Is the snapshots.pfsense.org site blocking my ISP?
-
Traceroute will not work properly no matter what, TCP or UDP. The firewall only lets tcp/80 through there.
The only proper test is http on port 80.
Depending on the way you accessed the site, a list of files may be normal.
-
Cool!!
I am outside house now, so I am using a SSH tunnel to reach snapshots.pfsense.org on port 80 from home. I will test better when at home, but since I can open port 80, all will be fine now.
Thank you very much, sorry for the extra work… ;)
-
in General Setup
Do not use the DNS Forwarder as a DNS server for the firewall
-
-
My pfsense shows:
Downloading new version information…done
Unable to check for updates.
Could not contact custom update server.I can telnet port 80 and it gets open.
It's not good to block ping.
-
After package capture and finding nothing I understand.
The updater tries to update with ipv6, but ipv6 is disabled.
After making an entry in DNS Forwarder (snapshots.pfsense.org=66.111.2.168) the updater works.Why will this work if not using DNS forwarder?
It's more a bug of the updater, because the other 6+ pfsenses work. It's only if there an ipv6 router on WAN and ipv6 is disabled in pfsense. -
Your IPv6 must not be fully disabled. Usually it wouldn't attempt that unless you have an IPv6 default route/gateway or a GUA IPv6 address configured somewhere.
-
I never did something with ipv6 on this pfsense. From first minute on I disabled ipv6 and it worked perfectly.
The only thing which changed is that my ISP connected ipv6 to my vlan.Know we know why it doesn't work. What to do that it will work again?
In my opinion the updater has to fall back to ipv4. -
Probably report as an issue in redmine.pfsense.org to have it not forgotten.
Probably during 2.2. roadmap it will be solved -
Issue #3152 created.
