre, and maybe this will help with you more knowledgeable folks, but if we use a web proxy server, we can get the pages to load.  Further, using a CMD prompt in Vista, attempting to ping the websites fails, but tracerouting works fine.

    If we plug a single comp directly into the DSL modem, the pages work fine, so it appears to be an issue with the pfsense setup, or something that is beyond the realm/breadth of my understanding.

    We're not 100% sure this may be the reason, but we've noticed the issue seems to appear sometime shortly after we've had a bad storm in the area.  We are going through a surge protector, not using a UPS, could a surge perhaps be corrupting the install?  If so would we be better off running PFSENSE off the cdrom or perhaps even a flash drive rather than running it from the HDD?

    I would also like to mention the first time this happened since we noticed the time proximity to a thunderstorm, we completely reinstalled pfsense and it fixed the problem.  Since a recent storm today it has popped back up again.  What is bizarre is i would assume if it were the install being corrupted due a surge/etc, that it would manifest itself in a different manner, in terms of not affecting the exact same webpages.

    The pfsense install is the most basic.  We do some minor port forwarding, and i set up the traffic shaper (although i did confirm on this most recent install that disabling the traffic shaper has no effect on the issue).

    Any help or ideas you guys can come up with would be greatly appreciated.  Ever since discovering PfSense i've been absolutely in love with how efficient it is, the decrease on our pings, webpages loading much more quickly, just overall responsiveness etc.  Unfortunately it isnt really an option to have to re-setup the software 2 or 3 times a month.  Once again, thank you for your time.



  • Hi guys, i thought i would update the post and see if this helps, but we've noticed that all the webpages that are affected are pages that block pings.

    Other websites we have confirmed:

    www.cnet.com
    www.avsforum.com



  • What version of pfSense, what packages have you installed, what changes did you make from the default install?

    I'd suggest doing a check of the memory (memtest86), particularly.



  • We had 1.3 installed, no packages or anything installed, just set up the DHCP and assigned the lan/wan interfaces.

    A roommate who was absolutely SURE it was a problem with pfsense insisted that we just buy a new router and our problems would go away.  I told him it wasnt the router since we could tracert out of our connection before the websites had issues.  Either way, we went and picked up a linksys router, which worked for about 1 day (so the websites like msn.com etc would load properly) and is now having literally the exact same problem.

    I attempted to contact qwest in the vain hope that their techsupport may know something but they refused to talk to us unless we plugged a single computer directly into the modem, which of course is simply not an option.

    What i dont understand is that if we do connect a single comp to the modem it works flawlessly.  Which suggests that the problem may be some kind of an incompatibility between the modem and the router.

    I am personally at a loss and am now at the point that i'm once again considering using cable internet since although it was absolutely terrible for multiple connections (i.e. if someone started a torrent with very low capped speeds, say 10kbps up and 50 down) it would completely screw the connections latency if you were in a game such as CS:S or WOW, etc.



  • I've observed similar problems before when the MTU was incorrect.

    Check the MTU on all interfaces. It may be set to 1500 when it needs to be 1492 (or vice-versa).



  • And, watch that 1.3 is an old, discontinued, pre ALPHA branch.  1.2 is the current stable branch, 2.0 is the current pre ALPHA branch.  You should move to 1.2.



  • Specifically 1.2.2-release or 1.2.3-RC1.



  • are you using a wireless AP that your hosts are connecting through? i had this same exact problem and it turned out to be my wireless access point. once i connected my hosts directly to the switch i could access all my pages as normal…


Locked