Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
How to find out, where is website blocked
« previous
next »
Print
Pages: [
1
]
Author
Topic: How to find out, where is website blocked (Read 1578 times)
codera
Newbie
Posts: 5
Karma: 0
How to find out, where is website blocked
«
on:
January 14, 2024, 02:54:37 pm »
Hi
I am trying to troubleshoot an issue, where one legit is not opening behing Opnsense firewall.
I tired stopping Zerarmor - that did not help.
Opening website by IP works, but i cannot login etc, so the sites fowards the request to its domain name and then it stops working.
By IP aadress i can see, that session and state is establised udner firewall diagnostics.
I added domain name to unbound dns whitelisted domain, but still is does not open.
Local firewall is not blocking, name is resolved to right IP but it wount open by dns name.
What am i missing or what logs should i look for?
«
Last Edit: January 14, 2024, 02:59:46 pm by codera
»
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: How to find out, where is website blocked
«
Reply #1 on:
January 14, 2024, 09:23:16 pm »
sounds like nothing on the firewall is getting in the way. ctrl+shift+I opens developer tools (firefox and maybe other browsers). There you can see what happens.
Logged
codera
Newbie
Posts: 5
Karma: 0
Re: How to find out, where is website blocked
«
Reply #2 on:
January 15, 2024, 01:59:52 pm »
Well that is the problem, when i switch my computer lan connection to old Pfsense box, then the same site is working.
So something is blocking this site in Opnsense, but what and how to find out?
«
Last Edit: January 15, 2024, 02:03:31 pm by codera
»
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: How to find out, where is website blocked
«
Reply #3 on:
January 15, 2024, 02:32:50 pm »
If you can see the session established, the firewall is not stopping it. But let's break this report down a bit.
> opening website by IP works, but i cannot login etc, so the sites fowards the request to its domain name and then it stops working.
This bit doesn't make sense to me. What site is forwarding what request to its domain name?
> By IP aadress i can see, that session and state is establised udner firewall diagnostics.
So, presumably the name has been resolved (what are you using to resolve, Unbound?), and then the request was sent from your client to the server. No blocks I can see in this flow.
> I added domain name to unbound dns whitelisted domain, but still is does not open.
Why would you whitelist it if it is resolved? Then, are you using blocklists?
> Local firewall is not blocking, name is resolved to right IP but it wount open by dns name.
Assume this is client firewall?
I suggest you diagnose methodically.
Use dig or similar and "trace" the request through the services you have enabled, for example blocklists, IDS, etc.
Logged
codera
Newbie
Posts: 5
Karma: 0
Re: How to find out, where is website blocked
«
Reply #4 on:
January 20, 2024, 05:58:56 pm »
> opening website by IP works, but i cannot login etc, so the sites fowards the request to its domain name and then it stops working.
This bit doesn't make sense to me. What site is forwarding what request to its domain name?
So when i go to
https://51.91.30.159/
, it opens, but is not displayd correctly. When i press login button, then site fowards request to
https://www.upload.ee/login.html
And after that i get message:
www.upload.ee
’s server IP address could not be found.
> By IP aadress i can see, that session and state is establised udner firewall diagnostics.
So, presumably the name has been resolved (what are you using to resolve, Unbound?), and then the request was sent from your client to the server. No blocks I can see in this flow.
Yes, unbound and Opnsense is DNS server for the network.
Nslookup from my pc gives me:
Non-authoritative answer:
Name: upload.ee
Addresses: 2001:41d0:403:2b9f::
51.91.30.159
> I added domain name to unbound dns whitelisted domain, but still is does not open.
Why would you whitelist it if it is resolved? Then, are you using blocklists?
Yes, i have a couple of one selected under Services: Unbound DNS: Blocklist, but i tried disable it, but that did not help. Site is still not working.
> Local firewall is not blocking, name is resolved to right IP but it wount open by dns name.
Assume this is client firewall?
Yes, correct
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: How to find out, where is website blocked
«
Reply #5 on:
January 21, 2024, 12:02:37 am »
I tried and worked fine. I went to and entered inexisting credentials and got the expected username/password doesn't exist. I don't use blocklists on Unbound. Zenarmor running.
Maybe some plugin like a browser adblocker?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
How to find out, where is website blocked