Solved

Access to Facebook blocked

Posted on 2012-09-03
662 Views
Last Modified: 2013-11-19
OK - If I had any hair I'd be pulling it out by now.
I've just been asked to look at a small domain which was set up for a small business. A previous Admin, at the owners request, blocked access to Facebook. There has now been a change in policy and it has been decided to remove the block.

The issue is that I can't see where/how it was blocked. Its a very simple set-up. One 2008 DC and Windows 7 clients. The DC providing the DNS and forwarding to the ISPs DNS, no proxy server.

I've checked group policies and can't find anything
I've checked DNS for entries on the DC and can't find anything
I've checked the local machine hosts file and there is nothing.

Yet when I try to go to facebook I just get 'Internet Explorer Cannot display the web page'
If I run the diagnostic from the page it just reports that it can't diagnose the problem.

If I try to access Facebook from Chrome I get 'This webpage is not available'

Any suggestions on where to look next ?
Good Question?
0
Question by:KCTS
    6,645 Solutions
    Best Solution byKCTS
    IP resolved the issue - not sure what they did - they're reluctant to say - but it was a problem at their end which has now been sorted
    22 Comments
     
    138 Solutions

    Expert Comment

    by:scriven_j
    Have a look at the hardware firewall/router as this can be used to block access to sites.

    What hardware is on the physical border of the route to the Internet?
    Good Comment?
    0
     
    9 Solutions

    Expert Comment

    by:fourck
    Have you checked your router configuration? maybe it is on router level.
    Good Comment?
    0
     
    366 Solutions

    Expert Comment

    by:Sushil Sonawane
    Assign public IP Address (Provide by ISP)  to machine then try to access facebook if you able to access then Check on your hardware firewall or router from there your request pass to outside the your network.
    Good Comment?
    0
     
    3 Solutions

    Expert Comment

    by:bakfaloni
    also some admin block some web site by the file host you can find in

    %systemroot% \system32\drivers\etc
    Good Comment?
    0
     
    338 Solutions

    Expert Comment

    by:selvol
    RUN Box type
    CMD
    then type
    ping facebook.com

    if you get timeouts you can not connect  and it is not a browser issue.
    Good Comment?
    0
     
    375 Solutions

    Expert Comment

    by:sgsm81
    check the ip address and default gateway (gateway may contain a filter)

    also run a ping and tracert to facebook site

    check firewall, router, iis, internet explorer etc

    however if its affecting everyone it may be on the server
    Good Comment?
    0
     
    633 Solutions

    Expert Comment

    by:madunix
    Check the internet router, it might be  

    - dropping direct HTTPS connections (by adding a filter to block port 443 – HTTPS from internal network to ‘any’)
    - filtering Facebook’s IP address ranges to Null0, block by Routing  to null0 interface
    ip route 69.63.176.0 255.255.240.0 Null0
    ip route 204.15.20.0 255.255.252.0 Null0
    ip route 66.220.144.0 255.255.240.0 Null0
    ip route 69.171.224.0 255.255.224.0 Null0
    ip route 69.171.224.0 255.255.240.0 Null0
    ip route 69.171.240.0 255.255.240.0 Null0


    [@linux1 ~]$ dig facebook.com

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> facebook.com
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12769
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 13, ADDITIONAL: 9

    ;; QUESTION SECTION:
    ;facebook.com.                  IN      A

    ;; ANSWER SECTION:
    facebook.com.           753     IN      A       66.220.149.88
    facebook.com.           753     IN      A       66.220.152.16
    facebook.com.           753     IN      A       66.220.158.70
    facebook.com.           753     IN      A       69.171.234.21
    facebook.com.           753     IN      A       69.171.237.16
    facebook.com.           753     IN      A       69.171.247.21
    Good Comment?
    0
     
    27 Solutions

    Expert Comment

    by:schima_cz
    How were You testing DNS?
    Try this:
    Run - CMD - nslookup
    Write facebook.com and post there result.
    It could be hosts file on DNS server
    Good Comment?
    0
     
    6,645 Solutions

    Author Comment

    by:KCTS
    Ping of facebook seems to suggest its resolving OK

    C:\>ping facebook.com
    Pinging facebook.com [69.171.247.21] with 32 bytes of
    Reply from 69.171.247.21: bytes=32 time=102ms TTL=245
    Reply from 69.171.247.21: bytes=32 time=102ms TTL=245
    Reply from 69.171.247.21: bytes=32 time=102ms TTL=245
    Reply from 69.171.247.21: bytes=32 time=102ms TTL=245

    Ping statistics for 69.171.247.21:
        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss
    Approximate round trip times in milli-seconds:
        Minimum = 102ms, Maximum = 102ms, Average = 102ms


    nslookup results
    C:\>nslookup
    253.1.168.192.in-addr.arp
            primary name server = localhost
            responsible mail addr nobody.invalid
            serial  = 1
            refresh = 600 (10 mins)
            retry   = 1200 (20 mins)
            expire  = 604800 (7 days)
            default TTL = 10800 (3 hours)
    Default Server:  UnKnown
    Address:  192.168.1.253

    > facebook.com
    Server:  UnKnown
    Address:  192.168.1.253

    Non-authoritative answer:
    Name:    facebook.com
    Addresses:  2a03:2880:10:
              2a03:2880:2110:
              2a03:2880:2110:
              2a03:2880:10:8f
              66.220.149.88
              66.220.152.16
              66.220.158.70
              69.171.234.21
              69.171.237.16
              69.171.247.21


    Nothing in hosts file
    no conditional forwarders - only forwarder to ISP
    simple ADSL router - no filtering enabled
    nothing (obvious) in group policy
    Good Comment?
    0
     
    6,645 Solutions

    Author Comment

    by:KCTS
    Tracert result - seems OK


    C:\>tracert facebook.com

    Tracing route to facebook.com [69.171.247.21]
    over a maximum of 30 hops:

      1     2 ms     1 ms     1 ms  172.16.1.254
      2    18 ms    18 ms    17 ms  82.153.1.61
      3    18 ms    18 ms    18 ms  91.85.10.21
      4    36 ms    46 ms    55 ms  62.164.130.53
      5    35 ms    18 ms    17 ms  vl-38.lon-th1cr.spn.kcom.com [86.54.183.249]
      6    18 ms    18 ms    18 ms  linx.br02.lhr1.tfbnw.net [195.66.225.121]
      7    93 ms   144 ms    92 ms  ae18.bb02.iad2.tfbnw.net [74.119.79.202]
      8   105 ms   106 ms   105 ms  ae9.bb02.frc1.tfbnw.net [31.13.24.48]
      9   102 ms   102 ms   102 ms  ae2.dr03.frc1.tfbnw.net [31.13.27.78]
     10   103 ms   103 ms   103 ms  po1020.csw03d.frc1.tfbnw.net [31.13.26.165]
     11   102 ms   102 ms   102 ms  www-slb-10-03-frc1.facebook.com [69.171.247.21]


    Trace complete.

    C:\>
    Good Comment?
    0
     
    138 Solutions

    Expert Comment

    by:scriven_j
    Still sounds like hardware to me.  Have you checked the hardware connecting this site to the Internet yet?  A number of hardware firewalls / routers allow you to block HTTP traffic to certain sites.  If Pings are getting through and DNS is resolving correctly, then this sounds to me like the most likely cause.
    Good Comment?
    0
     
    138 Solutions

    Expert Comment

    by:scriven_j
    Oh, just realised you posted twice sayingh simple ADSL router - no filtering.

    Are you sure there is nothing firewally before the ADSL router?

    The other option is something in GPO - such as in:-

    "Windows Settings" > "Security Settings" > "IP security Policies".

    I would run RSOP.MSC or GPMC to look at the accumulative effect of all the policies in case there is something in there.
    Good Comment?
    0
     
    138 Solutions

    Expert Comment

    by:scriven_j
    Also, have you checked any security software on the clients (or server) as some policy may have been rolled out centrally?
    Good Comment?
    0
     
    375 Solutions

    Expert Comment

    by:sgsm81
    check antivirus software as some have filtering built in

    as you can "see" facebook then its not a routing issue

    check firewall settings and check ADUC for group policies

    do you get the same error if you logon as domain admin (as GPO's aren't always attributed to domain admins)
    Good Comment?
    0
     
    142 Solutions

    Expert Comment

    by:ajwuk
    Have you tried browsing to http://69.171.247.21  ?
    Is you 2008 DC using 192.168.1.253 ?
    Good Comment?
    0
     
    519 Solutions

    Expert Comment

    by:Nagendra Pratap Singh
    Try using a workgroup computer (freshly installed). This will bypass the GPOs etc.


    Also locate the Admin on linkedin and ask him if he can help.
    Good Comment?
    0
     
    27 Solutions

    Expert Comment

    by:schima_cz
    Could You setup Google DNS as the only DNS server on workstation (override DHCP)? And after that try browsing facebook
    Good Comment?
    0
     
    6,645 Solutions

    Author Comment

    by:KCTS
    Tried a (non-domain) laptop on the network - it can't access facebook either - so its not a GPO
    set the DNS to be the router - still can't access facebook - suggests its the router or something at the ISP - I will try replacing the router tommorrow.

    (BTW: yes the DC is 192.168.1.253, the router is 192.168.1.254)
    Good Comment?
    0
     
    138 Solutions

    Expert Comment

    by:scriven_j
    Did you try schima_cz's suggestion of using Google's DNS server (8.8.8.8 and 8.8.4.4) and seeing if that resolves it?

    Could be a DNS Injection problem....
    Good Comment?
    0
     
    6,645 Solutions

    Author Comment

    by:KCTS
    Still not resolved - got ISPs tech team looking at the issue
    Good Comment?
    0
     
    6,645 Solutions

    Accepted Solution

    by:
    IP resolved the issue - not sure what they did - they're reluctant to say - but it was a problem at their end which has now been sorted
    Good Solution?
    0
     
    6,645 Solutions

    Author Closing Comment

    by:KCTS
    ISP issue
    Good Comment?
    0

    Add a Comment

    Join our community to follow up on this question and 4 million more solutions.

    Join & Write a Comment

    Featured Post

    Course: JavaScript Coding - Massive 12-Part Bundle

    Regardless of your programming skill level, you'll go from basics to advanced concepts in a vast array of JavaScript subjects including Sammy.js, Agility.js, Ember.js, Node.js, jQuery, AJAX, Extjs, AngularJS, Knockout.js, and JSON.

    Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
    Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
    The viewer will learn how to count occurrences of each item in an array.
    This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

    780 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    28 Experts available now in Live!

    Get 1:1 Help Now