Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Certain destinations unreachable

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 3 Posters 704 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DanAugust
      last edited by

      Starting a week ago, I started having issues connecting to destinations for a business that I support. This only occurs while behind my Netgate 1100. If I replace my Netgate 1100 with an off-the-shelf Linksys home router, I am able to connect to my problem destinations perfectly. I have saved my running configuration and set my 1100 back to its factory settings with a minimal setup afterward (just to get to the Internet), but it still won't connect to these destinations. Virtually all employees of this company work remotely and have no issues connecting to these destinations. The issue only occurs (it seems) to my devices while behind the 1100.

      I don't know why my 1100 is stopping these particular destinations and nothing else. So far, I have not had any issues connecting to any other destination on the Internet.

      Version Info: 22.05-RELEASE (arm64)
      built on Wed Jun 22 18:56:18 UTC 2022
      FreeBSD 12.3-STABLE

      R 1 Reply Last reply Reply Quote 0
      • R
        RobH 0 @DanAugust
        last edited by

        @danaugust Sounds like a DNS issue. Have you tried pinging the URL you are trying to connect to?

        D 1 Reply Last reply Reply Quote 0
        • D
          DanAugust @RobH 0
          last edited by

          @robh-0
          Pings are successful. DNS resolution is accurate.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Potentially something with IPv6. Your ISP enabled it partially for example and pfSense is now trying to use it?

            How are you trying to connect? What error do you see?

            Can you ping or traceroute to those destination from a client?

            Can you ping or traceroute to those destination from pfSense?

            Steve

            D 1 Reply Last reply Reply Quote 0
            • D
              DanAugust @stephenw10
              last edited by DanAugust

              @stephenw10
              Thanks for the brainstorming, but I resolved it! The Watchguard firewall at the business site flagged my IP as performing a port scan attack and put my IP on a blacklist. I removed it from the list, and now I am connecting as I should. If I lose access again, I will at least know where to look, and if my IP gets added to the blacklist again, I will at least have a starting place to troubleshoot. You know, it still is not making much sense because replacing my 1100 with a home router didn't change my IP address on the modem that I get from Comcast, but I was able to connect...

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Hmm, yeah seems odd.
                Maybe you can whitelist your IP (or dyndns name) to prevent it.

                Steve

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.