1 Website not accessible from my parents' connection

DDiochengion11 · 2025-03-24T18:05:08+00:00

1 Website not accessible from my parents' connection

Hello together

For over a week now, my parents have been experiencing a problem with their Swisscom Internet connection: they can no longer access the mail server that I run privately at home. If you switch off the wifi on your mobile phone, the mails arrive, if you log in with me or in another wifi with your laptop, the mail works perfectly… in the meantime you have received a new modem (has been running since the technician was with you, as there are known problems with the red plug, at least with the technicians on site, not with those on the hotline), it worked at the beginning and now nothing works again… what could be the reason? Even if I enter mail.mydomain.xx in the web browser, the page cannot be loaded. I have init7 at home and in my shop with a Thurcom connection it works perfectly, also with yallo, sunrise, wingo connections without problems…. even when I phone the boring swisscom hotline, you can always access it… can you help me or my parents?

Lori-77 · 2025-03-24T18:40:52+00:00

Hello could be that your subdomain has ended up on a blacklist…..

If necessary, change the DNS server on the router.

and that because of the XGS Pon plugs only a very small amount is affected, they need a little more pressure to get them in, usually a new cable helps.

So far I’ve only had one IB5 Pro go on strike with a customer.

Greetings Lorenz

HP · 2025-03-24T18:43:32+00:00

Hello @Diochengion11

Possibly a problem with the name resolution? Try a different DNS server, e.g. 8.8.8.8 from Google.

You can also test your mail domain at https://mxtoolbox.com.

r00t · 2025-03-24T19:01:14+00:00

Hi Diochengion11

Like the others, I would also check whether the domain is resolved correctly at your parents’ home.

The best way to do this is to use the board tools “nslookup” or “dig” instead of online tools 😉.

If a different IP is reported, visit the page via HTTP (without S), the Internetguard may then respond and you can report the IP as false positive.

If you like, you can also send me the domain by PM and I’ll see if I can reach it from my Swisscom connection. Do you have any IDS/IPS in use?

LG

r00t

DomiP · 2025-03-24T20:43:36+00:00

I noticed something similar at my home (server on own domain with host from Cloudflare) and DNS on Swisscom’s IB. When I changed the DNS server to the same one as the name server, everything worked. In my case it is 1.1.1.1…

DDiochengion11 · 2025-03-25T04:30:18+00:00

DomiP everything worked after the technician arrived… then the fibre optic cable was only briefly disconnected from the modem, the fibre optic cable was properly installed and reconnected… and the website was not accessible in the browser again and the mails did not arrive in the WLAN either on the notebook in Outlook or on the iPhones or iPads…

Lori-77 · 2025-03-25T05:42:06+00:00

Diochengion11

This has nothing to do with fibre optics if the technician briefly reconnects the fibre optic cable for his measurement.

The technician always checks that the router is back online and that the customer’s telephone, TV and Internet services are running.

There must be something else with your parents.

Cloudfare has switched to HTTPS for DNS, the rest is now going nowhere.

Have you tried one from another Swisscom connection?

Private customer connection

And after you have reconnected, how does the LED light up, flashing red or steady white?

Did you also observe the bending radii of the cable?

Greetings Lorenz

DDiochengion11 · 2025-03-26T04:51:23+00:00

Lori-77 I have entered the standard DNS servers from Swisscom, as before… with swisscom on the hotline it also worked with 4 different employees… the LED was constantly lit white the cable is not kinked…

DDiochengion11 · 2025-03-26T04:52:14+00:00

r00t I have sent you the address privately.

r00t · 2025-03-27T18:46:24+00:00

Hi Diochengion11

Thanks for the hostname, I can easily reach it from my connection and also resolve it correctly.

Do you see e.g. with tcpdump the traffic arriving at your server? If not, I would get @ChristianEb on board to see if there is a problem somewhere in the network.

LG

r00t

DDiochengion11 · 2025-03-29T06:23:33+00:00

Is it possibly the same problem as in this post https://community.swisscom.ch/d/804448-schrankt-die-swisscom-das-aufrufen-von-internetseiten-ein @ChristianEb?

WalterB · 2025-03-29T07:56:33+00:00

Diochengion11

Have you ever completely reset the Internet box?

DDiochengion11 · 2025-03-29T12:40:30+00:00

WalterB yes already several times, even with a new swisscom büx it doesn’t work….. is really tedious… maybe it’s because I’m an init7 customer and therefore a thorn in Swisscom’s side…

Lori-77 · 2025-03-29T13:05:11+00:00

Diochengion11

This has nothing to do with you being with a different ISP.

As long as the website is not on a blacklist, it must be accessible.

What happens if you open a VPN on a test basis with a Swisscom connection, can the server then be reached? Because you are tunnelling through the Swisscom infrastructure.

Greetings Lorenz

PowerMac · 2025-03-29T15:49:33+00:00

There are three possible causes: either the DNS or the routing or a protection mechanism of the target system. Your comment that it worked briefly after the technician’s visit could be explained by the fact that your router was given a new IP at the time, but this was then quickly blocked. At least the first two causes can be narrowed down with the simple on-board tools of the operating system, as r00t already wrote above.

@Diochengion11 If you compare the output of the command “nslookup mail.meindomain.xx” with that of “nslookup mail.meindomain.xx 8.8.8.8” in a command line window, do you notice a difference? What output does the command give if you run it from an Init7 or Thurcom connection? If the results were only different on the Swisscom connection or with the Swisscom DNS, you would have to look further for the error in the DNS. An online DNS resolver, which can also detect any subtle DNS misconfigurations, may help. For example this one: https://www.diggui.com/

If the DNS is good, check the routing next. Can you ping your mail server (command line “ping mail.mydomain.xx”)? If not, how far does a traceroute get (command line “tracert mail.mydomain.xx”, a few unreachable lines are normal)?

Basically, does mail.meindomain.xx only have an IPv4 address or also an IPv6 address? And how exactly do you access the mail server, i.e. with which protocols? IMAP/POP/SMTP? Encrypted? I don’t assume and hope you don’t, but TCP port 25 is blocked outgoing at Swisscom, and for good reason.

ChristianEb · 2025-03-30T15:22:22+00:00

Diochengion11 Hello, unfortunately there is still a problem with the mailavisation in the Swisscomcommunity, which is why the mention did not work here, but thanks to @r00t for triggering via other ways…

I had a quick look at this and I see that in my home region the call seems to work.

may i ask if you could share two traceroutes via direct message from source to destination and from dest to src from the case where it doesn’t work?

as there are only two ASN (AS13030, AS3303) in the path I don’t see any relevance to the case mentioned here….

greetings and thanks

Chris

3 days ago changed by ChristianEb

ChristianEb · 2025-03-30T15:27:19+00:00

Diochengion11

how do you come up with something like that?

The point of the internet is to connect IPs.

No matter what you think of a person (e.g. Fredy as CEO of AS13030), it’s all about the Internet and nothing else…

Here in the community we don’t have to politicise either, I think we’d better try to do some sensible troubleshooting here….

3 days ago changed by ChristianEb

DDiochengion11 · 2025-03-31T18:06:18+00:00

ChristianEb I sent you everything last night.

DDiochengion11 · 2025-04-01T06:16:18+00:00

does this forum actually work? i would like to finally help my parents to receive their mails normally again….

ChristianEb · 2025-04-01T06:19:04+00:00

Diochengion11 basically this forum works, yes….

but it is advisable to know that you are not opening a ticket here, but that you can expect answers in a user community that looks at what it can do on a goodwill basis….