• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 744
  • Last Modified:

Access to Facebook blocked

OK - If I had any hair I'd be pulling it out by now.
I've just been asked to look at a small domain which was set up for a small business. A previous Admin, at the owners request, blocked access to Facebook. There has now been a change in policy and it has been decided to remove the block.

The issue is that I can't see where/how it was blocked. Its a very simple set-up. One 2008 DC and Windows 7 clients. The DC providing the DNS and forwarding to the ISPs DNS, no proxy server.

I've checked group policies and can't find anything
I've checked DNS for entries on the DC and can't find anything
I've checked the local machine hosts file and there is nothing.

Yet when I try to go to facebook I just get 'Internet Explorer Cannot display the web page'
If I run the diagnostic from the page it just reports that it can't diagnose the problem.

If I try to access Facebook from Chrome I get 'This webpage is not available'

Any suggestions on where to look next ?
0
Brian Pierce
Asked:
Brian Pierce
  • 6
  • 5
  • 2
  • +8
1 Solution
 
scriven_jCommented:
Have a look at the hardware firewall/router as this can be used to block access to sites.

What hardware is on the physical border of the route to the Internet?
0
 
fourckCommented:
Have you checked your router configuration? maybe it is on router level.
0
 
Sushil SonawaneCommented:
Assign public IP Address (Provide by ISP)  to machine then try to access facebook if you able to access then Check on your hardware firewall or router from there your request pass to outside the your network.
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
bakfaloniCommented:
also some admin block some web site by the file host you can find in

%systemroot% \system32\drivers\etc
0
 
selvolCommented:
RUN Box type
CMD
then type
ping facebook.com

if you get timeouts you can not connect  and it is not a browser issue.
0
 
SteveIT ManagerCommented:
check the ip address and default gateway (gateway may contain a filter)

also run a ping and tracert to facebook site

check firewall, router, iis, internet explorer etc

however if its affecting everyone it may be on the server
0
 
madunixCommented:
Check the internet router, it might be  

- dropping direct HTTPS connections (by adding a filter to block port 443 – HTTPS from internal network to ‘any’)
- filtering Facebook’s IP address ranges to Null0, block by Routing  to null0 interface
ip route 69.63.176.0 255.255.240.0 Null0
ip route 204.15.20.0 255.255.252.0 Null0
ip route 66.220.144.0 255.255.240.0 Null0
ip route 69.171.224.0 255.255.224.0 Null0
ip route 69.171.224.0 255.255.240.0 Null0
ip route 69.171.240.0 255.255.240.0 Null0


[@linux1 ~]$ dig facebook.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> facebook.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12769
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 13, ADDITIONAL: 9

;; QUESTION SECTION:
;facebook.com.                  IN      A

;; ANSWER SECTION:
facebook.com.           753     IN      A       66.220.149.88
facebook.com.           753     IN      A       66.220.152.16
facebook.com.           753     IN      A       66.220.158.70
facebook.com.           753     IN      A       69.171.234.21
facebook.com.           753     IN      A       69.171.237.16
facebook.com.           753     IN      A       69.171.247.21
0
 
schima_czCommented:
How were You testing DNS?
Try this:
Run - CMD - nslookup
Write facebook.com and post there result.
It could be hosts file on DNS server
0
 
Brian PiercePhotographerAuthor Commented:
Ping of facebook seems to suggest its resolving OK

C:\>ping facebook.com
Pinging facebook.com [69.171.247.21] with 32 bytes of
Reply from 69.171.247.21: bytes=32 time=102ms TTL=245
Reply from 69.171.247.21: bytes=32 time=102ms TTL=245
Reply from 69.171.247.21: bytes=32 time=102ms TTL=245
Reply from 69.171.247.21: bytes=32 time=102ms TTL=245

Ping statistics for 69.171.247.21:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss
Approximate round trip times in milli-seconds:
    Minimum = 102ms, Maximum = 102ms, Average = 102ms


nslookup results
C:\>nslookup
253.1.168.192.in-addr.arp
        primary name server = localhost
        responsible mail addr nobody.invalid
        serial  = 1
        refresh = 600 (10 mins)
        retry   = 1200 (20 mins)
        expire  = 604800 (7 days)
        default TTL = 10800 (3 hours)
Default Server:  UnKnown
Address:  192.168.1.253

> facebook.com
Server:  UnKnown
Address:  192.168.1.253

Non-authoritative answer:
Name:    facebook.com
Addresses:  2a03:2880:10:
          2a03:2880:2110:
          2a03:2880:2110:
          2a03:2880:10:8f
          66.220.149.88
          66.220.152.16
          66.220.158.70
          69.171.234.21
          69.171.237.16
          69.171.247.21


Nothing in hosts file
no conditional forwarders - only forwarder to ISP
simple ADSL router - no filtering enabled
nothing (obvious) in group policy
0
 
Brian PiercePhotographerAuthor Commented:
Tracert result - seems OK


C:\>tracert facebook.com

Tracing route to facebook.com [69.171.247.21]
over a maximum of 30 hops:

  1     2 ms     1 ms     1 ms  172.16.1.254
  2    18 ms    18 ms    17 ms  82.153.1.61
  3    18 ms    18 ms    18 ms  91.85.10.21
  4    36 ms    46 ms    55 ms  62.164.130.53
  5    35 ms    18 ms    17 ms  vl-38.lon-th1cr.spn.kcom.com [86.54.183.249]
  6    18 ms    18 ms    18 ms  linx.br02.lhr1.tfbnw.net [195.66.225.121]
  7    93 ms   144 ms    92 ms  ae18.bb02.iad2.tfbnw.net [74.119.79.202]
  8   105 ms   106 ms   105 ms  ae9.bb02.frc1.tfbnw.net [31.13.24.48]
  9   102 ms   102 ms   102 ms  ae2.dr03.frc1.tfbnw.net [31.13.27.78]
 10   103 ms   103 ms   103 ms  po1020.csw03d.frc1.tfbnw.net [31.13.26.165]
 11   102 ms   102 ms   102 ms  www-slb-10-03-frc1.facebook.com [69.171.247.21]


Trace complete.

C:\>
0
 
scriven_jCommented:
Still sounds like hardware to me.  Have you checked the hardware connecting this site to the Internet yet?  A number of hardware firewalls / routers allow you to block HTTP traffic to certain sites.  If Pings are getting through and DNS is resolving correctly, then this sounds to me like the most likely cause.
0
 
scriven_jCommented:
Oh, just realised you posted twice sayingh simple ADSL router - no filtering.

Are you sure there is nothing firewally before the ADSL router?

The other option is something in GPO - such as in:-

"Windows Settings" > "Security Settings" > "IP security Policies".

I would run RSOP.MSC or GPMC to look at the accumulative effect of all the policies in case there is something in there.
0
 
scriven_jCommented:
Also, have you checked any security software on the clients (or server) as some policy may have been rolled out centrally?
0
 
SteveIT ManagerCommented:
check antivirus software as some have filtering built in

as you can "see" facebook then its not a routing issue

check firewall settings and check ADUC for group policies

do you get the same error if you logon as domain admin (as GPO's aren't always attributed to domain admins)
0
 
ajwukTechnical Consultant / Project ManagerCommented:
Have you tried browsing to http://69.171.247.21  ?
Is you 2008 DC using 192.168.1.253 ?
0
 
Nagendra Pratap SinghDesktop Applications SpecialistCommented:
Try using a workgroup computer (freshly installed). This will bypass the GPOs etc.


Also locate the Admin on linkedin and ask him if he can help.
0
 
schima_czCommented:
Could You setup Google DNS as the only DNS server on workstation (override DHCP)? And after that try browsing facebook
0
 
Brian PiercePhotographerAuthor Commented:
Tried a (non-domain) laptop on the network - it can't access facebook either - so its not a GPO
set the DNS to be the router - still can't access facebook - suggests its the router or something at the ISP - I will try replacing the router tommorrow.

(BTW: yes the DC is 192.168.1.253, the router is 192.168.1.254)
0
 
scriven_jCommented:
Did you try schima_cz's suggestion of using Google's DNS server (8.8.8.8 and 8.8.4.4) and seeing if that resolves it?

Could be a DNS Injection problem....
0
 
Brian PiercePhotographerAuthor Commented:
Still not resolved - got ISPs tech team looking at the issue
0
 
Brian PiercePhotographerAuthor Commented:
IP resolved the issue - not sure what they did - they're reluctant to say - but it was a problem at their end which has now been sorted
0
 
Brian PiercePhotographerAuthor Commented:
ISP issue
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 6
  • 5
  • 2
  • +8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now