Unable to access my own website, email, ftp server via home network

maxphotoaustin · Dec 9, 2016

Starting yesterday, and continuing through today, I have been unable to access my website and seemingly anything related to it (email, ftp server, cpanel) only via my home network. The problem persists on all different devices, and plugging directly into the router (rather than using wifi) makes no difference. My phone, however, has no problems accessing the website or email when it's on the cellular network rather than wifi.

I have manually changed my DNS server, and manually given my computer a static IP address, to no avail.

I'm afraid I'm a novice with networking issues, so any help at all would be appreciated.

The router I am using is a 2Wire 3801HGV.

nigelivey · Dec 9, 2016

Where is the server, local or remote? Are you trying to connect to it with its local IP address or Domain name. Unless your router offers NAT reflection or split DNS you normally wouldn't be able to access it within your network with a domain name.

maxphotoaustin · Dec 9, 2016

The server is remote; I'm using MacHighway to host the website. I've attempted to connect with the domain name as normal, and also with the IP address, but no joy.

The website, if it helps at all, is www.maxphotostudio.com. I also should mention I'm using AT&T's Uverse.

Ralston18 · Dec 9, 2016

Did the problem start when you manually made the changes or were the changes an attempt to fix the problem? The latter I think but best to make sure.

And to confirm: your website, etc.. is accessible externally via the internet but not internally via your home network devices.

Is the 2Wire 3801HGV the only modem router that you have or are there other routers or network devices?

First of all: reverse the changes that you made. Go back to the configuration that was originally working.

Could have been just some momentary glitch and then your changes may now be preventing normal operation.

Second: see if you can remember any other changes or errors when the problem started. E.g., any new devices, router changes, anything else that was being done or worked on when the problem started.

[Edit: Note. Was just able to visit your website, ping and tracert it without any problems. You are visible on the internet.]

maxphotoaustin · Dec 9, 2016

The changes were an attempt to fix the problem, based on the internet sleuthing I did.

And yes, the website, etc. are all accessible via my cell phone's network, or via other people's networks.

The 2Wire is the only modem router in my network.

I went ahead and reversed the changes, but no luck there. I'll keep them in the original configuration just in case.

And strangely enough, there were no changes made when the problem started. I left my studio Wednesday night, and when I came in Thursday morning, I saw that my email (only from my website; gmail still works) was not working and attempting to go to my website gives me the error ERR_CONNECTION_TIMED_OUT.

maxphotoaustin · Dec 9, 2016

Also, thank you both for taking time to offer suggestions. I really appreciate it.

maxphotoaustin · Dec 9, 2016

Maybe this will help. I'm in contact with my web host as well, trying to sort this out, and they suggested I run a traceroute. I'm getting a list of 16 routers/IP addresses, then lines of ***. Specifically, the problem appears after the following line:

16 s99.n248.n204.n199.static.myhostcenter.com (199.204.248.99) 84.200 ms 80.632 ms 76.405 ms
17 * * *
18 * * *
19 * * *

From what I can gather, this indicates that the problem does not lie on my end, or my host's end, but somewhere in between. Is this correct? And if so, is there anything I can do about it?

Ralston18 · Dec 9, 2016

Not really sure that tracert is all that useful per se in this case. Traffic can be routed in any number of ways and the path(s) can change hops.

But to follow nigelively's query a bit. You were able to (at one time) sit down at your home computer, type your website name into your browser, and get to your website.

And update/edit the website accordingly - correct?

maxphotoaustin · Dec 9, 2016

And after a bit more research, I'm using PingPlotter and have found the IP address that appears to be causing the issue.

It's indicating that 199.204.248.139/s139.n248.n204.n199.static.myhostcenter.com has a 100% packet loss.

I'm not sure what to do with this info, but it seems like a good start.

maxphotoaustin · Dec 9, 2016

Ralston: Yes, up until yesterday, I had no problem reaching my website, sending and receiving email from my @maxphotostudio.com address, etc.

maxphotoaustin · Dec 9, 2016

Yeesh, I should look at my numbers more carefully. That IP address is my website's IP address. So it looks like the issue is with the hosting company?

Ralston18 · Dec 9, 2016

Okay: I just ran pathping targeting your website.

Results (excluding the first few hops...)

5 10ms 0/ 100 = 0% 0/ 100 = 0% te-9-4-ar01.dover.de.bad.comcast.net [68.87.168.61]
0/ 100 = 0% |
6 12ms 0/ 100 = 0% 0/ 100 = 0% be-33657-cr02.ashburn.va.ibone.comcast.net [68.86.90.57]
0/ 100 = 0% |
7 10ms 0/ 100 = 0% 0/ 100 = 0% be-10142-pe01.ashburn.va.ibone.comcast.net [68.86.86.34]
0/ 100 = 0% |
8 11ms 0/ 100 = 0% 0/ 100 = 0% 50.248.117.46
0/ 100 = 0% |
9 13ms 0/ 100 = 0% 0/ 100 = 0% ten3-4.1sc-node.expedient.com [216.230.108.246]
0/ 100 = 0% |
10 15ms 0/ 100 = 0% 0/ 100 = 0% ten3-3.3wl-node.expedient.com [216.230.108.238]
0/ 100 = 0% |
11 25ms 0/ 100 = 0% 0/ 100 = 0% ten2-8-3.810-core.expedient.com [207.114.44.69]
0/ 100 = 0% |
12 37ms 0/ 100 = 0% 0/ 100 = 0% ten2-7-3.acm-core.expedient.com [209.166.144.221]
0/ 100 = 0% |
13 40ms 0/ 100 = 0% 0/ 100 = 0% ten1-7-4.upa-core.expedient.com [209.166.144.210]
0/ 100 = 0% |
14 54ms 1/ 100 = 1% 1/ 100 = 1% myhostcenter-gw-primary.cust.e-xpedient.com [66.11.1.179]
0/ 100 = 0% |
15 55ms 0/ 100 = 0% 0/ 100 = 0% s99.n248.n204.n199.static.myhostcenter.com [199.204.248.99]
0/ 100 = 0% |
16 56ms 0/ 100 = 0% 0/ 100 = 0% s139.n248.n204.n199.static.myhostcenter.com [199.204.248.139]

We are both hitting the website but I have no packet losses. Excluding 1 in Hop 14.

Overall, for some reason responses are not getting back to you - i.e., packet losses....?

Not sure if that the issue is with the hosting company per se. Reason being a problem there would probably block everyone which does not seem to be happening. It would be something unique to your situation.

Does your router have any logs and are they enabled? Can you check any firewall or port forwarding configurations that may be or may have been in place via the router's admin page.

Give pathping a try from your end (takes several minutes) to see what comes back.

nigelivey · Dec 9, 2016

It might be worth investigating whether the hosting company have locked your home IP address out in the name of "security"?

maxphotoaustin · Dec 9, 2016

Logs are on. Here's what it's showing in the event log:

INF 2016-12-09T11:57:07-06:00 fw,fwmon src=89.121.45.72 dst=99.11.251.36 ipprot=6 sport=48300 dport=23 Unknown inbound session stopped
INF 2016-12-09T11:57:22-06:00 fw,fwmon src=86.34.21.180 dst=99.11.251.36 ipprot=6 sport=26623 dport=23 Unknown inbound session stopped
INF 2016-12-09T11:57:26-06:00 fw,fwmon src=192.168.1.64 dst=8.8.8.8 ipprot=1 icmp_type=3 icmp_code=3 ICMP Dest Unreachable, session terminated
INF 2016-12-09T11:57:27-06:00 fw,fwmon src=192.168.1.64 dst=208.67.222.222 ipprot=1 icmp_type=3 icmp_code=3 ICMP Dest Unreachable, session terminated
INF 2016-12-09T11:58:01-06:00 fw,fwmon src=91.197.234.22 dst=99.11.251.36 ipprot=6 sport=45919 dport=3389 Unknown inbound session stopped
INF 2016-12-09T11:58:07-06:00 fw,fwmon src=178.79.56.43 dst=99.11.251.36 ipprot=6 sport=63962 dport=23 Unknown inbound session stopped
INF 2016-12-09T11:58:21-06:00 fw,fwmon src=190.147.75.139 dst=99.11.251.36 ipprot=6 sport=19615 dport=23 Unknown inbound session stopped
INF 2016-12-09T11:59:32-06:00 fw,fwmon src=61.233.76.154 dst=99.11.251.36 ipprot=6 sport=11741 dport=22 Unknown inbound session stopped
INF 2016-12-09T12:00:13-06:00 fw,fwmon src=192.168.1.64 dst=208.67.222.222 ipprot=1 icmp_type=3 icmp_code=3 ICMP Dest Unreachable, session terminated
INF 2016-12-09T12:00:13-06:00 Previous log entry repeated 1 times
INF 2016-12-09T12:00:51-06:00 fw,fwmon src=216.218.206.102 dst=99.11.251.36 ipprot=6 sport=37877 dport=80 Unknown inbound session stopped

Etc. Mostly it's showing "unknown inbound session stopped."

System log is showing:

WRN 2016-12-09T09:36:34-06:00
named: Previous log entry repeated 3 times
ERR 2016-12-09T09:36:37-06:00
vzonead: delete old lineups
WRN 2016-12-09T09:36:37-06:00
named: forward start (errno=1)
WRN 2016-12-09T09:36:37-06:00
named: Previous log entry repeated 2 times
ERR 2016-12-09T09:36:37-06:00
vzonead: delete old lineups
WRN 2016-12-09T09:36:45-06:00
named: forward start (errno=1)
WRN 2016-12-09T09:37:04-06:00
named: Previous log entry repeated 3 times
ERR 2016-12-09T09:37:09-06:00
vzonead: delete old lineups
ERR 2016-12-09T09:37:41-06:00
vzonead: Previous log entry repeated 3 times
WRN 2016-12-09T09:38:04-06:00
named: forward start (errno=1)

Ralston18 · Dec 9, 2016

I would expect most of the Event log entries are just attempts to gain access into your network. You can use "Whois" and the IP addresses to identify the attempting "source". IPs could be spoofed.

Your router realized that no devices/applications on your network were communicating with the inbound source and stopped/terminated the session as appropriate.

Can you see any log entries from yesterday prior to the time of the problem(s) starting?

What about the Upgrade and Firewall logs? See if there are any changes there with respect to your network, your ISP provided IP, or the hosting company's IP.

Does the following link match the User Guide for your router?

http://setuprouter.com/router/2wire/5012nv-002/manual-1321.pdf

Any problems reaching other websites from your computer?

Starting on Page 103 (trusting that I have the correct manual) you will find information and settings relevant to redirection: it does appear that your router supports some such configurations.

The key is to figure out if your router is now blocking (for some reason) incoming packets from your hosting site. I think, though that you would see the website IP in the logs. Very sure that you would not knowingly block the hosting company via the firewalls etc..

That sort of leaves nigelivey's "security" idea sort of at the top. First because it is quite plausible and secondly because I am running out of ideas on my end.....

Try to look through the router logs more, go through the various admin functions/features on the router to be sure that nothing there is blocking home access to your webpage.

Then call the hosting company and press the issue a bit more. In the meantime there may be some additional ideas and suggestions posted. No problem with that on my end.

maxphotoaustin · Dec 12, 2016

Well, it took them forever to figure this out, but the hosting company had in fact blocked my home IP address. They said I had tried to log in with a bad password (maybe an older device tried connecting with an outdated password), so it blocked me for security reasons. Thanks a million for the help!

nigelivey · Dec 12, 2016

maxphotoaustin :

No problem, glad you got it sorted out. (It had happened to me a year or so ago).

Unable to access my own website, email, ftp server via home network

Honorable

Splendid

Honorable

Titan

Honorable

Honorable

Honorable

Titan

Honorable

Honorable

Honorable

Titan

Splendid

Honorable

Titan

Honorable

Splendid

Share this page