Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

NFL.com can't be found

Posted on 2016-08-30
13
Medium Priority
?
136 Views
Last Modified: 2016-08-30
I cannot access www.nfl.com from with in my firewall.  Here is what I have done to resolve the problem (please not all other sites are working):

1.  I setup a laptop with an external IP address and DNS Server and connected directly to my router and I am able to go to NFL.com
2.  If I give myself a public DNS setting the firewall, I cannot connect or ping nfl.com.
3.  If I configure the same laptop with public DNS and go out the DMZ port of the firewall, I cannot get to NFL.com or ping the site.
4.  I added nfl.com to our allowed domains in the firewall, cannot ping cannot get to site.
5.  I tried getting to NFL.com by IP address, that did not work.
Heres where it get interesting......
6.  I rebooted the router and the firewall, for about 30 seconds I was able to ping and get to NFL.com, then it went away again.
7.  I rebooted the firewall again, to test my theory, as soon as I had an internet connection I was able to ping and get to NFL.com for about 30 seconds and then it went away again.
8.  I opened a ticket with Sonicwall, they said it was my DNS server.
9.  I got an outside consultant to take a look, they said it was my DNS server, but couldn't find any problems with it!

OH and I did all the stupid stuff, cleared DNS Cache, refreshed page, cleared ARP Cache and check the Malware and Viruses on the network.

I don't believe this is a DNS issue directly, there is something in the firewall stopping nfl.com from resolving and allowing us to the site.  It has to be in the firewall.

We have a Sonicwall NSA3500 with SonicOS Enhanced 5.8.1.15-71o firmware.
Application Control Enabled
Antivirus Enabled
Content Filtering Enabled

This is maddening, can anyone help?
0
Comment
Question by:commeng
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776633
Have you used nslookup or dig to confirm whether your internal DNS server is able to resolve nfl.com and/or www.nfl.com to the correct IP address? If it can, then DNS is most likely not the problem.

Do you have experience with Wireshark or some other packet-capture tool? If DNS is working fine (and maybe even if it's not), that would be my next step.
0
 

Author Comment

by:commeng
ID: 41776758
I used NSlookup:

nslookup nfl.com (failed)
nslookup nfl.com 8.8.8.8 (failed)
nslookup nfl.com 8.8.4.4 (failed)

I have not used Wireshark a lot but a little bit.
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776762
You're able to look up other domains using 8.8.8.8 with the same command, though (e.g., nslookup google.com 8.8.8.8)?
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 

Author Comment

by:commeng
ID: 41776773
Yes that works just fine either way

nslookup google.com
nslookup 8.8.8.8
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 2000 total points
ID: 41776794
I believe you're right that it's got to be the firewall. It seems to be restricting traffic that has anything to do with the nfl.com domain, even DNS queries. That seems strange to me, but maybe that's how Sonicwall's content filtering works. I'll admit that I don't know much about that firewall, but I did find a support article illustrating how to restrict access to a particular domain (youtube.com in the article itself) using content filtering:

https://support.software.dell.com/kb/sw9909

I'm not entirely sure that will be helpful, because CFS appears to only block Web traffic and not DNS, but it's worth a look anyway. You may also want to look at the firewall logs to see what, if anything, gets logged when you try to resolve nfl.com.
0
 

Author Comment

by:commeng
ID: 41776816
Yeah I tried adding nfl.com to the trusted domains and that did not resolve the issue.  I'm wondering if I turn off all the security services for a brief moment, if that would answer what is causing the issue.
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776828
Yeah, that's worth a shot. You can wait until after-hours to do this if you're concerned about any effects it may have during the day.
0
 

Assisted Solution

by:commeng
commeng earned 0 total points
ID: 41776834
Application Control can block DNS, but I don't see that it is blocking DNS, so I don't know.  I might not be looking in the right place.
0
 

Author Comment

by:commeng
ID: 41776867
SOB!!!!!!!!!!!!!!!!!  NFL is listed under Gaming!!!!!!!!!!!!!!
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776885
Nice.

Were employees spending too much time playing fantasy football? :)
0
 

Author Comment

by:commeng
ID: 41776898
We actually provide a service contract to the Redskins, so we need access NFL in order to complete our work.  I'm really upset right now.  I appreciate your help Dr. Dave, I was looking for a web site block, not a DNS block.  Thank you!
0
 

Author Closing Comment

by:commeng
ID: 41776906
Dr. Dave, you pointed me in the right direction and I really appreciate it, thank you so much!
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 41776910
Ah! Yeah, seems pretty important for you to be able to access that!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question