I cannot access certain websites from behind the ipfire router. It seems to be random, and only happens on a select few sites. We can access 99% of the websites we try.
It’s a very vanilla install, no AV, no IDS, no addons at all. I have tried both with and without the Web Proxy server running, no difference. It’s very few websites, but some are very necessary. If I use a mobile device that is not behind the firewall, I can access the sites. For example, www.fastmail.com. We have been using this email provider for many years without issues, until after the update to Core 191. Now, we absolutely cannot access it, no matter what browser is used. They all return the error “This site cannot be reached” or some variant. Has anyone else seen this issue or can someone shed some light on this?
Thanks for the suggestion. I checked IPS logs and nothing relating to that site. Can’t say for sure if anything is going on over on their end, but I just communicated with them about 30 minutes ago and they didn’t mention any issues with their servers. I have tried to access their site over a 2 hour period today and never could get through, and since I can successfully access their site on a system that isn’t behind the ipfire router, I have to think it’s the router that’s preventing a successful connection. I should add that I have wondered if there’s a filter or rule on their end that doesn’t like what it sees coming from the ipfire router, but they didn’t seem to think so. Still, I can’t be sure yet.
I should also add that I thought it could be a DNS issue, so I tried accessing it via IP address, but same issue. I am using Google and Cloudflare DNS servers FYI. I am going to try using my ISP’s DNS servers and see if that makes a difference.
UPDATE: I tried the above and no difference. I also tried just using Quad 9 servers and no difference. I then tried running IsItDown and similar sites against www.fastmail.net and interestingly, while most said it was up, one site said it was down.
Also, I ran a CNAME lookup on it via DNSChecker.org and it came up with NO CNAME record. Not sure if that has anything to do my particular issue or not, but it seems like it could be relevant.
I just tried the fastmail address and can access it without problems.
I use IPS, … so I don’t think there is a blocking in the system.
Can you show your network config
for some reason I occurred issues when updating from 190 -191.
So what I would suggest is screen print the pages of your ipfire settings, and download and install 191 iso from the web site and rebuild the network.
I even went further and change pakfire to testing and updated to 192 so I would have a better kernel to use than what they are currently running on 191.
A bit OT:
I would prefer a textual description.
In writing the settings are ‘revised’ by the author himself. A screen copy holds the same information, but not necessarily for the posting user.
every once in a while when going to sites I get the cloudflare verify if you are human page and when I check the box, it just refreshes to the cloudfare verify screen again. I have to close the browser out wait a few seconds then the site works.
it could be, but it could be because I am getting served at a very low ping too which might be false triggering their bot detection. Because if I go to an older slower machine it works. The issue only shows up from my gaming computer or the raspberry pi 5.