Google.com blocked but local google domains are not....
-
Still need to see exactly what's happening there.
Previously it looked like you could ping www.google.com but fetch returned 'no route to host' which seems impossible!
Try doing those things consecutively.Steve
-
@cool_corona Ohh that’s a shame. I use Ubuntu laptop for diagnostic purposes as it’s lot easier. Windows got their mindset and make life harder at times.
Did you check any other search engines I.e bing
-
@rameshk said in Google.com blocked but local google domains are not....:
@cool_corona Ohh that’s a shame. I use Ubuntu laptop for diagnostic purposes as it’s lot easier. Windows got their mindset and make life harder at times.
Did you check any other search engines I.e bing
Anything else than google.com works no issues.
-
@stephenw10 said in Google.com blocked but local google domains are not....:
Still need to see exactly what's happening there.
Previously it looked like you could ping www.google.com but fetch returned 'no route to host' which seems impossible!
Try doing those things consecutively.Steve
Indeed it should be impossible but its apparently not.
-
@cool_corona
Please check DNSBL whitelist to see whether there is any entry for google.comIt looks like google.com is blocked somewhere unintentionally.
Packet capture and Wireshark are your friends. Keep us updated.
Wish you good luck.
-
Can you show us the output of those two tests at the pfSense CLI?
-
@rameshk said in Google.com blocked but local google domains are not....:
@cool_corona
Please check DNSBL whitelist to see whether there is any entry for google.comIt looks like google.com is blocked somewhere unintentionally.
Packet capture and Wireshark are your friends. Keep us updated.
Wish you good luck.
They are
-
@stephenw10 said in Google.com blocked but local google domains are not....:
Can you show us the output of those two tests at the pfSense CLI?
Hi
What tests exactly?
-
@Cool_Corona , try manual add your DNS servers on network properties .
e.g. Quad9 : 9.9.9.9 and 149.112.112.112After that, blocked your local Global Google Cache (GGC) ip ranges that are being use by your ISP.
google.com and www.google.com both are the same.
-
-
Forwarding to root servers ?
Now that's something I've missed in the pfSense manual .......
-
Mmm, yeah don't do that. Just use Unbound in resolving mode at least as a test.
Make sure you do not have dns behavior set to ignore local DNS in General Setup.However 'no route to host' is not a DNS problem.
Please run at the console:
ping www.google.com
then
fetch -o /dev/null https://www.google.com
From you previous responces it looks like the ping succeeded but fetch shows no route to host which is hard to believe.
Steve
-
-
Aha, permission denied!
Something is blocking the traffic. No 1 suspect is Snort/Suricata since it's from the firewall itself.
Are you running either of those? Or may be were and the blocked hosts table still has entries?
Steve
-
@stephenw10 I bet its because I dont allow ping on the interface. It resolves the IP as it should.
-
@cool_corona said in Google.com blocked but local google domains are not....:
I bet its because I dont allow ping on the interface
What? You have something borked up that is for sure.. Have zero clue to what your attempting with those dns settings... That in a million years would never work, those servers are not recursive..
-
Permission denied like that is almost always blocked outbound traffic and there is not much that can do that. But Snort is something that can. Are running it?
Steve