Problems with accessing a single specific webpage
I'm not sure if this is the right subforum to post this, but I suspect it is a firewall issue, so I'm posting it here anyways.
I'm trying to connect to the webpage http://bloodbowl.nexway.com unsuccessfully - and if I remove the pfSense router as the middle-link between the network and the modem I can open the page perfectly. I have upgraded the firmware to 1.2.3-rc3, but this did not help. I have checked my firewall rules, but can't find anything in there that should trigger this. I have disabled packet shaping just to check if that would have any effect - but nothing .. I can't even ping the ip of the host from the pfSense router - I just get 100% packet loss.
Does anyone have any clue as to what the problem might be? I'm at my wits end here .. :-(
Thanks in advance for any helpful suggestions!
Thank you for the link to that thread!
Trying to ping with different MTU's on my linux box did not alleviate the problem - also the problem only relates to this single specific site, as far as I am aware of. I have never encountered this issue on any webpages I've visited until now afaik, and I've had my ISP for nearly 2 years now. :-\
Check gateway, CIDR and DNS
Can you access the following sites
You can try this by going to http://mobile-entry.com, the site will not work as expected from behind pfsense.
LSF in irc reported the following sites also not working: www.yr.no, www.ba.no, www.nrk.no
Have tried a different DNS server - still no result. CIDR I haven't checked - the gateway is identical (since it's DHCP from the ISP).
All of the sites you linked works perfectly.
By advice from a friend of mine who has worked with routing, I did a tracert -d and compared the results from the trace with and without the pfsense router connected - and this just doesn't make sense what so ever.
This is the trace without the pfsense router connected :
Tracing route to bloodbowl.nexway.com [18.104.22.168] over a maximum of 30 hops: 1 5 ms 11 ms 10 ms 213.236.252.x 2 8 ms 11 ms 10 ms 22.214.171.124 3 9 ms 10 ms 12 ms 126.96.36.199 4 14 ms 15 ms 15 ms 188.8.131.52 5 8 ms 10 ms 11 ms 184.108.40.206 6 14 ms 11 ms 10 ms 220.127.116.11 7 12 ms 11 ms 11 ms 18.104.22.168 8 36 ms 34 ms * 22.214.171.124 9 52 ms 56 ms * 126.96.36.199 10 87 ms 104 ms 55 ms 188.8.131.52 11 227 ms 222 ms 160 ms 184.108.40.206 12 53 ms 56 ms 55 ms 220.127.116.11 13 52 ms 57 ms 56 ms 18.104.22.168 Trace complete.
This is the trace with the pfsense router connected:
Tracing route to bloodbowl.nexway.com [22.214.171.124] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 10.0.1.1 2 8 ms 11 ms 10 ms 213.236.252.x 3 6 ms 11 ms 10 ms 126.96.36.199 4 15 ms 10 ms 11 ms 188.8.131.52 5 9 ms 11 ms 10 ms 184.108.40.206 6 8 ms 11 ms 11 ms 220.127.116.11 7 9 ms 11 ms 11 ms 18.104.22.168 8 11 ms 10 ms 11 ms 22.214.171.124 9 221 ms 216 ms 218 ms 126.96.36.199 10 54 ms * 117 ms 188.8.131.52 11 64 ms 69 ms 56 ms 184.108.40.206 12 * * * Request timed out. 13 * * * Request timed out. 14 * * * Request timed out. all the way to 19 where I pressed ^C
(The x in the ip adress is identical in both traces - just wanted to remove that single bit. smile)
The logic in the non-identical route here simply defies me…
The CIDR is assigned by DHCP too obviously btw.. I'm not sure how to check the actual CIDR of the dhcp allocation - the system log only says the ip address without netmask or CIDR..