Pfsense blocks some websites
-
Hi All,
** I have tried all the options recommended in this http://doc.pfsense.org/index.php/Unable_to_Access_Some_Websites
I have been plagued with this problem for over 3 months now. Pfsense blocks some websites such as
godaddy.com
staples.com
abebooks.com
u3.comI have disabled/unticked
–Block Private networks
--Block bogon networksHowever a few sites refuse to load. Has any one came across this before ? Please make any suggestions, would just like to start going in the right direction
** I am using pfsense 1.2.3 final. I have also tried pfsense 2.0 Beta, but still the same result
Thanks
-
First are you running a proxy or snort?
Have you disabled all addons?
Are you able to resolve the sites, (ping them)?
Lastly your MTU may be affecting your access, I have seen it before if your MTU is set incorrectly. Contact your ISP for more info on that.Blocking private or bogon networks will not affect your web access, I recommend you leave those enabled.
http://doc.pfsense.org/index.php/Unable_to_Access_Some_Websites is a great source, are you sure you exhausted all points mentioned in the documentation?
-
Assuming you're not using squid, this sounds exactly like an MTU problem. What is your MTU set to?
-
Thank you both for your replies, its really appreciated
@ tommyboy180
I just reinstalled the firewall
We do not have any proxy nor snort.
We have installed no plugins
Yes I am able to resolve all sites, meaning I get a reply when I ping them.I followed the MTU as suggested on the "Unable to access..", currently set to 1500. Have tried others just to try them in the 1400-1500 range but still no joy.
The only option that i will say that I have not tried is
"If you are using pfSense 1.2.3-RC3 or earlier, there was a rare bug in some snapshots which was corrected shortly after RC3 that can cause connectivity issues to certain sites when using 1:1 NAT or multi-wan. See here for more info. Update to 1.2.3-RELEASE and try again"I currently using 1.2.3-RELEASE built on Sun Dec 6 23:21:36 EST 2009, so i assumed that would have been fixed. I do however though have multiple wan and 1:1 NAT
@submicron
Thanks , I tried the MTU, however I will try again
Do you guys have any other suggestions on how I could go about diagnosing this problem ?
-
Update.
I just realized that all webpages loads fine within the DMZ and WAN. The only place where the web pages dont load completely are on the LAN. I am going to re examine all machines on the local network to see if there are any machines that might be causing this problem
However do you have any other suggestions ?