Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfsense blocking certain/some sites

    Scheduled Pinned Locked Moved General pfSense Questions
    74 Posts 7 Posters 16.7k Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      Gurveer @stephenw10
      last edited by Gurveer

      @stephenw10 tthanks pal www.bsnl.co.in started opening after doing dns lookup but portal.bsnl.in, portal.bsnl.in are not opening.pls help

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        Do those resolve correctly in pfSense? In Diag > DNS Lookup?

        R G 2 Replies Last reply Reply Quote 0
        • R Offline
          rcoleman-netgate Netgate @stephenw10
          last edited by

          @stephenw10 There is another thread about this here: https://forum.netgate.com/topic/174426/pfsense-blocking-some-sites/6

          Ryan
          Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
          Requesting firmware for your Netgate device? https://go.netgate.com
          Switching: Mikrotik, Netgear, Extreme
          Wireless: Aruba, Ubiquiti

          1 Reply Last reply Reply Quote 1
          • G Offline
            Gurveer @stephenw10
            last edited by Gurveer

            @stephenw10 all three getting resolved but only bsnl.co.in opens in browser rest two portal.bsnl.in,
            portal2.bsnl.in aint opening in browser (tho getting resolved)

            1 Reply Last reply Reply Quote 0
            • stephenw10S Offline
              stephenw10 Netgate Administrator
              last edited by stephenw10

              What error is shown when you try?

              Did you try multiple browsers?

              Do you see any blocked traffic to/from the IPs they resolve to?

              More generally:
              https://docs.netgate.com/pfsense/en/latest/troubleshooting/website-access-issues.html

              Steve

              G 1 Reply Last reply Reply Quote 0
              • G Offline
                Gurveer @stephenw10
                last edited by

                @stephenw10 ya i tried safari opera edge brave but non worked the most common error is dns not found but in opnsense these websites works fine idk where problem is cz its fresh install(also tried everything from link you mentioned)

                1 Reply Last reply Reply Quote 0
                • stephenw10S Offline
                  stephenw10 Netgate Administrator
                  last edited by

                  So it's still intermittently failing to resolve?

                  Does it resolve reliably in Diag > DNS Lookup?

                  What error do you see when it does resolve?

                  Steve

                  bingo600B 1 Reply Last reply Reply Quote 0
                  • bingo600B Offline
                    bingo600 @stephenw10
                    last edited by

                    @stephenw10
                    I have no issues w. those sites ...
                    See
                    https://forum.netgate.com/post/1064413

                    If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

                    pfSense+ 23.05.1 (ZFS)

                    QOTOM-Q355G4 Quad Lan.
                    CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                    LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S Offline
                      stephenw10 Netgate Administrator
                      last edited by

                      Yup, works fine for me too.

                      So this looks like either something in your config or in your route.

                      It's probably not a firewall rule issue though so it would be better to continue here IMO.

                      You need to try to determine exactly what is failing.

                      Steve

                      G 1 Reply Last reply Reply Quote 0
                      • G Offline
                        Gurveer @stephenw10
                        last edited by

                        @stephenw10 im kind of noob here also its fresh install just upgraded to plus from ce(sites aint working in both) but in opnsense(fresh install) it works idk whats problem is please help guys tho clinging to opnsense aint any issue but opnsense aint got alias bandwidth limiting

                        bingo600B 1 Reply Last reply Reply Quote 0
                        • stephenw10S Offline
                          stephenw10 Netgate Administrator
                          last edited by

                          @stephenw10 said in pfsense blocking certain/some sites:

                          So it's still intermittently failing to resolve?
                          Does it resolve reliably in Diag > DNS Lookup?
                          What error do you see when it does resolve but still fails to open?

                          Same questions. ^ šŸ˜‰

                          G 1 Reply Last reply Reply Quote 0
                          • bingo600B bingo600 referenced this topic on
                          • bingo600B Offline
                            bingo600 @Gurveer
                            last edited by bingo600

                            @gurveer
                            What happens if you go directly to the website via the ip address ?

                            https://117.239.179.10/
                            

                            You might have to accept (make an exception) on the certificate , as the cert will only match the below marked domains.

                            c478b3af-0e08-4623-be3b-26d447c004e6-image.png

                            After allowing an exception for the website i see this

                            dca61f03-6ee3-4c08-9459-8a801e7d8814-image.png

                            What do you see ???

                            Edit:
                            And just to recap.
                            Do you still have DNS issues ?

                            Or does a

                            nslookup portal.bsnl.in
                            

                            Return the ip address : 117.255.216.68

                            Edit2:
                            Did we ever see OP's Unbound Config screenshots and the System --> General setup "DNS section" setup screenshots ??

                            /Bingo

                            If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

                            pfSense+ 23.05.1 (ZFS)

                            QOTOM-Q355G4 Quad Lan.
                            CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                            LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

                            G 2 Replies Last reply Reply Quote 1
                            • bingo600B bingo600 referenced this topic on
                            • bingo600B bingo600 referenced this topic on
                            • stephenw10S Offline
                              stephenw10 Netgate Administrator
                              last edited by

                              Mmm, this still feels like a DNS problem until we can prove conclusively it's not!

                              1 Reply Last reply Reply Quote 0
                              • G Offline
                                Gurveer @bingo600
                                last edited by

                                @bingo600 like you said it opened after using ip https://117.239.179.10/ instead portal2.bsnl.in now what to do?

                                1 Reply Last reply Reply Quote 0
                                • G Offline
                                  Gurveer @stephenw10
                                  last edited by

                                  @stephenw10 its resolves in diag>dns lookup but aint opening in browser when using portal2.bsnl.in and this is the error i get on browser "This site can’t be reached portal.bsnl.in’s DNS address could not be found. Diagnosing the problem.
                                  DNS_PROBE_POSSIBLE"

                                  stephenw10S 1 Reply Last reply Reply Quote 0
                                  • G Offline
                                    Gurveer @bingo600
                                    last edited by Gurveer

                                    @bingo600 where to find unbound configurations and screenshot of dns setup is here!Screenshot 2022-10-03 at 10.58.57 PM.png

                                    V 1 Reply Last reply Reply Quote 0
                                    • V Offline
                                      viragomann @Gurveer
                                      last edited by

                                      @gurveer
                                      This is the DNS server used by pfSense itself.

                                      The DNS resolver requests root DNS servers by default. But you can set it into the forwarder mode, so that it forward queries to even the DNS server stated in general setup.
                                      To enable forwarding mode go to Services > DNS Resolver and check "DNS Query Forwarding".

                                      Ensure that you browser uses pfSense for DNS resolution, not some DoH servers.

                                      G 1 Reply Last reply Reply Quote 1
                                      • stephenw10S Offline
                                        stephenw10 Netgate Administrator @Gurveer
                                        last edited by

                                        @gurveer said in pfsense blocking certain/some sites:

                                        its resolves in diag>dns lookup

                                        What is the actual result of that test? All configured DNS servers respond? In a timely manner?

                                        If pfSense can resolve that (on all it's comfigured servers) and your client cannot then the only conclusion is that your client is not using pfSense for DNS.

                                        Steve

                                        G 1 Reply Last reply Reply Quote 1
                                        • G Offline
                                          Gurveer @viragomann
                                          last edited by

                                          @viragomann thanks it worked (tho disabled dns resolver )btw what does this dns forwarding means ?

                                          V stephenw10S 2 Replies Last reply Reply Quote 0
                                          • G Offline
                                            Gurveer @stephenw10
                                            last edited by

                                            @stephenw10 @bingo600 @rcoleman-netgate @viragomann thanks alot you guys for helping and bearing me so long 😁

                                            bingo600B 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.