I am trying to download Windows 11 ISO from the official Microsoft page
And I get this error when I go through IPFire
Error
We are unable to complete your request at this time. Some users, entities and locations are banned from using this service. For this reason, leveraging anonymous or location hiding technologies when connecting to this service is not generally allowed. If you believe that you encountered this problem in error, please try again. If the problem persists you may contact Microsoft Support – Contact Us page for assistance. Refer to message code 715-123130 and 867f30fe-2643-40a1-98e2-29b239b832e6.
I tried disabling the proxy, and use my ISP DNS but I still get the same error.
If I go directly through my ISP’s box, the download works without any problems.
I have seen similar messages and in most cases its been one of three things - my VPN, browser security settings or my IP address. Just my two bobs worth.
Either way I’m curious to learn the actual root cause.
There are lots of reports of this error and each of them seems to have a different way of fixing the issue so they are probably not real fixes but workarounds that may not stay working.
I wasn’t trying to do that. I was making the point that I looked at 4 sites and got 4 different reasons for it not working. Yours is a fifth reason.
I have also found a further site that specified 6 different reasons that the problem can occur.
Unfortunately none of the above reasons has any relationship that I can see with suricata.
I also tried searching for the erro message together with suricata specified and none of the returned searches had any reference to suricata.
Maybe something about how suricata responds to traffic makes Microsoft think that some form of anonymisation or location hiding is going on because that seems to be what Microsoft are checking for. They want to be 110% certain they know where you are located to make sure that banned users, organisation or locations are not trying to download the files.
Another comment found is that Microsoft does not want third party apps to be involved in downloading the files, so maybe Suricata looks like a third party app to Microsoft.
However, all the above is just guessing on my part.
I tried, and failed, to reproduce the “We are unable to complete your request…” error by successfully downloading Win 11 ISO from your link (Librewolf 143, Linux). IPS is enabled with 3: Snort/VRT, Emergingthreats.net, and ThreatFox. My ISP router faces the Internet, then IPFire (197) gets a 10… WAN address from the ISP router.
Differences? Probably many many factors are involved and we could chase our tails forever.
I can confirm getting the error-message with IPS enabled.
I tried disabling the rulesets one by one - but the error only dissappears when all rulesets are disabled == IPS => disabled
I also don’t have any logentries related….
EDIT: I activated “Monitor traffic only” on all rulesets with the same result….
That means that Microsoft doesn’t like something about how Suricata works or responds.
It is not Microsoft being blocked it is Microsoft refusing to download to you.