Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Subscribers 3 subscribers
  • Views 18443 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No route to host

kruserm
I am running astaro version 7.504 and I am getting an error when I try to a particular url.  All other url's work fine and this is the first time I have had this error.  Here is the error I get:

Error message: No route to host

I looked around in the live logs and did not see anything that jumped out at me.

I can get to the url if I bypass the firewall so it has to be a configuration setting of some kind.

Thanks,
Ryan


This thread was automatically locked due to age.
  • 0
    Ryan, I'm a little confused.  This thread isn't in the Web Security forum, but you mention a URL.  Should this thread be moved to the other forum?  Where, exactly, do you see this message?  What do you mean by bypass the firewall - how?

    Cheers - Bob
    PS Moved the thread to Web Security.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    I put this topic in this forum because the description mentioned DNS issues and I figured thats what no route to host meant, if it needs to be in a different forum then lets go ahead and move it.

    I get the message in IE and firefox.  I bypass the firewall by connecting a PC directly to my ISP.

    Thanks,
    Ryan
  • 0
    What do you see in the HTTP Live Log when this occurs?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    No Route to Host is NOT a DNS problem.

    Try a traceroute.

    Barry
  • 0 in reply to BarryG
    BAlfson, I get entries in the live log every few seconds and I dont even any webpages up, so it is a little hard to decipher what is going on.

    BarryG, A tracert times out 4 times in the middle but does complete.


    Thanks,
    Ryan
  • 0
    If traceroute consistently isn't working, then it's probably an external network problem. Perhaps you could ask your ISP to investigate, if the site is accessible from elsewhere.

    Barry
  • 0
    Alright I will contact my ISP and see what they can do for me.  Thanks for all your help.
  • +1 in reply to BarryG

    Hi,

     

    An old thread.... But I´ve just had the same or at least a similar problem. First reload of the website works, next requests fails with errormessage "no route to host".

     

    In general BarryG ist right, when he says:

     

    BarryG said:
    No Route to Host is NOT a DNS problem.

     

    But: This problem can result because of dns. In my case it is the website bmsfans.info. This domain name has two ip addresses configured:

    > bmwfans.info
    Server: 127.0.0.1
    Address: 127.0.0.1#53

    Non-authoritative answer:
    Name: bmwfans.info
    Address: 78.47.130.57
    Name: bmwfans.info
    Address: 138.201.30.58

     

    If we have two or more dns entries, then usually dns round-robin will be used. In this case, the server 78.47.130.57 is not reachable. So the dns server replies with all the configured ip addresses, each for each after another. So if we get 78.47.130.57 as an answer from the dns server, the request will fail and in this case, the proxy will show the "no route to host" message. But as you can imagine, every possible errormessage could appear, when the utm requests the "faulty" server.

     

    So, if anyone faces this issue, use the sophos´s shell access and use nslookup or an similar tool to check for ip addresses registered to that domain name. After that, check, if both servers are pingable and if services are running (e.g.: telnet xyz.com 80 or telnet xyz.com 443).

     

    Now, we still didn´t solve the problem, we just know the reason. At first you should kindly ask the provider/owner of that website, hopefully he is reachable and willing to fix the problem. But if not, you can temporarily use a workarround in the utm. Simply configure a static host for that specific site and use only the actually working ip address. Looks like that:

     

     

    And here the result:

     

    Hope that helps.

     

    Best Regards

    Sebastian

  • 0 in reply to seroal

    Great workaround, Sebastian!  My father always said you can recognize a brilliant new insight when it's "obvious" to others seeing it for the first time.  Thanks!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    that´s a really wise statement and I totally agree ;)

     

    It´s always a please to give something, it is nice to know, to possibly get something back. Prosperity works only to give and take. Take only doesn´t work ;)

     

    Regards

    Sebastian

     

     

     

Unfiltered HTML