Can’t access a particular site

Home Page Forums Network Management ZeroShell Can’t access a particular site

This topic contains 8 replies, has 0 voices, and was last updated by  Shiv 4 years, 10 months ago.

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • #43819

    Shiv
    Member

    Hi, I am unable to access a particular site through my Zeroshell network. While it is accessible from out of ZS with the same ISP. Please help someone regarding this.

    #53080

    Shiv
    Member

    @shiv wrote:

    Hi, I am unable to access a particular site through my Zeroshell network. While it is accessible from out of ZS with the same ISP. Please help someone regarding this.

    I disabled the firewall and checked but still it’s not working. I added an IP to firewall with privileges to access all the site but this one also not working. How to fix the issue now??

    #53081

    DrmCa
    Participant

    You would have to perform some diagnostics to troubleshoot this.

    1. Can you resolve that site’s name from behind ZS (by the way, are you using ZS as a DNS server)?

    on Windows try nslookup or tracert
    on Linux try nslookup or traceroute

    2. Can you ping the site by name and IP address from behind ZS?

    3. Can you telnet into port 80 of the site, once in telnet type ? and you should see something like


    HTTP/1.1 400 Bad Request
    Content-Type: text/html; charset=us-ascii
    #53082

    Shiv
    Member

    @drmca wrote:

    You would have to perform some diagnostics to troubleshoot this.

    1. Can you resolve that site’s name from behind ZS (by the way, are you using ZS as a DNS server)?

    on Windows try nslookup or tracert
    on Linux try nslookup or traceroute

    2. Can you ping the site by name and IP address from behind ZS?

    3. Can you telnet into port 80 of the site, once in telnet type ? and you should see something like


    HTTP/1.1 400 Bad Request
    Content-Type: text/html; charset=us-ascii

    #1. Yes, I configured this connection directly (not on ZS) and tried the link is accessible from same connection. In ZS>DNS>OPTIONS> 208.67.222.222 AND 208.67.220.220 ARE SET. Is that right one for DNS??
    On Linux I tried traceroute and the below two lines are the result-
    1 192.168.0.75 (192.168.0.75) 0.181 ms 0.112 ms 0.106 ms
    2 192.168.0.75 (192.168.0.75) 2621.616 ms !H 2621.590 ms !H 2621.560 ms !H

    On windows the tracert shows the result –
    1 <1 ms <1 ms <1 ms 192.168.0.75
    2 192.168.0.75 reports: Destination host unreachable.

    #2. When I ping this site without using www from ZS the result is -> From 192.168.0.75 icmp_seq=6 Destination Host Unreachable. And once I tried ping with http://www.site name and the result is ->
    64 bytes from hit-nxdomain.opendns.com (67.215.65.132): icmp_seq=72 ttl=51 time=378 ms

    #53083

    DrmCa
    Participant

    @shiv wrote:

    #1. Yes, I configured this connection directly (not on ZS) and tried the link is accessible from same connection. In ZS>DNS>OPTIONS> 208.67.222.222 AND 208.67.220.220 ARE SET. Is that right one for DNS??
    On Linux I tried traceroute and the below two lines are the result-
    1 192.168.0.75 (192.168.0.75) 0.181 ms 0.112 ms 0.106 ms
    2 192.168.0.75 (192.168.0.75) 2621.616 ms !H 2621.590 ms !H 2621.560 ms !H

    On windows the tracert shows the result –
    1 <1 ms <1 ms <1 ms 192.168.0.75
    2 192.168.0.75 reports: Destination host unreachable.

    #2. When I ping this site without using www from ZS the result is -> From 192.168.0.75 icmp_seq=6 Destination Host Unreachable. And once I tried ping with http://www.site name and the result is ->
    64 bytes from hit-nxdomain.opendns.com (67.215.65.132): icmp_seq=72 ttl=51 time=378 ms

    So you want to use OpenDNS, looks like your configuration for ZS DNS is correct.

    Is the address you are trying to reach 192.168.0.75? This address belongs to a local block of addresses, it’s not routable and can only be used on the LAN. I am not sure why you want to access that IP address, as it seems that in reality you want to use hit-nxdomain.opendns.com

    This is what I can see:

    D:>nslookup hit-nxdomain.opendns.com
    Server: ****************
    Address: 10.1.3.3

    Non-authoritative answer:
    Name: hit-nxdomain.opendns.com
    Address: 67.215.65.132

    67.215.65.132 is the external IP that you should use if you need to access host hit-nxdomain.opendns.com by IP address.
    Try to ping it and it most likely is going to work.

    #53084

    Shiv
    Member

    @drmca wrote:

    @shiv wrote:

    #1. Yes, I configured this connection directly (not on ZS) and tried the link is accessible from same connection. In ZS>DNS>OPTIONS> 208.67.222.222 AND 208.67.220.220 ARE SET. Is that right one for DNS??
    On Linux I tried traceroute and the below two lines are the result-
    1 192.168.0.75 (192.168.0.75) 0.181 ms 0.112 ms 0.106 ms
    2 192.168.0.75 (192.168.0.75) 2621.616 ms !H 2621.590 ms !H 2621.560 ms !H

    On windows the tracert shows the result –
    1 <1 ms <1 ms <1 ms 192.168.0.75
    2 192.168.0.75 reports: Destination host unreachable.

    #2. When I ping this site without using www from ZS the result is -> From 192.168.0.75 icmp_seq=6 Destination Host Unreachable. And once I tried ping with http://www.site name and the result is ->
    64 bytes from hit-nxdomain.opendns.com (67.215.65.132): icmp_seq=72 ttl=51 time=378 ms

    So you want to use OpenDNS, looks like your configuration for ZS DNS is correct.

    Is the address you are trying to reach 192.168.0.75? This address belongs to a local block of addresses, it’s not routable and can only be used on the LAN. I am not sure why you want to access that IP address, as it seems that in reality you want to use hit-nxdomain.opendns.com

    his is what I can see:

    D:>nslookup hit-nxdomain.opendns.com
    Server: ****************
    Address: 10.1.3.3

    Non-authoritative answer:
    Name: hit-nxdomain.opendns.com
    Address: 67.215.65.132

    67.215.65.132 is the external IP that you should use if you need to access host hit-nxdomain.opendns.com by IP address.
    Try to ping it and it most likely is going to work.

    I am not trying to reach 192.168.0.75 i am trying for 67.215.65.132 but it is not reachable from browser. and shared you the ping results for same as above.

    #53085

    Shiv
    Member

    @drmca wrote:

    @shiv wrote:

    #1. Yes, I configured this connection directly (not on ZS) and tried the link is accessible from same connection. In ZS>DNS>OPTIONS> 208.67.222.222 AND 208.67.220.220 ARE SET. Is that right one for DNS??
    On Linux I tried traceroute and the below two lines are the result-
    1 192.168.0.75 (192.168.0.75) 0.181 ms 0.112 ms 0.106 ms
    2 192.168.0.75 (192.168.0.75) 2621.616 ms !H 2621.590 ms !H 2621.560 ms !H

    On windows the tracert shows the result –
    1 <1 ms <1 ms <1 ms 192.168.0.75
    2 192.168.0.75 reports: Destination host unreachable.

    #2. When I ping this site without using www from ZS the result is -> From 192.168.0.75 icmp_seq=6 Destination Host Unreachable. And once I tried ping with http://www.site name and the result is ->
    64 bytes from hit-nxdomain.opendns.com (67.215.65.132): icmp_seq=72 ttl=51 time=378 ms

    So you want to use OpenDNS, looks like your configuration for ZS DNS is correct.

    Is the address you are trying to reach 192.168.0.75? This address belongs to a local block of addresses, it’s not routable and can only be used on the LAN. I am not sure why you want to access that IP address, as it seems that in reality you want to use hit-nxdomain.opendns.com

    This is what I can see:

    D:>nslookup hit-nxdomain.opendns.com
    Server: ****************
    Address: 10.1.3.3

    Non-authoritative answer:
    Name: hit-nxdomain.opendns.com
    Address: 67.215.65.132

    67.215.65.132 is the external IP that you should use if you need to access host hit-nxdomain.opendns.com by IP address.
    Try to ping it and it most likely is going to work.

    I reinstalled the ZS and checked without adding any rule to firewall and found it’s working. But I am going to observe step by step where the issue is.

    #53086

    Shiv
    Member

    @drmca wrote:

    @shiv wrote:

    #1. Yes, I configured this connection directly (not on ZS) and tried the link is accessible from same connection. In ZS>DNS>OPTIONS> 208.67.222.222 AND 208.67.220.220 ARE SET. Is that right one for DNS??
    On Linux I tried traceroute and the below two lines are the result-
    1 192.168.0.75 (192.168.0.75) 0.181 ms 0.112 ms 0.106 ms
    2 192.168.0.75 (192.168.0.75) 2621.616 ms !H 2621.590 ms !H 2621.560 ms !H

    On windows the tracert shows the result –
    1 <1 ms <1 ms <1 ms 192.168.0.75
    2 192.168.0.75 reports: Destination host unreachable.

    #2. When I ping this site without using www from ZS the result is -> From 192.168.0.75 icmp_seq=6 Destination Host Unreachable. And once I tried ping with http://www.site name and the result is ->
    64 bytes from hit-nxdomain.opendns.com (67.215.65.132): icmp_seq=72 ttl=51 time=378 ms

    So you want to use OpenDNS, looks like your configuration for ZS DNS is correct.

    Is the address you are trying to reach 192.168.0.75? This address belongs to a local block of addresses, it’s not routable and can only be used on the LAN. I am not sure why you want to access that IP address, as it seems that in reality you want to use hit-nxdomain.opendns.com

    This is what I can see:

    D:>nslookup hit-nxdomain.opendns.com
    Server: ****************
    Address: 10.1.3.3

    Non-authoritative answer:
    Name: hit-nxdomain.opendns.com
    Address: 67.215.65.132

    67.215.65.132 is the external IP that you should use if you need to access host hit-nxdomain.opendns.com by IP address.
    Try to ping it and it most likely is going to work.

    A new thing I have observed. We have three interfaces and one of them has static IP so I added static IP to the relative ETH. This site is not accessible after adding the static IP and when I remove the IP, it is. I checked with balancing rules also but this issue persists. So suggest for this one now.

    #53087

    DrmCa
    Participant

    Not sure why setting one of your uplinks to a static IP prevents you from pinging an address on the Internet.

    I have 2 uplinks and both use static IPs assigned by the provider and everything works fine with or without firewall.

    Are you doing all these diagnostics in ZS console or from a machine on your LAN? I would run diags on ZS directly using ssh first.

    #53088

    Shiv
    Member

    @drmca wrote:

    Not sure why setting one of your uplinks to a static IP prevents you from pinging an address on the Internet.

    I have 2 uplinks and both use static IPs assigned by the provider and everything works fine with or without firewall.

    Are you doing all these diagnostics in ZS console or from a machine on your LAN? I would run diags on ZS directly using ssh first.

    I am accessing ZS console from a machine in LAN (web access). And I diagnosed all these on some machines in LAN which have Linux MAC and Windows OS. They are showing same results, the issue is with Static IP no firewall issue.

Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic.