URGENT: Can't use any website with HTTPS…. (Port 443)
-
Thanks for confirming that this is not a bug, I have checked the STATES and this is what I'm getting:
tcp 141.92.131.9:443 <- 192.168.1.107:52990 CLOSED:SYN_SENT
tcp 192.168.1.107:52990 -> 141.92.131.9:443 SYN_SENT:CLOSEDI have checked another computer on my network that is using the same route to the internet as the pfsense server and https sites work. Therefore I know this is not a problem with my internet connection and there must be an issues with the pfsense.
Regards
Matt -
I have checked another computer on my network that is using the same route to the internet as the pfsense server and https sites work. Therefore I know this is not a problem with my internet connection and there must be an issues with the pfsense.
Does this mean, that in the same subnet is another computer what can browse internet normally and uses pfsense as gateway also?
What does packetcapture/firewall logs say? -
No, The computer is on the same subnet but I simply wanted to check that my internet connection was working fine with using HTTPS:// and it did work fine. So I can rule out there any problems on my network as the previous guy suggested.
Which seems that it's something to do with pfsense - I checked the Firewall log and it showed no indication of any problems.
-
Are you having manual outbound nats?
As an example:
I had one setup where one subnet didn't work two others did. I had put manual outbound nats, each subnet had own public ip. After few posts with wallabybob "we" found the problem.
Same public address were given to modem and that catched replied traffic to itself.
So thats why i asked packetcaptures -
Hi Metu69salemi,
I've just left it set to automatic, But I'm open to suggestions. I checked packetcapture and i could see the site getting requested from the IP address of my pfsense box.
Could you detail the steps that you tried?
Regards
Matt -
Can you see any replies from that site?
-
Ok here is the result,
The site that requires 443 is http://www.natwest.com
10.18.52.16 is the WAN NIC on the pfsense
10.18.52.9 is my gatewayFor some reason on line 70 it says that the http has moved?
-
Something to read about: http://www.checkupdown.com/status/E302.html
Something more: http://www.google.com/support/forum/p/Webmasters/thread?tid=024ead20b6787856&hl=enOnly one thing bothers me, you said that only one client is having this problem. What about browser setups with these computers(working and non-working version)
-
Thanks for the update I will have a look at the links provided, much appreciated.
In response to your question, sorry all clients on the pfsense network are unable to browse to https://sites.
-
Matt,
was that packet capture taken on the LAN or WAN interface of your pfsense?
If it was taken on WAN, it might look like 443/tcp is being filtered upstream, since the TCP SYN is never responded to.
I don't understand however why the destination address of the HTTP GET is 10.18.52.9 (Your pfsense), the destination address for that packet should be 155.136.80.213 (www.natwest.com). If you perform an nslookup on www.natwest.com from your PC, what address does that hostname resolve to? Do you by any chance override DNS in any way?
- Andreas