IKEv2 VPN Unable to goto DuckDuckGo.

Im very new to watchguard. I noticed that while being connected to a vpn using the IKEv2 I am denied access going to duckduckgo search page.
I looked at the firewall status where it shows all the trtaffic being allowed or denied, and I seen it show allowed for My vpn IP and duckduckgo's IP.

Why on earth would this be getting blocked?

Comments

  • Works for me, using a T20 with V12.8.

    Are you using a HTTPS proxy ?
    If so, perhaps you really don't have every allow or proxy strip option enabled on your HTTPS proxy action.

  • There appears to be some https proxies but I do not see anything that has duckduck in their settings. Its very strange. Maybe it has something to do with my vpn connection in linux. If I connect to the vpn thru a windows vm, I am able to visit the duck.

  • From your Linux setup - I assume that you can get to other Internet sites without issues.

    At the moment, I am seeing substantial packet loss (66.7%) at be-8-0.ibr01.atl31.ntwk.msn.net using WhatsUP Visual Traceroute.
    And very high latency from devices on *.ntwk.msn.net. Looks like a MSN network issue at this time.
    In spite of these issues, I can bring up the duckduckgo.com web site quickly on my Windows PC.

    Are you always seeing duckduckgo.com down from your Linux device and up from Windows ?
    If so, could well be your Linux setup which is somehow the cause.

  • By the way, HTTPS proxy action settings can apply to any HTTPS site allowed by that policy, and cause one or more of them to not work properly, without a specific IP addr or FQDN being specified on the proxy policy or in the proxy action.

  • Yes it indeed seems to be an issue with my linux implementation. I noticed when connecting to the vpn I am getting no updated route table. This would make sense to me if no sites worked, but most still do, but at least I narrowed it down to my host and not the vpn.

Sign In to comment.