Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problems with accessing a single specific webpage

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 2 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Caledorn
      last edited by

      Hello everyone

      I'm not sure if this is the right subforum to post this, but I suspect it is a firewall issue, so I'm posting it here anyways.

      I'm trying to connect to the webpage http://bloodbowl.nexway.com unsuccessfully - and if I remove the pfSense router as the middle-link between the network and the modem I can open the page perfectly. I have upgraded the firmware to 1.2.3-rc3, but this did not help. I have checked my firewall rules, but can't find anything in there that should trigger this. I have disabled packet shaping just to check if that would have any effect - but nothing .. I can't even ping the ip of the host from the pfSense router - I just get 100% packet loss.

      Does anyone have any clue as to what the problem might be? I'm at my wits end here .. :-(

      Thanks in advance for any helpful suggestions!

      Best Regards,
      Morten W.

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        http://forum.pfsense.org/index.php/topic,9301.msg52658.html#msg52658

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • C
          Caledorn
          last edited by

          Thank you for the link to that thread!

          Trying to ping with different MTU's on my linux box did not alleviate the problem - also the problem only relates to this single specific site, as far as I am aware of. I have never encountered this issue on any webpages I've visited until now afaik, and I've had my ISP for nearly 2 years now. :-\

          1 Reply Last reply Reply Quote 0
          • P
            Perry
            last edited by

            Check gateway, CIDR and DNS
            Can you access the following sites

            You can try this by going to http://mobile-entry.com, the site will not work as expected from behind pfsense.
            LSF in irc reported the following sites also not working: www.yr.no, www.ba.no, www.nrk.no

            /Perry
            doc.pfsense.org

            1 Reply Last reply Reply Quote 0
            • C
              Caledorn
              last edited by

              Have tried a different DNS server - still no result. CIDR I haven't checked - the gateway is identical (since it's DHCP from the ISP).

              All of the sites you linked works perfectly.

              By advice from a friend of mine who has worked with routing, I did a tracert -d and compared the results from the trace with and without the pfsense router connected - and this just doesn't make sense what so ever.

              This is the trace without the pfsense router connected :

              
              Tracing route to bloodbowl.nexway.com [87.98.202.44]
              over a maximum of 30 hops:
              
                1     5 ms    11 ms    10 ms  213.236.252.x
                2     8 ms    11 ms    10 ms  212.37.234.93
                3     9 ms    10 ms    12 ms  195.70.168.186
                4    14 ms    15 ms    15 ms  195.70.168.186
                5     8 ms    10 ms    11 ms  213.236.198.26
                6    14 ms    11 ms    10 ms  212.125.237.161
                7    12 ms    11 ms    11 ms  85.19.24.201
                8    36 ms    34 ms     *     195.69.145.231
                9    52 ms    56 ms     *     213.251.130.65
               10    87 ms   104 ms    55 ms  213.186.32.225
               11   227 ms   222 ms   160 ms  213.186.32.145
               12    53 ms    56 ms    55 ms  213.186.32.99
               13    52 ms    57 ms    56 ms  87.98.202.44
              
              Trace complete.
              
              

              This is the trace with the pfsense router connected:

              
              Tracing route to bloodbowl.nexway.com [87.98.202.44]
              over a maximum of 30 hops:
              
                1    <1 ms    <1 ms    <1 ms  10.0.1.1
                2     8 ms    11 ms    10 ms  213.236.252.x
                3     6 ms    11 ms    10 ms  212.37.234.93
                4    15 ms    10 ms    11 ms  195.70.168.186
                5     9 ms    11 ms    10 ms  195.70.168.186
                6     8 ms    11 ms    11 ms  213.236.198.26
                7     9 ms    11 ms    11 ms  212.125.237.161
                8    11 ms    10 ms    11 ms  85.19.24.201
                9   221 ms   216 ms   218 ms  195.69.145.231
               10    54 ms     *      117 ms  91.121.131.9
               11    64 ms    69 ms    56 ms  213.186.32.202
               12     *        *        *     Request timed out.
               13     *        *        *     Request timed out.
               14     *        *        *     Request timed out.
              all the way to 19 where I pressed ^C
              
              

              (The x in the ip adress is identical in both traces - just wanted to remove that single bit. smile)

              The logic in the non-identical route here simply defies me…

              1 Reply Last reply Reply Quote 0
              • C
                Caledorn
                last edited by

                The CIDR is assigned by DHCP too obviously btw.. I'm not sure how to check the actual CIDR of the dhcp allocation - the system log only says the ip address without netmask or CIDR..

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.