PfSense blocking a website

TC10284

Hello,

I have pfSense 2.2 (amd64). I have previously been able to get on www.aoins.com, but recently as of the past week or two, I can no longer access the website. I am not running any kind of proxy server and there are no packages installed on my pfSense box. Nothing was changed on the pfSense box that I am aware of. I did upgrade from 2.1.5 in hopes of fixing the issue, but it did not resolve it.

I have gone through this article, applied the mentioned settings, rebooted, tried the MTU test and nothing helped. https://doc.pfsense.org/index.php/Unable_to_Access_Some_Websites

C:\Users\yiaadmin>ping -f -l 1472 www.dslreports.com

Pinging www.dslreports.com [64.91.255.98] with 1472 bytes of data:
Reply from 64.91.255.98: bytes=1472 time=51ms TTL=47
Reply from 64.91.255.98: bytes=1472 time=45ms TTL=47
Reply from 64.91.255.98: bytes=1472 time=53ms TTL=47
Reply from 64.91.255.98: bytes=1472 time=45ms TTL=47

Ping statistics for 64.91.255.98:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 45ms, Maximum = 53ms, Average = 48ms

C:\Users\yiaadmin>ping -f -l 1472 google.com

Pinging google.com [74.125.137.113] with 1472 bytes of data:
Reply from 74.125.137.113: bytes=64 (sent 1472) time=28ms TTL=45
Reply from 74.125.137.113: bytes=64 (sent 1472) time=36ms TTL=45
Reply from 74.125.137.113: bytes=64 (sent 1472) time=28ms TTL=45
Reply from 74.125.137.113: bytes=64 (sent 1472) time=29ms TTL=45

Ping statistics for 74.125.137.113:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 36ms, Average = 30ms

I am able to resolve the address:

aoins.com
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
Name:    aoins.com
Address:  205.207.141.1

I am able to access the site from behind my pfSense 2.2 box at home, which is why I am quite perplexed.

Any ideas?

johnpoz

so your asking googledns to resolve it for you, but when you upgraded to 2.2 on pfsense did you change over to the resolver?  Are you not using pfsense at all for dns be it forwarder or resolver?

This is what I show

;; QUESTION SECTION:
;; aoins.com.  IN      A

;; ANSWER SECTION:
aoins.com.      7200    IN      A      205.207.141.1

;; AUTHORITY SECTION:
aoins.com.      7200    IN      NS      cmtu.mt.ns.els-gms.att.net.
aoins.com.      7200    IN      NS      cbru.br.ns.els-gms.att.net.

Now what I do notice is that if I try and hit it I get prompted for username password via https://www.aoins.com

Are you blocking https?  Are you having a problem resolving www.aoins.com which show cname of aoins.com

;; ANSWER SECTION:
www.aoins.com.  7173    IN      CNAME  aoins.com.
aoins.com.      7045    IN      A      205.207.141.1

;; AUTHORITY SECTION:
aoins.com.      7044    IN      NS      cmtu.mt.ns.els-gms.att.net.
aoins.com.      7044    IN      NS      cbru.br.ns.els-gms.att.net.

TC10284

I spent all morning into the afternoon working on this issue and they let me know that the company "unblocked their IP address" and it worked instantly.
Sigh…such a waste of time. At least I learned some things though.

Thanks anyway and sorry to bother you.