Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense blocking a website

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 928 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TC10284
      last edited by

      Hello,

      I have pfSense 2.2 (amd64). I have previously been able to get on www.aoins.com, but recently as of the past week or two, I can no longer access the website. I am not running any kind of proxy server and there are no packages installed on my pfSense box. Nothing was changed on the pfSense box that I am aware of. I did upgrade from 2.1.5 in hopes of fixing the issue, but it did not resolve it.

      I have gone through this article, applied the mentioned settings, rebooted, tried the MTU test and nothing helped. https://doc.pfsense.org/index.php/Unable_to_Access_Some_Websites

      C:\Users\yiaadmin>ping -f -l 1472 www.dslreports.com

      Pinging www.dslreports.com [64.91.255.98] with 1472 bytes of data:
      Reply from 64.91.255.98: bytes=1472 time=51ms TTL=47
      Reply from 64.91.255.98: bytes=1472 time=45ms TTL=47
      Reply from 64.91.255.98: bytes=1472 time=53ms TTL=47
      Reply from 64.91.255.98: bytes=1472 time=45ms TTL=47

      Ping statistics for 64.91.255.98:
          Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
      Approximate round trip times in milli-seconds:
          Minimum = 45ms, Maximum = 53ms, Average = 48ms

      C:\Users\yiaadmin>ping -f -l 1472 google.com

      Pinging google.com [74.125.137.113] with 1472 bytes of data:
      Reply from 74.125.137.113: bytes=64 (sent 1472) time=28ms TTL=45
      Reply from 74.125.137.113: bytes=64 (sent 1472) time=36ms TTL=45
      Reply from 74.125.137.113: bytes=64 (sent 1472) time=28ms TTL=45
      Reply from 74.125.137.113: bytes=64 (sent 1472) time=29ms TTL=45

      Ping statistics for 74.125.137.113:
          Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
      Approximate round trip times in milli-seconds:
          Minimum = 28ms, Maximum = 36ms, Average = 30ms

      I am able to resolve the address:

      aoins.com
      Server:  google-public-dns-a.google.com
      Address:  8.8.8.8

      Non-authoritative answer:
      Name:    aoins.com
      Address:  205.207.141.1

      I am able to access the site from behind my pfSense 2.2 box at home, which is why I am quite perplexed.

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        so your asking googledns to resolve it for you, but when you upgraded to 2.2 on pfsense did you change over to the resolver?  Are you not using pfsense at all for dns be it forwarder or resolver?

        This is what I show

        ;; QUESTION SECTION:
        ;; aoins.com.  IN      A

        ;; ANSWER SECTION:
        aoins.com.      7200    IN      A      205.207.141.1

        ;; AUTHORITY SECTION:
        aoins.com.      7200    IN      NS      cmtu.mt.ns.els-gms.att.net.
        aoins.com.      7200    IN      NS      cbru.br.ns.els-gms.att.net.

        Now what I do notice is that if I try and hit it I get prompted for username password via https://www.aoins.com

        Are you blocking https?  Are you having a problem resolving www.aoins.com which show cname of aoins.com

        ;; ANSWER SECTION:
        www.aoins.com.  7173    IN      CNAME  aoins.com.
        aoins.com.      7045    IN      A      205.207.141.1

        ;; AUTHORITY SECTION:
        aoins.com.      7044    IN      NS      cmtu.mt.ns.els-gms.att.net.
        aoins.com.      7044    IN      NS      cbru.br.ns.els-gms.att.net.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • T
          TC10284
          last edited by

          I spent all morning into the afternoon working on this issue and they let me know that the company "unblocked their IP address" and it worked instantly.
          Sigh…such a waste of time. At least I learned some things though.

          Thanks anyway and sorry to bother you.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.