Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web Site Not Loading: BetFair

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      ukhost4u
      last edited by

      Hello.

      We are currently using the latest release of pfsense in transparent on part of our network. This has been working good for us but we have had a customer report that using Remote Desktop they are unable to visit the web site: https://identitysso.betfair.com/view/login

      When we attempt this from one of our own Remote Desktop servers we can confirm that only parts of the site load and it would seem that the firewall is blocking it. I looked in the firewall logs and could see some of the content being blocked by the default system deny rule but I do already have rules in place to allow simple port: 443 and 80 traffic which we don't restrict.

      It would seem something else is going on here, as even though we are allowing this traffic correctly under the rules pfsense still seems to want to block it.

      Has anyone else had this problem and does this URL load correctly from your pfsense firewall? Any ideas would be great.

      Thanks,

      Paul Hughes
      Senior Manager
      http://www.ukhost4u.co.uk/

      1 Reply Last reply Reply Quote 0
      • U
        ukhost4u
        last edited by

        I might have actually got to the bottom of this. It would seem it was SNORT which was blocking the web site from fully loading due to the rule:

        ET POLICY Dropbox.com Offsite File Backup in Use

        I am a little confused though why this rule would effect a web sites ability to load?

        Paul.

        1 Reply Last reply Reply Quote 0
        • U
          ukhost4u
          last edited by

          OK well, we have the web site loading in the browser now but the client is using an API call to betfair and its still being rejected.

          We have looked for both the local server IP and the remote side IP in the firewall block logs but nothing is being logged at all. It is the firewall though as when we disable Disable all packet filtering, it starts to work without any errors.

          My question is, does PFSense adjust https / tls traffic and cause some providers to reject the traffic as maybe it has been adjusted or something added which it was not expecting.

          This is a little over my understanding of the situation so I maybe am not even looking at this correctly at all.

          All we are using on PFSense is some standard firewall rules and Snort, Nothing else. No Proxies etc.

          Thanks,

          Paul Hughes
          Senior Manager
          http://www.ukhost4u.co.uk/

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            What happens if you disable Snort and test that site?

            1 Reply Last reply Reply Quote 0
            • U
              ukhost4u
              last edited by

              Hello.

              We tested this first but it made no difference. It does not seem to be hitting a SNORT rule, but I think its more to do with the actual base firewall in pfSense.

              Does it add any overheads to the packets which are passed through the Firewall component? Would a 3rd party side be able to detect that the packets have been adjusted at all?

              I am newer to pfSense but I have been using other commercial firewall products for a long time so I want to get an idea of the difference.

              Thanks,

              Paul.

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                Use your firewall log (Status - System Logs - Firewall) and packet captures (Diagnostics - Packet Capture) to see what's really going on.

                1 Reply Last reply Reply Quote 0
                • U
                  ukhost4u
                  last edited by

                  Hello.

                  I will try the packet capture and update on what I find. I did look in the firewall logs before and nothing much showed up for it.

                  Paul.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.