Skip to main content
alexlaza
alexlaza
Explorer
December 18, 2023
Solved

Webpage is not accessible // Opendns marks website as phishing

  • December 18, 2023
  • 2 replies
  • 2883 views

Hello,

i have a Fortigate 81F, last week i have entered the banking website as usual (bank austria) and today it is partially not posible to logon to the website and navigate to the business area. From my phone (extern) it works and its not blocked.

 

https://www.bankaustria.at/ (works)
https://corporateportal.unicreditgroup.eu (works)
https://online.bankaustria.at (works)

 

https://banking.bankaustria.at (doesnt work) 

 

Banking Bank austria.png


I get a message where Cisco Umbrella opendns.com pops up at says it  is marked as a phishing website. (First time seeing cisco umbrella reddirection). We dont have any Cisco devices or software anywhere. We never used services from Cisco Umbrella Open Dns. I assume that this service is maybe inplemended in the Fortigate 81F. Other Banking website (cardcomplete/easybank/bawag,ect) works as usual but i dont know wheater its filtered just this subdomain or something else it bothering the FG.

Does anybody expirience this aswell ? If the service is on the Fortigate how to delete it or uncheck the filtering.

Kr
Alex

Best answer by AEK

Hi Alex

I think this is not filtered by FGT. Either your PC is directly sending DNS queries to Umbrella, or your PC is sending DNS queries to your internal DNS server which is forwarding these queries to Umbrella.

Try change one of the above and see if it fixes the issue.

2 replies

AEK
SuperUser
AEKAnswer
SuperUser
December 18, 2023

Hi Alex

I think this is not filtered by FGT. Either your PC is directly sending DNS queries to Umbrella, or your PC is sending DNS queries to your internal DNS server which is forwarding these queries to Umbrella.

Try change one of the above and see if it fixes the issue.

AEK
    alexlaza
    alexlazaAuthor
    Explorer
    December 21, 2023

    Yes that was the Problem i originally tought the DNS Servers were set to the Fortigate DNS Servers but not in my case .

    So i changed from

    208.67.222.222
    208.67.220.22

    to

    Primary: 96.45.45.45

    Secondary: 96.45.46.46

     

    now everything works as ususal.

     

    kr

    Alex

    mle2802
    Staff
    mle2802
    Staff
    December 18, 2023

    Hi @alexlaza,

    I believe this is blocked by Cisco not FortiGate, Can you please double check and confirm this?

      alexlaza
      alexlazaAuthor
      Explorer
      December 21, 2023

      Yeah the DNS Server on Fortigate reddirects to Umbrella Servers

      Terms & ConditionsAccessibility statement