Please Help Me Under Stand! What The Issue IS.

stephenw10

Ok good. That's useful, if broken! So there are no responses at all coming back from the remote server. Even to the initial TCP SYN (0 bytes).

Run that same capture but on the WAN. Make sure it is leaving correctly and check for any replies there.

Steve

lawrence1986

@stephenw10 here

11:00:54.493655 IP 24.236.182.222.59906 > 104.255.105.79.443: tcp 0
11:00:54.765867 IP 24.236.182.222.59994 > 104.255.105.79.443: tcp 0
11:00:55.503407 IP 24.236.182.222.59906 > 104.255.105.79.443: tcp 0
11:00:55.779869 IP 24.236.182.222.59994 > 104.255.105.79.443: tcp 0
11:00:57.062375 IP 24.236.182.222.59893 > 104.255.105.79.443: tcp 0
11:00:57.334214 IP 24.236.182.222.59830 > 104.255.105.79.443: tcp 0
11:00:57.518465 IP 24.236.182.222.59906 > 104.255.105.79.443: tcp 0
11:00:57.795553 IP 24.236.182.222.59994 > 104.255.105.79.443: tcp 0
11:00:58.072388 IP 24.236.182.222.59893 > 104.255.105.79.443: tcp 0
11:00:58.348850 IP 24.236.182.222.59830 > 104.255.105.79.443: tcp 0
11:01:00.072859 IP 24.236.182.222.59893 > 104.255.105.79.443: tcp 0
11:01:00.349552 IP 24.236.182.222.59830 > 104.255.105.79.443: tcp 0
11:01:01.519477 IP 24.236.182.222.59906 > 104.255.105.79.443: tcp 0
11:01:01.796813 IP 24.236.182.222.59994 > 104.255.105.79.443: tcp 0
11:01:04.087835 IP 24.236.182.222.59893 > 104.255.105.79.443: tcp 0
11:01:04.364173 IP 24.236.182.222.59830 > 104.255.105.79.443: tcp 0
11:01:09.527871 IP 24.236.182.222.59906 > 104.255.105.79.443: tcp 0
11:01:09.805082 IP 24.236.182.222.59994 > 104.255.105.79.443: tcp 0
11:01:12.095480 IP 24.236.182.222.59893 > 104.255.105.79.443: tcp 0
11:01:12.371567 IP 24.236.182.222.59830 > 104.255.105.79.443: tcp 0
11:01:19.133831 IP 24.236.182.222.59895 > 104.255.105.79.443: tcp 0
11:01:19.403173 IP 24.236.182.222.59983 > 104.255.105.79.443: tcp 0
11:01:20.139724 IP 24.236.182.222.59895 > 104.255.105.79.443: tcp 0
11:01:20.417062 IP 24.236.182.222.59983 > 104.255.105.79.443: tcp 0

johnpoz

@lawrence1986 so pfsense sends then traffic and you get no answer.

So maybe they don't like your IP. When you change the device connected to your isp modem.. You would get a different public IP normally because the mac address changes.

That could explain your problem. Change the mac of pfsense interface connect to the wan - you could do this by swapping the wan/lan interfaces - or you could clone a mac address. You want that 24.236.x.x address to be different..

But what you posted there pfsense is sending on the traffic - and your just not getting a response - so no it wouldn't work.

lawrence1986

@lawrence1986 I can try that... explain how? directions of any type would be greatly appreciated

lawrence1986

@johnpoz im going to try to change these interfaces first. that seems to be the simplest

stephenw10

Yes, seems like something is refusing your IP and since the other router works it's probably at the remote end. This is a good result, we have found a definite problem.
Swapping the WAN and LAN assignments is probably easiest.

If you spoof the MAC address from the other router onto the existing WAN though you will get that same WAN IP which you know works. You can do that in Interfaces > WAN but of course you need to find the MAC from the other router.

Steve

lawrence1986

Do you prefer good or bad news? The good news is that the issues appear to be completely resolved. The bad news is that I can't fight you all anymore.

johnpoz

@lawrence1986 so how much did your IP change, just the last octet, or some completely different range.

Very odd that ip Y works, but X does not.. If your whole IP range changed - it could point to a problem with the isp routing and not site blocking you.

Would be interesting to do a traceroute with it working, and then when it doesn't to see if actually get there via 1 address, but die somewhere early with the other.

Also curious to know if with the different IP if your still seeing disconnections or high packet loss in pfsense via dpinger?

lawrence1986

@johnpoz I just switched interfaces like someone said then went to pfsense and just switched the wires

johnpoz

@lawrence1986 yeah that is what I said to do ;) What I am asking is how much did the wan IP change.. just by say the last number - or is it completely different range.

lawrence1986

@stephenw10 The other question for yall is: Should I upgrade the modems to the new and improved DOCSIS 3.1?

lawrence1986

@johnpoz 24.236.182.222 to 24.xxx.xxx.18 it jumped quite a bite

johnpoz

@lawrence1986 said in Please Help Me Under Stand! What The Issue IS.:

Should I upgrade the modems to the new and improved DOCSIS 3.1?

What speeds do you pay for - do you rent or own your modem? While docsis 3.1 is current, and most isp should really be changing out all the older 3.0 ones.

If your on a low speed connection, its not going to make much difference from your point of view. If you pay for 100/10 and you get 100/10 there would be little reason for you to change it out. Now if you pay for gig/X and your not seeing gig/X then yeah a change could help.

But then again - do you just rent it from your isp, or did you buy it out of pocket?

johnpoz

@lawrence1986 with such a change - that could be related to an ISP routing issue then, and not the site actually blocking you.

You might want to bring up the issue with your isp..

lawrence1986

@johnpoz It's a spectrum, they can give two fucks without trying to be mean, but they don't care, they sell their own shit, and they'll also tell you that any brand of Walmart router won't work, but I've had so many brands over the years that it's crazy how I know PFSense should work and when it doesn't, I'm like fuck all.

lawrence1986

@johnpoz But since we're still talking, I'm trying to route all my traffic from pfsense to my adguard.

Bob.Dig

@lawrence1986 So you're running a firewall appliance for businesses and your own adguard home and you can't make screenshots on your computer? How come?

johnpoz

@lawrence1986 said in Please Help Me Under Stand! What The Issue IS.:

I'm trying to route all my traffic from pfsense to my adguard.

That would be just a dns forward if you want clients that ask pfsense for dns, and you want pfsense to ask adguard dns.

lawrence1986

@bob-dig It's always been a thing. Besides, I have three monitors, and I'm the same with Discord. I learned through doing and repeating. I have no ideal, and I was born like this. My dad was the same way. My dad couldn't read or write. He could, however, rebuild small engines and high-horsepower cars without a college degree in the 1970s and 2000s. My mom, on the other hand, could read and write and had all the good habits that my dad didn't have. I really can't explain it. It's just always been a thing. I never let it slow me down, though.

lawrence1986

@bob-dig I have DNS forward enabled, Register DHCP leases in DNS forwarder, Query DNS servers sequentially,Interfaces,all