How can I track down what part of pfsense is blocking website access?

Posted by Chase Florell on Server Fault See other posts from Server Fault or by Chase Florell
Published on 2012-04-07T20:06:42Z Indexed on 2012/04/07 23:32 UTC
Read the original article Hit count: 499

Filed under:

networking

|

firewall

|

pfsense

I've got a PFSense firewall/gateway on our network. Everything works great except for the fact that I cannot access one specific website.

Pfsense is running the following packages

Country Block
LightSquid
nmap
notes
squid
squidGuard
Strikeback

I can access every single website I've ever tried aside from one that we need for business use (http://bridalnetwork.ca)

here's the traceroute

frodo:~ chase$ traceroute bridalnetwork.ca 
traceroute to  bridalnetwork.ca (192.197.103.73), 64 hops max, 52 byte packets  
 1  rohan (192.168.5.1)  6.618 ms  1.662 ms  9.207 ms  
 2  * * *  
 3  * * rohan (192.168.5.1)  7.225 ms !H  
 4  rohan (192.168.5.1)  5.314 ms !H 5.701 ms !H  7.573 ms !H  
frodo:~ chase$

How can I figure out what the reason behind the blockage is?

note: this has been tested on every computer on the network with the same results.
ps: the pfsense box is 'rohan' (192.168.5.1)

Here's what I get with Squid enabled
enter image description here

and here's what I get with Squid disabled
enter image description here

© Server Fault or respective owner

Related posts about networking

Networking stopped working on Ubuntu

as seen on Super User - Search for 'Super User'
I installed Ubuntu 10.04 through the Wubi installer (Funny, I installed it today and thought I would have gotten 10.10). I had a network connection and everything was working fine. I rebooted my coumputer a couple of times and then suddenly, I could not connect to the network and when I click the… >>> More
Troubles with start up defenition of networking service in Ubuntu

as seen on Super User - Search for 'Super User'
I use Ubuntu 12.04.1. I put attention that networking script starting in runlevel 0: user@comp:/etc/rc0.d$ chkconfig -l networking networking 0:on 1:off 2:off 3:off 4:off 5:off 6:off When I try to move it working to appropriate run levels I get error: user@comp:/etc/rc0… >>> More
Installing the Elgg Social Networking CMS

as seen on Internet.com - Search for 'Internet.com'
One Open Source CMS that stands out above the rest for small businesses and personal networks is the Elgg open source "social engine," which can be used to create social applications. Scott Clark shows you how to install and get started with this social networking CMS. >>> More
OAuth: Token-Based Authorization for the Social Networking Age

as seen on Internet.com - Search for 'Internet.com'
The OAuth token-based authorization system allows users to grant third-party access to their resources without sharing their usernames and passwords. It's perfect for the age of data scattered across many social networking sites. >>> More
OAuth: Token-Based Authorization for the Social Networking Age

as seen on Internet.com - Search for 'Internet.com'
The OAuth token-based authorization system allows users to grant third-party access to their resources without sharing their usernames and passwords. It's perfect for the age of data scattered across many social networking sites. >>> More

Related posts about firewall

Managed hosting firewall vs managing own firewall

as seen on Server Fault - Search for 'Server Fault'
I posted on stackoverflow as to the overall benefits of managed hosting vs non-managed hosting. The more I think about it, it seems to boil down to one question: should I use a managed host because they take care of the firewall, or would I be okay managing my own, software firewall? The sites… >>> More
Hardware firewall vs VMWare firewall appliance

as seen on Server Fault - Search for 'Server Fault'
We have a debate in our office going on whether it's necessary to get a hardware firewall or set up a virtual one on our VMWare cluster. Our environment consists of 3 server nodes (16 cores w/ 64 GB RAM each) over 2x 1 GB switches w/ an iSCSI shared storage array. Assuming that we would be dedicating… >>> More
Firewall behind firewall

as seen on Server Fault - Search for 'Server Fault'
I've recently changed jobs and I've been set up with a new workstation. On all previous places where I've been working they've had some sort of local firewall installed on each and every workstation - but here I've been told not to activate it because it is not necessary since we're already behind… >>> More
We have no SW Firewall behind our office HW firewall, admin says its not req'd

as seen on Server Fault - Search for 'Server Fault'
I've recently changed jobs and I've been set up with a new workstation. On all previous places where I've been working they've had some sort of local firewall installed on each and every workstation - but here I've been told not to activate it because it is not necessary since we're already behind… >>> More
Can't get FTP to work on centOS 5.6

as seen on Server Fault - Search for 'Server Fault'
Hi guys I have been trying for a few hours to install and get FTP to work... I did yum install ftp and yum install vsftpd They all installed and are running but when I try to use filezilla or some other client I just can't connect....I've tried connecting on port 21 and port 990 ....nothing! These… >>> More