Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

NFL.com can't be found

Posted on 2016-08-30
13
Medium Priority
?
147 Views
Last Modified: 2016-08-30
I cannot access www.nfl.com from with in my firewall.  Here is what I have done to resolve the problem (please not all other sites are working):

1.  I setup a laptop with an external IP address and DNS Server and connected directly to my router and I am able to go to NFL.com
2.  If I give myself a public DNS setting the firewall, I cannot connect or ping nfl.com.
3.  If I configure the same laptop with public DNS and go out the DMZ port of the firewall, I cannot get to NFL.com or ping the site.
4.  I added nfl.com to our allowed domains in the firewall, cannot ping cannot get to site.
5.  I tried getting to NFL.com by IP address, that did not work.
Heres where it get interesting......
6.  I rebooted the router and the firewall, for about 30 seconds I was able to ping and get to NFL.com, then it went away again.
7.  I rebooted the firewall again, to test my theory, as soon as I had an internet connection I was able to ping and get to NFL.com for about 30 seconds and then it went away again.
8.  I opened a ticket with Sonicwall, they said it was my DNS server.
9.  I got an outside consultant to take a look, they said it was my DNS server, but couldn't find any problems with it!

OH and I did all the stupid stuff, cleared DNS Cache, refreshed page, cleared ARP Cache and check the Malware and Viruses on the network.

I don't believe this is a DNS issue directly, there is something in the firewall stopping nfl.com from resolving and allowing us to the site.  It has to be in the firewall.

We have a Sonicwall NSA3500 with SonicOS Enhanced 5.8.1.15-71o firmware.
Application Control Enabled
Antivirus Enabled
Content Filtering Enabled

This is maddening, can anyone help?
0
Comment
Question by:commeng
  • 7
  • 6
13 Comments
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776633
Have you used nslookup or dig to confirm whether your internal DNS server is able to resolve nfl.com and/or www.nfl.com to the correct IP address? If it can, then DNS is most likely not the problem.

Do you have experience with Wireshark or some other packet-capture tool? If DNS is working fine (and maybe even if it's not), that would be my next step.
0
 

Author Comment

by:commeng
ID: 41776758
I used NSlookup:

nslookup nfl.com (failed)
nslookup nfl.com 8.8.8.8 (failed)
nslookup nfl.com 8.8.4.4 (failed)

I have not used Wireshark a lot but a little bit.
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776762
You're able to look up other domains using 8.8.8.8 with the same command, though (e.g., nslookup google.com 8.8.8.8)?
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:commeng
ID: 41776773
Yes that works just fine either way

nslookup google.com
nslookup 8.8.8.8
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 2000 total points
ID: 41776794
I believe you're right that it's got to be the firewall. It seems to be restricting traffic that has anything to do with the nfl.com domain, even DNS queries. That seems strange to me, but maybe that's how Sonicwall's content filtering works. I'll admit that I don't know much about that firewall, but I did find a support article illustrating how to restrict access to a particular domain (youtube.com in the article itself) using content filtering:

https://support.software.dell.com/kb/sw9909

I'm not entirely sure that will be helpful, because CFS appears to only block Web traffic and not DNS, but it's worth a look anyway. You may also want to look at the firewall logs to see what, if anything, gets logged when you try to resolve nfl.com.
0
 

Author Comment

by:commeng
ID: 41776816
Yeah I tried adding nfl.com to the trusted domains and that did not resolve the issue.  I'm wondering if I turn off all the security services for a brief moment, if that would answer what is causing the issue.
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776828
Yeah, that's worth a shot. You can wait until after-hours to do this if you're concerned about any effects it may have during the day.
0
 

Assisted Solution

by:commeng
commeng earned 0 total points
ID: 41776834
Application Control can block DNS, but I don't see that it is blocking DNS, so I don't know.  I might not be looking in the right place.
0
 

Author Comment

by:commeng
ID: 41776867
SOB!!!!!!!!!!!!!!!!!  NFL is listed under Gaming!!!!!!!!!!!!!!
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776885
Nice.

Were employees spending too much time playing fantasy football? :)
0
 

Author Comment

by:commeng
ID: 41776898
We actually provide a service contract to the Redskins, so we need access NFL in order to complete our work.  I'm really upset right now.  I appreciate your help Dr. Dave, I was looking for a web site block, not a DNS block.  Thank you!
0
 

Author Closing Comment

by:commeng
ID: 41776906
Dr. Dave, you pointed me in the right direction and I really appreciate it, thank you so much!
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776910
Ah! Yeah, seems pretty important for you to be able to access that!
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question