Solved

PfSense and Hardware Firewall blocking Dropbox.com using pfBlockerNG.

Posted on 2016-08-18
10
416 Views
Last Modified: 2016-08-19
I have upgraded my pfsense firewall to 2.3.2, since then I cant get to dropbox.com. I'm not savey with pfsense so I cant figure out  what is wrong.  I have added pfblockerNG so I figured that must be blocking it.  I out in a exception rule for the domain name www.dropbox.com and this does not fix the problem.  Please be patient with me because I am fairly new to this Hardware firewall stuff.  By the way I did disable Windows firewall and Virus protection on my PC and still no luck.  Any help will be very appreciated so thank you in advance.
0
Comment
Question by:Mark Hynes
  • 6
  • 4
10 Comments
 
LVL 37

Expert Comment

by:ArneLovius
ID: 41762235
Are you able to reach dropbox.com if you disable pfblockerNG ?
1
 

Author Comment

by:Mark Hynes
ID: 41762280
I just tested it, and yes I can get to dropbox.com if I disable pfblockerNG.

Mark H
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 41762294
Which would indicate that your initial diagnosis was correct, and the problem is indeed with pfblockerNG.

What is your intended use for pfblockerNG ?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:Mark Hynes
ID: 41762298
The best way I can explain it is: to filter out known BAD Addresses.  I would also like to stop the internet from scanning my ports and stop brute force password attacks, however I haven't been able to figure that out either.  

When, I disabled pfBlockerNG, (like you told me to) I was able to get to dropbox.com.  I re-enabled pfsenseNG, and reloaded filters,  I can still get to dropbox.com site.  Not sure whats going on but disable and enabled worked.  What do you make of that ?

Mark H
0
 

Author Comment

by:Mark Hynes
ID: 41762308
Just tried dropbox again it is not working, its being blocked again.

Mark H
0
 
LVL 37

Accepted Solution

by:
ArneLovius earned 500 total points
ID: 41762318
pfblockedNG uses external lists of addresses to create deny rules based on address, by itself it will not stop port scans or brute force attacks.

from what you have described, it would appear that some part of your configuration of pfblockedNG is adding the address(es) used by dropbox.com to a deny list.

I would suggest that you removed and re-added pfblockerNG, and made one configuration change at a time, leaving it for the same time that it took to block previously, by this process you should then find the configuration change that is causing dropbox.com to get blocked.
0
 

Author Comment

by:Mark Hynes
ID: 41762330
OK, I understand what you want me to do, so I will begin now and try this.  However, I think you should know that I have looked at the deny logs. I can't  see where it dropbox is being blocked because I think the IP address change every hour or so. Do you think I'm correct in saying this ?

Mark H
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 41762373
er, no you're not correct.

dropbox.com isn't a single active address that changes, it's multiple address with global load balancing.
0
 

Assisted Solution

by:Mark Hynes
Mark Hynes earned 0 total points
ID: 41762412
Thanks to you, I figured it out.  It is the HiJacker IP database that is blocking it.  Since this is a table that is down loaded from iBlocker, Im not sure how to remove it from the table. 162.125.0.0/16.

Any thoughts?
0
 

Author Closing Comment

by:Mark Hynes
ID: 41762583
Thanks very much for your help.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SonicWall losing internet when Cradlepoint resets. 18 102
ASA Shunning internal IP 10 44
SonicWall blocking WOL 11 169
VIRTUAL NETWORKING 3 77
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question