Have trouble accessing some websites, what to do?
-
Hi all
I use OPEN DNS for Dos Protection but still some trouble accessing some websites.
Link local on IPv6 works very well and and can log into admin site on web to adjust firewall settings. -
@Firewalldude89 said in Have trouble accessing some websites, what to do?:
I use OPEN DNS
ok, pfblocker and its feeds are not enough? Personal choice, ok....
@Firewalldude89 said in Have trouble accessing some websites, what to do?:
or Dos Protection
you mean "DNS" protection, I guess ;)
@Firewalldude89 said in Have trouble accessing some websites, what to do?:
but still some trouble accessing some websites.
hm, not "still", my guess, but "that's why"...
Probably those for you not working sites are on one of those blacklists in use by open DNS? Happens...false entries. Using pfblocker DNS blocking, you could change that yourself. Since I am not familiar with (now) Cisco's open DNS, not sure how you can manage that.@Firewalldude89 said in Have trouble accessing some websites, what to do?:
Link local on IPv6 works very well and and can log into admin site on web to adjust firewall settings
Does that relate in any way to your question? If so, please explain...otherwise: congrats! ;)
-
The firewall often blocks my own IP address, how to fix that?
-
What firewall ?
What interface ?When you installed pfSense, on the one and only existing interface, called LAN, there is a (one) firewall rule. It passes any traffic. no one is blocked.
These are mine :
Forget about the first 3 rules, as the first is a spocial pass rule, and the second and third are de activated.
Rules 4 and 5 should, I hope, be very obvious.These two rules - you can combine them in one - permits me to visit any host on planet earth (the Internet) and also other LAN's, and also pfSense, the GUI.
As always, there is a 'but' ... see for an example here : System >> Advanced > Admin Access :
If, for some reason, on of your LAN devices is trying to login, and fails,
And fails again.
An again .....
etc.
Then sshguard will block your IP of your device, so you can't connect to the GUI anymore for a while. -
-
-
-
Suricata ?
You made live hard on yourself, and now you wonder why ....So, the easy, fast way out : don't.
Remove it. And no more issues.To make Suricate work for you correctly, it takes time, is hard work, lots to learn. No easy way out.
It will take time.
Go figure, even after 10 years of pfSense usage, I never had time to handle this pfSense package correctly as it is an 'expert' one (IMHO), and I'm not.Have trouble accessing some websites, what to do?
and you forgot to mention : I'm using Suricata
-
@Gertjan well there is a hacker and if I remove it then he could hack me.
Use snort instead or other package? Maybe dont use computer any more
cause I keep using many hours most weeks every year being bothered
by this all though I dont have to.Maybe take a vacation..
-
Start by not allowing non trusted people on your networks. And if you have to, put them on a separated network, with no access to pfSense itself, neither your trusted LANs.
And if the networks are not yours, the problems isn't neither.
