Amazon Kindle 3 Blocked by pfSense
-
What version of the Kindle OS? Prior to 3.0.3, there is an issue if your DNS server is in the same subnet as the Kindle but not located on the default gateway. In this situation the Kindle sends the packets to the default gateway instead of the correct DNS server, then displays a relatively useless error message.
If this describes your network, either upgrade to 3.0.3 pre-release from http://www.amazon.com/gp/help/customer/display.html/?nodeId=200529700 (installable via USB cable), or hardcode a wifi IP, the appropriate default gateway and either your pfSense box (if you run DNS forwarder) or 8.8.8.8 (Google DNS) as a DNS server.
-
Insert Quote
What version of the Kindle OS? Prior to 3.0.3, there is an issue if your DNS server is in the same subnet as the Kindle but not located on the default gateway. In this situation the Kindle sends the packets to the default gateway instead of the correct DNS server, then displays a relatively useless error message.If this describes your network, either upgrade to 3.0.3 pre-release from http://www.amazon.com/gp/help/customer/display.html/?nodeId=200529700 (installable via USB cable), or hardcode a wifi IP, the appropriate default gateway and either your pfSense box (if you run DNS forwarder) or 8.8.8.8 (Google DNS) as a DNS server.
Thanks for the reply. The first thing I did when trying to troubleshoot this was update the Kindles to version 3.0.3.
I just tried hardcoding the network information on the kindle and using the google DNS server. No luck.
Default pfSense 2.0 setup - Kindle can browse store but cannot sync or download books on WiFi.
Default pfSense 1.2.3 setup - Kindle works fine.
-
In that case I don't have much else to suggest. We've got a couple Kindle 3s on 3.0.3 here, initially on pfSense 1.2.3 and now on 2.0-BETA4 (Built On: Thu Dec 23 13:17:58 EST 2010), both work fine.
My device is wifi-only so there's no possibility of a 3G failover or anything else happening, things "just work"
-
@The:
In that case I don't have much else to suggest. We've got a couple Kindle 3s on 3.0.3 here, initially on pfSense 1.2.3 and now on 2.0-BETA4 (Built On: Thu Dec 23 13:17:58 EST 2010), both work fine.
My device is wifi-only so there's no possibility of a 3G failover or anything else happening, things "just work"
Mine are both wifi + 3G… But they don't failover I have to turn wifi off in order to download books with 2.0. Since yours are working I had better clean install the latest 2.0 and try again...
Thanks again and Merry Christmas, Happy New Year
-
I just got a kindle3 wifi for christmas and it too works fine with 2.0.
-
I just got a kindle3 wifi for christmas and it too works fine with 2.0.
Are you able to actually download books over wifi? I can browse the store and buy them, but the download just sits forever at "pending"… On pfSense 1.2.3 the download would authenticate and occur instantly.
-
I tested delivering a book sent via email, and also downloading a new book (although it was already purchased and downloaded to another Kindle on our account, but had never been downloaded to my Kindle yet)
So at least in my case, yes, downloading books works as does synchronizing (to update my place across devices)
-
Working fine here - of course I don't have the 3G kindle, so that is one less variable…
-
I emailed the packetcapture.cap file to you as requested. While the capture was running I tried several times to get the Kindle to Sync. I also rebooted the Kindle and then tried to sync again.
From the packet capture, I can see packet loss but no indications as to where that's occurring. The Kindle is retransmitting several times and not getting any response. Repeat that capture on the WAN instead, and minimize any other Internet traffic as you can't easily filter that down to just the Kindle's traffic, and send me that pcap.
-
@cmb:
From the packet capture, I can see packet loss but no indications as to where that's occurring. The Kindle is retransmitting several times and not getting any response. Repeat that capture on the WAN instead, and minimize any other Internet traffic as you can't easily filter that down to just the Kindle's traffic, and send me that pcap.
CMB - I am a little new to all of this. Would I set the IP to capture as the gateway address (ie. 192.168.1.1) or my actual public IP address supplied by the ISP?
Thanks,
-
Public side would be your WAN interface AKA yes the real IP assigned by your ISP to you WAN on the pfsense box. Need to see if pfsense is sending those packed out to Amazons server.
