Page 1 of 7

LDS.org not working inside firewall

Posted: Sun Jan 18, 2015 9:06 am
by rickk
For the past 2 Sunday's (not sure about during the week - I didn't make it down here this week) our stake center does not seem to be able to access LDS.org. I tried other websites and they work fine. Some LDS sites work (I am typing this at the building) but others don't. I connected my computer outside the firewall directly to the modem and LDS.org works fine. Any suggestions about what could be happening? Last Sunday I tried rebooting the firewall but it didn't help. The stake center has has the firewall upgrade so we are using the new firewall configuration.

Rick

Re: LDS.org not working inside firewall

Posted: Sun Jan 18, 2015 12:52 pm
by rickk
A bit more info... I asked the other tech folks to test at the rest of the buildings in the stake and they seem to be working fine, so it is isolated to the stake center. I tried doing a refresh of the configuration from the TM website but still no better. The stake center was the first firewall that we upgraded back during the "beta" period for the new setup and it worked fine at that time. Do I maybe need to go in and do the upgrade again instead of trying to do a reboot or a refresh? I will call LUS tomorrow, but they typically don't have anyone that can do more than generate a ticket on Sundays...

Re: LDS.org not working inside firewall

Posted: Sun Jan 18, 2015 1:19 pm
by russellhltn
The networking people are open later on Sunday - when it's normal working hours in Australia. I'd give them a call. I'm guessing they open around 4PM your time.

Re: LDS.org not working inside firewall

Posted: Sun Jan 18, 2015 1:50 pm
by rickk
So the call center (or at least one of them) is in Australia? Not sure I speak that language... :) We had a foreign exchange student from New Zealand when I was in high school and liked to tease her about it. We have a fireside this evening that I am helping with, but I will try to call if I get a chance.

I am now at another building in the stake - life of a stake clerk - and the same devices that were failing at the stake center are working here. That points pretty clearly at the stake firewall.

Thanks,
Rick

Re: LDS.org not working inside firewall

Posted: Mon Jan 19, 2015 7:08 am
by yarrgh
We have seen a common issue with getting to lds.org from some meetinghouses. We have found that comcast is what all the sites share in common. If you are having issues getting to lds.org and have comcast, contact them. They are not behaving nicely with our DNS servers when you perform look ups to lds.org. If your ISP is not comcast, contact the Global Service Center so that we can troubleshoot.

Re: LDS.org not working inside firewall

Posted: Mon Jan 19, 2015 9:16 am
by rickk
We do have Comcast, but what am I supposed to tell them? I doubt this is a huge problem, so the first line support person is not likely to know what is wrong without more info. We also have Comcast in another building and it was working just fine yesterday. I am an electrical engineer so you can give me the technical details, assuming that you have them, so I can tell Comcast what the problem is. Just saying that they are not playing nicely is not going to get very far. I bypassed the firewall and LDS.org worked just fine, so they are going to blame the firewall. If it is an interaction between the firewall and their modem/system, we need more info to get it fixed.

Re: LDS.org not working inside firewall

Posted: Mon Jan 19, 2015 11:24 am
by Mikerowaved
rickk wrote:I bypassed the firewall and LDS.org worked just fine...

This clearly points to the firewall. Besides manually power cycling the firewall, the only tools STS's have are the reboot and refresh options from TM and you've done those already. The only thing left is to follow Russell's advice and contact the GSC folks. So far, they've been able to solve every issue I've thrown at them.

Re: LDS.org not working inside firewall

Posted: Mon Jan 19, 2015 12:12 pm
by russellhltn
mikerowaved wrote:This clearly points to the firewall.

Not necessarily. What yarrgh may be saying is that the firewall uses church DNS servers and access is being blocked. When you remove the firewall, you most likely end up using the DNS supported by the ISP.

Another possibility is that the VPN needs to go to a specific IP address - and the ISP's DNS hasn't updated to the current IP address (served by the church's DNS lookup) for that location. When you remove the firewall, there is no VPN, so no apparent problem.

But I agree more information is needed. Without it, this isn't going to get past the ISP's first-level support. They'll just blame the firewall.

Re: LDS.org not working inside firewall

Posted: Mon Jan 19, 2015 12:25 pm
by yarrgh
It also is not the firewall because all firewalls have the same configuration on them. If most work except for those with Comcast, the issue lies with Comcast. We have issues with ISPs that hijack or redirect our DNS lookups to their own servers. Usually this is only an issue with wireless ISPs.

Before I mention more, I'm going to do a quick test with Comcast and post more. I don't want to post false information

Re: LDS.org not working inside firewall

Posted: Mon Jan 19, 2015 12:36 pm
by russellhltn
yarrgh wrote:It also is not the firewall because all firewalls have the same configuration on them. If most work except for those with Comcast, the issue lies with Comcast.


1) You mean supposed to have the same configuration.

2) Some problems require a specific combination to appear. It could be a problem with the firewall, but it's something Comcast does that turns it into a problem. Both halves work fine, put them together and there's a problem.