Contributor
•
140 Messages
xFinity Router/Gateway is blocking a specific website
ACCESS RESPONSE: ERR_CONNECTION_TIMED_OUT Message
NOTE: Running VPN allows me to get to the website in question - always got to the website without running VPN.
I am having a similar problem as this thread: https://forums.xfinity.com/t5/Your-Home-Network/xFinity-supplied-Router-Gateway-is-blocking-a-specific/td-p/3316288
- My xFinity supplied router started timing out on only one Website (URL) 5 days ago.
- Before then I was able to connect to the website without issue.
- Others can access the websites without any problems.
- I can access the website using my cell phone or connected to another Xfinity router - just can't get to it when on my home Xfinity Router. Otherwise, I can access a zillion others websites.
- Xfinity Help worked with me for a while and said to contact the website owner.
- My router was turned off and on again multiple times .
I have contacted the site in question and they confirm that they aren't blocking my access. FWIW - this site houses three of my websites, e-mail, etc. - can't get to any of them unless I run VPN.
BruceW
Gold Problem Solver
•
26.1K Messages
5 years ago
When you cannot reach a site using your home Internet connection but can reach it using another Comcast link or a VPN or a mobile hotspot, it usually means the site is blocking your public Comcast IP. You can look up your public IP at https://www.google.com/search?q=IP. You'll probably need to ask the site's admins for help with this. Many sites admins don't even know that their systems do IP blocking, so this may not be easy.
What does a trace to to the site show? In Windows, open a Command Prompt window, enter
tracert -4 URL
and post the output.
0
0
NFrankel236
Contributor
•
140 Messages
5 years ago
Thanks for the reply. My website host says my IP isn't being blocked. The technician also had me get the IP using VPN and he said that wasn't being blocked.
Here is the output from my trace (I closed the window after 7 or so - wasn't sure how long it was going to try):
1 Attachment
trace.jpg
0
0
BruceW
Gold Problem Solver
•
26.1K Messages
5 years ago
Not really. Since Comcast rolled out "Advanced Security" to its xFi gateways there have been many reports of improperly blocked sites. Perhaps the site you're trying to reach shares a server with a site hosting abusive content, or perhaps it's a bug in Comcast's systems. No way for a non-employee like me to know.
0
0
BruceW
Gold Problem Solver
•
26.1K Messages
5 years ago
You're blocked right at your gateway. You might try turning off xFi's "Advanced Security": see "Disable Advanced Security" on https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security/. I can browse vpnavy.org without a problem, but I'm using a straight cable modem instead of a Comcast gateway.
0
NFrankel236
Contributor
•
140 Messages
5 years ago
Why would it be blocked? I have run for years using the same Xfinity box without a problem. Any idea what happened?
0
0
NFrankel236
Contributor
•
140 Messages
5 years ago
Really confused now. I went through the "restart" process via XFinity and it hung and said try again later. So, I unplugged the box - waited a minute - plugged it back in and nothing happened - just ON was lit. A few minutes later the dang box came online. Guess what - I can now get to vpnavy.org!
0
0
NFrankel236
Contributor
•
140 Messages
5 years ago
Just noticed - I CAN NOW GET TO VPNAVY.ORG (I accidently said I couldn't after the restart).
0
0
NFrankel236
Contributor
•
140 Messages
5 years ago
No - didn't shut off Security. It showed hits the past few days that were blocked - didn't want to open it up. I just went ahead and hit RESTART.
I ran the traces - they failed?
1 Attachment
trace1.jpg
0
0
BruceW
Gold Problem Solver
•
26.1K Messages
5 years ago
Can you run and post a trace to say, Google.com? Did you turning off xFi's "Advanced Security"? It may be necessary to swap out the gateway.
0
0
BruceW
Gold Problem Solver
•
26.1K Messages
5 years ago
Good to hear!
When running tracert, don't type "URL", replace that with the site you want to trace, like you did in your earlier example:
tracert -4 vpnavy.org
0
0
NFrankel236
Contributor
•
140 Messages
5 years ago
Dang - I know better then that! SMILE
Here is Google and my site (noticed it started timing out..
2 Attachments
trace.jpg
trace1.jpg
0
0
BruceW
Gold Problem Solver
•
26.1K Messages
5 years ago
That's normal for many sites. Routers and servers don't always return the packets tracert needs. It's a pain, but by itself doesn't mean much. I can browse and ping the site, but tracert fails after what appears to be the last Comcast hop:
0
0
NFrankel236
Contributor
•
140 Messages
5 years ago
Well - that didn't last long - blocked again!
2 Attachments
trace.jpg
trace1.jpg
0
0
NFrankel236
Contributor
•
140 Messages
5 years ago
When I kick in VPN - I can get to my site - don't understand why. Doesn't that mean that Comcast is blocking my normal IP (since VPN hides my IP)?
1 Attachment
trace.jpg
0
0
BruceW
Gold Problem Solver
•
26.1K Messages
5 years ago
That's an xFi "Advanced Security" device. Most of Comcast's newer gateways are -- see https://www.xfinity.com/support/articles/getting-started-with-xfinity-xfi-advanced-security. If "Advanced Security" is blocking the site with the DPC3941, most of the other gateway models would do the same. I know of no way to ask Comcast to restore access to a site blocked by "Advanced Security". If you use one of their gateways and "Advanced Security" is blocking a site, and you're not willing to turn off "Advanced Security", you're stuck, except for the VPN.
0