Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Error 64 Host Down

    General pfSense Questions
    4
    24
    5945
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Hemant last edited by

      I have error 64 Host Down for some websites.
      Any Solution ??

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        We would need a lot more information to begin to provide an answer to that.  ;)
        What version of pfSense? Which install type? What WAN connection? What hardware? Which websites? etc.

        Steve

        1 Reply Last reply Reply Quote 0
        • H
          Hemant last edited by

          Its PfSense 2.0.1 i386 install on intel p4 machine with two wan connection and 1 lan connection 320 gb harddisk 2 gb ram and website is www.rediff.com, www.btraindia.com,www.fibre2fashion.com and www.apparelntextile.com and also lot more
          I also install proxy server on it my half of network work on proxy and other as a pfsense internet gateway.
          Also i have problem with MS outlook it some time not send receive mail some time it send receive mail but actually no mail download. i configure gmail in outlook with 995 pop3 port and 587 smtp both ports are open before pfsense i use ipcop 1.4 the outlook and above web sites are works fine with ipcop.

          Hemant

          1 Reply Last reply Reply Quote 0
          • C
            cmb last edited by

            My first guess is you may have a grossly wrong subnet mask on one of your interfaces, like if you have a /1 or a /4 or anything else that's way too big it'll think a big chunk of the Internet should be locally reachable and it of course isn't. Verify your subnet mask on all interfaces is correct.

            1 Reply Last reply Reply Quote 0
            • H
              Hemant last edited by

              i verify my default wan is in static connection and opt connection is dynamic pppoe connection and lan is 192.168.2.0/24

              1 Reply Last reply Reply Quote 0
              • stephenw10
                stephenw10 Netgate Administrator last edited by

                Are you using load balancing or fail over?
                You could try switching the default wan to the pppoe connection. If it is a subnet mask problem its much more likely to be on the static connection.
                What is the history of these connections? Are you setting this up from scratch or replacing something with pfSense?

                Steve

                1 Reply Last reply Reply Quote 0
                • H
                  Hemant last edited by

                  ya i was try switching the connection and also no fail over. I have some Diagnostic about the web site www.apparelntextile.com  its ip is 118.67.248.134

                  tcp 115.115.82.139:21897 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21899 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21900 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21910 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21911 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21912 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21923 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21924 -> 118.67.248.134:80 SYN_SENT:CLOSED
                  tcp 115.115.82.139:21925 -> 118.67.248.134:80 SYN_SENT:CLOSED


                  1 Reply Last reply Reply Quote 0
                  • stephenw10
                    stephenw10 Netgate Administrator last edited by

                    Some websites really don't play nicely with load balancing.
                    Try disabling it or try switching the default WAN as I suggested.

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • H
                      Hemant last edited by

                      As you mention i use to disable wan and use pppoe opt wan but still the error comes.Then i use only wan; no opt wan,no load balancing, no fail over but no solution also i use to chk 8.8.8.8 and 8.8.4.4 dns . Here my opinion that something is blocking the traffic in pfsense to this website.Is there anything that i diagnosis the pf-sense traffic????

                      Thanks
                      Hemant

                      1 Reply Last reply Reply Quote 0
                      • stephenw10
                        stephenw10 Netgate Administrator last edited by

                        Are you still running squid proxy? Try disabling it.

                        Steve

                        1 Reply Last reply Reply Quote 0
                        • H
                          Hemant last edited by

                          ya i chk it disabling the proxy server then its shows "The server at apparelntextile.com is taking too long to respond."


                          1 Reply Last reply Reply Quote 0
                          • stephenw10
                            stephenw10 Netgate Administrator last edited by

                            You may have to reset the firewall states so that traffic is not sent via squid.
                            Diagnostics: States: Reset states:

                            Steve

                            1 Reply Last reply Reply Quote 0
                            • H
                              Hemant last edited by

                              If i reset it then all settings will remove from firewall rules and port forwarding ??

                              1 Reply Last reply Reply Quote 0
                              • M
                                maverick_slo last edited by

                                No.
                                This will just reset states, no configuration changes will occur…

                                1 Reply Last reply Reply Quote 0
                                • H
                                  Hemant last edited by

                                  ok now i try it stop my squid server service reset firewall rules but i have same problem. But now i can browse www.rediff.com not the www.apparelntextile.com. Is any thing that i can bypass the the pfsense all rules for the particular web sites for ex. www.apparelntextile.com

                                  1 Reply Last reply Reply Quote 0
                                  • stephenw10
                                    stephenw10 Netgate Administrator last edited by

                                    If you find out what is causing the problem you can put rules in place to avoid it.  You can exclude specific sites from being cached or use a single wan for example. Since you disabled both these things it must be something else.  :-\

                                    Steve

                                    1 Reply Last reply Reply Quote 0
                                    • H
                                      Hemant last edited by

                                      lots of thanks Steve and maverick ; I will last try on weekends that reinstalling pfsense using single wan without squid server and then try it. If its works then i will go with pfsense or i will remains with my old one ipcop. :(

                                      Thanks again

                                      1 Reply Last reply Reply Quote 0
                                      • stephenw10
                                        stephenw10 Netgate Administrator last edited by

                                        Take it one step at a time.
                                        Start with the most basic install you can, one WAN one LAN no proxy. Check everything is working.
                                        Add features one at a time testing in between each addition.

                                        Steve

                                        1 Reply Last reply Reply Quote 0
                                        • H
                                          Hemant last edited by

                                          ok thanks if it's success i will post.

                                          1 Reply Last reply Reply Quote 0
                                          • H
                                            Hemant last edited by

                                            i chk in Diagnostics: Tables then i see that
                                            112.0.0.0/5
                                            175.100.137.104
                                            192.168.2.0/24
                                            but the 112.0.0.0/5 is not belongs from any network so is this can affect the firewall to opening the some sites?


                                            1 Reply Last reply Reply Quote 0
                                            • stephenw10
                                              stephenw10 Netgate Administrator last edited by

                                              Hmm. Negate_networks should contain static routes, vpns and directly connected networks.
                                              Have you added this subnet anywhere?

                                              112.0.0.0/5 certainly contains the address of www.apparelntextile.com.
                                              Try removing it and resetting the firewall states. I have no idea how it got there (pushed to you from your ISP?).

                                              Steve

                                              1 Reply Last reply Reply Quote 0
                                              • H
                                                Hemant last edited by

                                                ya i done it :D i change the subnet mask of wan interface and now it works fine all sites are opening and the speed of browsing also increased.
                                                Thanks Steve

                                                Hemant

                                                1 Reply Last reply Reply Quote 0
                                                • stephenw10
                                                  stephenw10 Netgate Administrator last edited by

                                                  I don't know if I actually helped much.  ::)

                                                  For future reference what did you change the subnet mask from/to?

                                                  Steve

                                                  1 Reply Last reply Reply Quote 0
                                                  • H
                                                    Hemant last edited by

                                                    Its 112.0.0.0/5  to  ..*.0/29 actually its my mistake that the subnet mask i put was wrong  ;)
                                                    I don't know how its happened but now the problem is solved.

                                                    Hemant

                                                    1 Reply Last reply Reply Quote 0
                                                    • First post
                                                      Last post