Hi, I have installed Clearos 6.3 with all the last updates applied, I have activated Web Proxy and Content Filter. It works ok but suddenly when I try to access a Website, I receive a warning message "Unable to find Server Name / DNS failed", conecction status "Online", I believed this was a ISP problem, to discard this posibility, I bypass this ClearOS Server and go directly to the ISP Router with a laptop, I never have this problem. I can ping the WebSite, and also tried a DIG command to the website and the ISP's DNS resolves the names correctly. If I wait for a 10 or 15 minutes, and try again I can access the WebSite. This occurs with any Website, inclusive sometimes I'm navigating inside a WebSite and when I select an option inside the Website, I have the warning message, and the whole site becames inactive until 10 or 15 minutes. I have transparent mode disabled, I also checked for messages in /var/log/messages and syswatch but all seems normal. Also sometimes the photos or animations in the website are shown in blank, I have to refresh the webpage in order to display them. Can you help me with this problem???
P.D.: I enter to this site to post this message, with no problems, when I hit submit, I got the warning message, I'll wait for 15 minutes to submit it.
P.D.: I enter to this site to post this message, with no problems, when I hit submit, I got the warning message, I'll wait for 15 minutes to submit it.
Share this post:
Responses (11)
-
Accepted Answer
Its a long shot, but can you search the forum or internet for "aping" and try using it on your ClearOS LAN address. You should not get any response. If you do get a response you have more than one device with the ClearOS LAN IP. Check any routers acting as WAP's, LAN printers and anything else you can think of.
You can also try arping from ClearOS to your LAN client. You should get a reply from only one MAC address. -
Accepted Answer
Thanks Nick, let me tell you that I have a production Proxy Server with ClearOS 5.2, without Content Filtering activated, but the same addressing scheme for about 1 year without problems. What we want is move to ClearOS 6.2 because the Content Filtering is better, i heard. and want to start using it.
I tried what you suggest. The External interface card has the DNS Servers defined, the ones that my ISP provider gave me. I can ping by name, dig by name, and all was resolved fine. As I said in my initial post, I can navigate but suddenly a Site that I used 5 minutes ago, is inaccessible, getting the message described. I wait for 5 or 10 minutes, and try again, all works ok. We already check with my ISP and tried directly (avoiding the Server) and the problem never occurs. We test the Sites in both servers (5.2 and 6.3) at the same time (router is the same), no problems with 5.2 but 6.3, i got the error message.
Maybe you can tell me if the Content Filtering is the same in 5.2, I will try to go back and see if 5.2 doesn't have this problem, some suggest to move to ipcop or other options, but I'm a Clearos Fan and want to stay here. Any help will be appreciated. -
Accepted Answer
As Nick noticed, 192.1.2/24 is not a valid IP subnet for an internal network.
However: If going direct works but going proxy does not, I would look at the DNS on the proxy server. Remember that the proxy server has to resolve DNS, it is not resolved on the local host as with direct connections. I would ssh to the firewall and type 'ping <dns-server-ip>' (substitute the IP address of the DNS server) to make sure you can ping it, and 'host www.google.com' to see if it can resolve the name of a well known web site. If one or the other does not work, you know your problem. -
Accepted Answer
I don't know the answer to your question as I don't use the proxy, but I've noticed something completely different which should not be the cause of your problem. Your LAN is using an odd address. The normal ranges for LAN's are 192.168.0.0 - 192.168.255.255, 172.16.0.0 - 172.31.255.255 and 10.0.0.0 - 10.255.255.255. If you ever want to visit a site whose WAN IP is 192.1.2.46, you will fail! -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »