Question asus rt-ac68u router problem

[sportsman]

We have four PCs and 3 mobile phones on this home LAN router but, in recent times, NONE of them can reach johnlewis.com on our wifi.

All we get is a nebulous error message......

Access Denied
You don't have permission to access "http://www.johnlewis.com/" on this server.
Reference #18.d2330760.1661526534.cd0919b


However, if I try on 5G or, say, Sainsbury's instore wifi I can reach & browse the site just fine.

This behaviour suggests to me there is something going awry in the router itself which has suddenly decided to block us visiting John Lewis.

Thing is I cannot see anywhere in the router settings/controls which indicates how this might be happening.

Does anyone have any advice to help me discover why we cannot get to that one site?

Many thanks.

 

[velocityg4]

If it's just that website. Try using a VPN to connect to that website. While on your router. If it works fine. Then I'd suspect your IP address is being blacklisted for some reason.

 

[sportsman]

Blacklisted by who do you think?

I've been in long discussions with John Lewis' tech guys who cannot find a problem their end and say: "Our team also wouldn't be able to block IP addresses from accessing our website."

 

[kanewolf]

Blacklisted by who do you think?

I've been in long discussions with John Lewis' tech guys who cannot find a problem their end and say: "Our team also wouldn't be able to block IP addresses from accessing our website."

Could be your DNS provider is blocking it. Are you using Google DNS or ISP DNS ?

 

[bill001g]

That is not a message you would get if you blocked it with the router. It either would just not open and say something like taking too long to respond or it would give you something like a 404 site not found error. Pretty much you can just block IP addresses with the router it can't actuallysend you any messages. My guess is that messages is actually coming from the server because the session itself is encrypted.

I would first try a different web browser and see if that makes a difference. There could be cookies or some other data stored for that site in your browser. You could also just try to wipe all the cookies and other stored information in your current browser.

Are you running is a VPN. I know cloudflare and other similar sites will randomly block me when I use a VPN to access certain sites. I suspect the VPN addresses have been blacklisted.

If you look in your router can you see the IP assigned to the wan port. Check it against a site like whatsmyip. If they are they are different your ISP maybe running carrier nat and someone else that you share the IP with got it blocked. If they are the same then you have a public IP and it is hard to say why it is blocked. You can call your ISP and see if they have a method to give you a different IP. Sometimes if you turn off the modem overnight you might get a different IP. Depends on the ISP sometimes you must leave it off for like 24hrs or more, in those cases it is easier to see if the ISP will help you

 

[sportsman]

Thanks for your thoughts.

Few further thoughts from me.

I have tried to access this site on four different browsers and cleared cookies on my PC but, as I said before, this issue affects ALL devices in the house not just my PC.

We don't use any VPN (never have done).

I have also rebooted the router but will try your suggestion and leave it off for well over 24 hours as we are away this weekend. See what effect that has.

We are in deep discussions with our ISP Plusnet about the problem. They have been - and still are - investigating issues their end. Awaiting their next reply.

As for the CGN etc that's beyond me. I have noted what you say and may refer that to Plusnet depending on their next comment when I hear back from them again.

Thanks again.

 

[sportsman]

Could be your DNS provider is blocking it. Are you using Google DNS or ISP DNS ?

Sorry I have no idea. I believe my ISP. Certainly I have done nothing to affect any provider.

 

[kanewolf]

Sorry I have no idea. I believe my ISP. Certainly I have done nothing to affect any provider.

In the admin pages for your router you can explicitly set the DNS servers to use. Default is to use the ISP. You can manually set Google DNS ( 8.8.4.4 & 8.8.8.8 ) .
That will be passed down to all the clients via DHCP.

 

[Ralston18]

What happens if you ping or run tracert?

From my computer:

PS C:\WINDOWS\system32> ping www.johnlewis.com

Pinging e13875.ksd.akamaiedge.net [23.205.9.187] with 32 bytes of data:
Reply from 23.205.9.187: bytes=32 time=18ms TTL=51
Reply from 23.205.9.187: bytes=32 time=14ms TTL=50
Reply from 23.205.9.187: bytes=32 time=14ms TTL=50
Reply from 23.205.9.187: bytes=32 time=14ms TTL=50

Ping statistics for 23.205.9.187:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 18ms, Average = 15ms
PS C:\WINDOWS\system32> tracert www.johnlewis.com

Tracing route to e13875.ksd.akamaiedge.net [23.205.9.187]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms MyNetworkName [192.168.1.1]
2 11 ms 11 ms 9 ms XXX.YYY.104.105
3 12 ms 10 ms 9 ms 24.124.179.73
4 10 ms 11 ms 10 ms 162.151.60.181
5 10 ms 10 ms 9 ms 96.216.81.29
6 12 ms 11 ms 9 ms 96.216.81.26
7 10 ms 11 ms 9 ms 96.216.84.57
8 13 ms 11 ms 10 ms 96.110.92.245
9 17 ms 18 ms 15 ms be-31441-cs04.newark.nj.ibone.comcast.net [96.110.42.77]
10 14 ms 16 ms 14 ms be-2412-pe12.newark.nj.ibone.comcast.net [96.110.34.14]
11 16 ms 14 ms 15 ms as36408-1.350ecermak.il.ibone.comcast.net [75.149.228.46]
12 33 ms 52 ms 26 ms ae36.r03.border101.ewr03.fab.netarch.akamai.com [23.203.154.147]
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 18 ms 18 ms 14 ms a23-205-9-187.deploy.static.akamaitechnologies.com [23.205.9.187]

Trace complete.

Your results?

 

[sportsman]

Plusnet tech guy says.....

I've had a look and from what I'm seeing there's nothing wrong on our end that's causing it. It's possible that JohnLewis have blocked your IP address by accident, which would be why it's not allowing you to access the site. We can give you a new static IP address which would fix the issue, but we wouldn't be able to revert it back to what you currently have. Have a think about it and let me know if you're happy with us proceeding.

Would this be a fix and what difference wold a new static IP address make to me/our home?

 

[bill001g]

I would let them change it. In general you don't actually care what your public IP is unless you are running some kind of server.

Note from ralston18 trace that is a akamiai server. It means there are likely many different servers that share the same name.

Try nslookup www.johnlewis.com
Then try
nslookup www.johnlewis.com 8.8.8.8
nslookup www.johnlewis.com 1.1.1.1
nslookup www.johnlewis.com 4.2.2.2

What you are looking for is does it resolve to a different IP. Maybe changing the DNS server which will change the server in akamai network might fix this if it is just 1 particular server IP that is having a issue.

 

[sportsman]

Thanks Bill - and everyone - but this is driving me crazy. I can't keep spending my time trying to fix this one website. I got a business to run!!

I may just go for a new static IP, as our family doesn't host anything etc., so that shouldn't cause more trouble.

I'll let you know.