Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Untanglit
    Join Date
    Aug 2012
    Posts
    16

    Default Site will not resolve

    Hi

    Users are trying to get to w3schools.com but all they are getting is an "Internet Explorer cannot display the webpage" screen.

    I can tracert to the site but when I ping it I receive this:

    Pinging w3schools.com [66.29.212.73] with 32 bytes of data:
    Reply from 10.200.200.20: Destination port unreachable.

    I have tried placing the site in the pass list but to no avail.

    What could be the problem?

    Ivan

  2. #2
    Untangle Ninja dbunyard's Avatar
    Join Date
    Nov 2008
    Location
    Westerville, Ohio, USA
    Posts
    1,051

    Default

    Hi and welcome to the forums!

    Some more information about your setup would be good specifically if you are running as a bridge or router and where your Untangle box sits in your network (a diagram is best).

    Quote Originally Posted by ivanw View Post
    Reply from 10.200.200.20: Destination port unreachable.
    Is this the Untangle box?

    I would also suggest you go through the guide here: http://wiki.untangle.com/index.php/The_internet_is_down
    Dan

    You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.

  3. #3
    Untanglit
    Join Date
    Aug 2012
    Posts
    16

    Default

    Hi

    I went through the steps that you suggested frm " the internet is down" and they all passed with flying colors.

    Here is my setup :

    Adsl Modem -> Safe@Office (SBox) -> Untangle -> Switch

    No - 10.200.200.20 is not the UT box. That is the reply I get when I ping the w3schools.com site (try it). (If you tracert to the URL you'll see that that is the last IP in the list).

    The SBOX is also configured as the FW and I have also placed the site in the "allowed" sites list there.

    The Untangle box is configured as a router and the client machines receive their IP addresses via DHCP (MS server). The DHCP is configured to send the Untangle box IP as the GW for the client machines.

    Users can access the internet and when a site from the list is blocked the Untangle block screen appears I can also access the UT box via the network. Thats not the problem.

    The problem is that for some reason even though I placed the w3schools.com site in the pass list it wont resolve (no blocked site msg) . But if I type in the address on a PC thats not on the UT network the site appears without a problem.

    Could this be a bug ? I have looked at in the Internet files folder to see what cookies or sites might be causing problems (google-analytics etc. ) and placed those in the pass list as well - but still no luck ..
    Last edited by ivanw; 08-13-2012 at 08:10 AM.

  4. #4
    Untangle Ninja dbunyard's Avatar
    Join Date
    Nov 2008
    Location
    Westerville, Ohio, USA
    Posts
    1,051

    Default

    I'm behind an Untangle box right now and it resolves fine and I can browse the site without a problem. The traceroute shows up odd though, as a 10. address should not be publicly routable yet I appear to be getting pings from it (however if I ping it directly I get a timeout as I should):

    Code:
    C:\Users\dbunyard>tracert w3schools.com
    
    Tracing route to w3schools.com [66.29.212.73]
    over a maximum of 30 hops:
    
      1     1 ms    <1 ms     1 ms  untangle.conelec.lan [10.37.59.254]
      2     2 ms     1 ms     2 ms  rrcs-24-142-179-97.central.biz.rr.com [24.142.17
    9.97]
      3     9 ms     9 ms     9 ms  ae0.tr00.clevohek.mwrtn.rr.com [65.189.140.144]
    
      4    29 ms    23 ms    23 ms  ae-3-0.cr0.dca20.tbone.rr.com [66.109.6.70]
      5    22 ms    22 ms    19 ms  ae-1-0.pr0.dca10.tbone.rr.com [66.109.6.165]
      6    21 ms    19 ms    17 ms  ash1-pr1-ae5-409.us.twtelecom.net [64.128.212.1]
    
      7    38 ms    36 ms    87 ms  lou1-ar3-xe-2-0-0-0.us.twtelecom.net [66.192.247
    .66]
      8    37 ms    40 ms    43 ms  64.132.167.2
      9    41 ms    40 ms    40 ms  10.200.200.2
     10    42 ms    41 ms    46 ms  10.200.200.20
     11    40 ms    50 ms    50 ms  10.200.200.26
     12     *        *        *     Request timed out.
    What DNS servers are you using on Untangle (WAN side) and on your local PCs?
    Dan

    You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.

  5. #5
    Untanglit
    Join Date
    Aug 2012
    Posts
    16

    Default

    WAN Side: ISP DNS servers (configured in UT box)
    Local PCs: Local DNS server (has forwarders to: ISP servers + IP to UT box)

  6. #6
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,050

    Default

    This is what i get

    Code:
    C:\Users\WebFooL>tracert w3schools.com
    
    Spårar väg till w3schools.com [66.29.212.73]
    över högst 30 hopp:
    
      1   <10 ms   <10 ms   <10 ms  192.168.2.1
      2   <10 ms   <10 ms   <10 ms  ua-85-226-192-1.cust.bredbandsbolaget.se [85.226
    .192.1]
      3     2 ms     1 ms     2 ms  ti3002d400-xe3-3-0.ti.telenor.net [146.172.81.11
    3]
      4    92 ms    92 ms   103 ms  ti3002c310-ae13-0.ti.telenor.net [146.172.102.18
    5]
      5    92 ms    92 ms    92 ms  ti3003c310-ae0-0.ti.telenor.net [146.172.100.70]
    
      6    93 ms    92 ms    92 ms  ti3004c310-ae3-0.ti.telenor.net [146.172.100.45]
    
      7    92 ms    93 ms    93 ms  ti9004b300-as1-0.ti.telenor.net [146.172.105.90]
    
      8    92 ms   102 ms    92 ms  NYCL-PEER-03.twtelecom.net [198.32.118.36]
      9   152 ms   115 ms   115 ms  lou1-ar3-xe-0-0-0-0.us.twtelecom.net [66.192.246
    .10]
     10   116 ms   116 ms   116 ms  64.132.167.2
     11     *        *        *     Begäran gjorde timeout.
     12     *        *        *     Begäran gjorde timeout.
     13     *        *        *     Begäran gjorde timeout.
    My guess is that they are having some routing issues on there side.
    You should not see any 10.x.x.x network address on the internet.

  7. #7
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,372

    Default

    10.x.x.x in a public address is a bad symptom.
    The world is divided into 10 kinds of people, who know binary and those not

  8. #8
    Untanglit
    Join Date
    Aug 2012
    Posts
    16

    Default

    Here is my trace:

    Tracing route to w3schools.com [66.29.212.73]
    over a maximum of 30 hops:

    1 1 ms <1 ms <1 ms BEZEQ [10.0.0.138]
    2 15 ms 15 ms 13 ms bzq-179-37-1.static.bezeqint.net [212.179.37.

    3 15 ms 13 ms 13 ms bzq-218-103-162.red.bezeqint.net [81.218.103.
    ]
    4 14 ms 13 ms 13 ms bzq-179-75-210.static.bezeqint.net [212.179.7
    10]
    5 14 ms 14 ms 14 ms bzq-179-124-93.static.bezeqint.net [212.179.1
    93]
    6 14 ms 13 ms 15 ms bzq-179-124-238.static.bezeqint.net [212.179.
    .238]
    7 63 ms 63 ms 65 ms 213.242.116.129
    8 64 ms 64 ms 63 ms ae-0-11.bar1.Marseille1.Level3.net [4.69.143.
    ]
    9 63 ms 63 ms 63 ms ae-7-7.ebr1.Paris1.Level3.net [4.69.143.238]
    10 63 ms 63 ms 63 ms ae-21-21.ebr2.Paris1.Level3.net [4.69.143.118
    11 147 ms 147 ms 146 ms ae-43-43.ebr2.Washington1.Level3.net [4.69.13
    8]
    12 143 ms 143 ms 144 ms ae-82-82.csw3.Washington1.Level3.net [4.69.13
    54]
    13 144 ms 144 ms 149 ms ae-81-81.ebr1.Washington1.Level3.net [4.69.13
    37]
    14 160 ms 160 ms 162 ms ae-2-2.ebr3.Atlanta2.Level3.net [4.69.132.85]
    15 163 ms 160 ms 161 ms ae-73-73.ebr2.Atlanta2.Level3.net [4.69.148.2

    16 270 ms 199 ms 237 ms ae-8-8.car1.Nashville1.Level3.net [4.69.140.2

    17 217 ms 199 ms 198 ms ae-11-11.car2.Nashville1.Level3.net [4.69.140
    5]
    18 168 ms 168 ms 168 ms ae-2-2.car2.Louisville1.Level3.net [4.69.140.
    ]
    19 170 ms 181 ms 172 ms MAXIMUMASP.car2.Louisville1.Level3.net [4.59.
    .2]
    20 171 ms 172 ms 171 ms host10.68.121.74.static.maximumasp.com [74.12
    8.10]
    21 170 ms 170 ms 186 ms 10.200.200.2
    22 172 ms 170 ms 169 ms 10.200.200.20
    23 171 ms 170 ms 176 ms 10.200.200.26
    24 * * * Request timed out.
    25 * * * Request timed out.
    26 * * * Request timed out.
    27 * * * Request timed out.
    28 * * * Request timed out.
    29 * * * Request timed out.
    30 * * * Request timed out.

    Trace complete.
    Interesting to note that you both received this IP 64.132.167.2 - but I didn't.

    Any ideas?

    Ivan
    Last edited by ivanw; 08-13-2012 at 03:37 PM.

  9. #9
    Untangle Ninja dbunyard's Avatar
    Join Date
    Nov 2008
    Location
    Westerville, Ohio, USA
    Posts
    1,051

    Default

    That's very odd. I got the same 10. addresses as you when I ran it at work on my TWC fiber connection. Here at home however I get something that looks correct, no 10. IP addresses. What do you get if you run the traceroute direct from the Untangle box? I think as WebFool pointed out though this looks like a routing issue on their side. Here is my trace from home (for what it's worth):
    Code:
    C:\Users\Shelley>tracert w3schools.com
    
    Tracing route to w3schools.com [66.29.212.73]
    over a maximum of 30 hops:
    
      1     2 ms     1 ms    <1 ms  192.168.9.1
      2     3 ms     2 ms     2 ms  172.20.2.1
      3    13 ms    12 ms    11 ms  oh-65-40-79-129.sta.embarqhsd.net [65.40.79.129]
    
      4    13 ms    12 ms    13 ms  oh-67-76-204-89.dyn.embarqhsd.net [67.76.204.89]
    
      5    26 ms    25 ms    24 ms  208-110-248-205.centurylink.net [208.110.248.205
    ]
      6    26 ms    24 ms    24 ms  bb-chcgilwu-jx9-02-ae0.core.centurytel.net [206.
    51.69.70]
      7    26 ms    46 ms    25 ms  cer-edge-17.inet.qwest.net [65.113.255.241]
      8    26 ms    24 ms    24 ms  chp-brdr-03.inet.qwest.net [67.14.8.194]
      9    26 ms    28 ms    24 ms  chi2-pr1-ae5-219.us.twtelecom.net [64.132.69.165
    ]
     10    67 ms    34 ms    33 ms  lou1-ar3-xe-0-0-0-0.us.twtelecom.net [66.192.246
    .10]
     11    35 ms    35 ms    34 ms  64.132.167.2
     12     *        *        *     Request timed out.
    Dan

    You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.

  10. #10
    Untanglit
    Join Date
    Aug 2012
    Posts
    16

    Default

    The trace I put up was from home as well.
    Here is the trace from work behind the UT box: (with minor edits):

    Tracing route to w3schools.com [66.29.212.73]
    over a maximum of 30 hops:

    1 <1 ms <1 ms <1 ms untangle.server[xxx.xxx.xxx.xxx]
    2 3 ms 3 ms 3 ms SBOX FW[xxx.xxx.xxx.xxx]
    3 16 ms 16 ms 15 ms bzq-179-37-1.static.bezeqint.net [212.179.xxx.xxx]

    4 * * * Request timed out.
    5 16 ms 22 ms 15 ms bzq-179-160-185.static.bezeqint.net [212.179.160
    .185]
    6 * * * Request timed out.
    7 * * * Request timed out.
    8 48 ms 22 ms 27 ms bzq-179-124-238.static.bezeqint.net [212.179.124
    .238]
    9 85 ms 81 ms 93 ms 213.242.116.129
    10 92 ms 103 ms 116 ms ae-0-11.bar1.Marseille1.Level3.net [4.69.143.241
    ]
    11 85 ms 74 ms 73 ms ae-7-7.ebr1.Paris1.Level3.net [4.69.143.238]
    12 113 ms 80 ms 86 ms ae-23-23.ebr2.Paris1.Level3.net [4.69.143.126]
    13 148 ms 146 ms 147 ms ae-42-42.ebr2.Washington1.Level3.net [4.69.137.5
    4]
    14 165 ms 167 ms 152 ms ae-92-92.csw4.Washington1.Level3.net [4.69.134.1
    58]
    15 148 ms 148 ms 147 ms ae-91-91.ebr1.Washington1.Level3.net [4.69.134.1
    41]
    16 160 ms 161 ms 159 ms ae-2-2.ebr3.Atlanta2.Level3.net [4.69.132.85]
    17 159 ms 168 ms 160 ms ae-73-73.ebr2.Atlanta2.Level3.net [4.69.148.254]

    18 176 ms 327 ms 223 ms ae-8-8.car1.Nashville1.Level3.net [4.69.140.229]

    19 348 ms 212 ms 202 ms ae-11-11.car2.Nashville1.Level3.net [4.69.140.22
    5]
    20 175 ms 176 ms 175 ms ae-2-2.car2.Louisville1.Level3.net [4.69.140.221
    ]
    21 176 ms 175 ms 175 ms MAXIMUMASP.car2.Louisville1.Level3.net [4.59.186
    .2]
    22 203 ms 186 ms 199 ms host10.68.121.74.static.maximumasp.com [74.121.6
    8.10]
    23 181 ms 181 ms 184 ms 10.200.200.2
    24 10.200.200.20 reports: Destination protocol unreachable.

    Trace complete.
    I'm going to try connecting directly to the FW and bypass UT to see if there is a problem there..

    I'll let you know.

    Ivan

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2