Results 1 to 9 of 9

Thread: WiFi blocking access to my e-mail server

  1. #1
    dclaxon's Avatar
    Join Date
    Jul 2011
    Location
    Giffordl, IL
    Posts
    108

    WiFi blocking access to my e-mail server

    I just got setup in Camp Scholler and got connected to the WiFi, and I have a good connection to the internet, but I can't check my email. I get an error something like "Fortinet Guard is blocking that address because it is classified as a Dynamic DNS." (I can't even get the error to show again to quote it exactly.) Well yes, I have a dynamic DNS because like most people I have a dynamic IP address, and I couldn't connect to home without a dynamic DNS account. And I do have my own email server at home which goes out and collects my email every 5 minutes, and if I can't connect I can't even shut the server down so I can use web mail. Does anyone have an idea what's going on, or who I can talk to for a work-around? It's never been a problem in past years, this is something new.

  2. #2

    Join Date
    Jul 2019
    Location
    KLDM Ludington, MI
    Posts
    21

    Cellphone hotspot

    We got into Scholler yesterday 7/18 and also couldn't connect to my email server with my laptop (Windows 10). No message other than "failed to connect". I get my email from a third party company, don't know anything about dynamic dns. But I can retrieve my email using my cell phone with a cell connection. (I'm with AT&T and service is good for now, by the way). What I did was to use my cellphone as a wifi hotspot, connect the laptop to the cellphone, and all works normally. If you are worried about using too much cell data, you could configure your email program to not automatically download attachments.

  3. #3
    dclaxon's Avatar
    Join Date
    Jul 2011
    Location
    Giffordl, IL
    Posts
    108
    Thanks, Frank, but I already tried that. I switched from AT&T to Consumer Cellular a couple of years ago when my paycheck started coming from Social Security, and CC Supposedly uses AT&Ts network, but I have no cell signal. And oddly enough, even though I have WiFi calling enabled on my phone, it won't seem to send a text over the WiFi. I haven't tried an actual phone call yet.

    Dave

  4. #4
    I've sent a note to our IT department about this issue and they are looking into it. Thank you for bringing this issue to our attention, I hope to have an update soon.
    Elayna Hall
    EAA #1229926
    Social Media Coordinator
    Experimental Aircraft Association

  5. #5
    dclaxon's Avatar
    Join Date
    Jul 2011
    Location
    Giffordl, IL
    Posts
    108
    Thanks, Elayna, it's getting very perplexing. I also have my own domain registered and tried to have that forwarded to the dynamic DNS account, but that domain also got blocked by FortiNet because it is a "Newly Observed Domain." What??? I'm not sure who this FortiNet is, but they seem to be even more overzealous than Microsoft about putting more effort into protecting us from ourselves than from the bad guys. I understand the importance of security, but come on! I can't even log onto my own computer remotely. I understand it is an obscure setup I have, but it has always worked, even from the Camp Scholler WiFi, until now. The only thing that has changed is that when DynDNS raised their prices after Oracle bought them, and my paycheck started coming from Social Security, I changed to a low-cost (actually free) dynamic DNS service. Maybe FortiNet doesn't like the new service, or maybe Fortinet is something new added to the campground this year, but this is the first time I have had a problem.

  6. #6

    Join Date
    Jul 2019
    Location
    KLDM Ludington, MI
    Posts
    21

    Ports closed

    Hi Elayna, Thank you for your attention. I think my problem may be different from the OP. I'm just trying to use ordinary POP3 email (not webmail), like a few zillion other persons. POP3 requires port 110 to be open on the wifi router, and the EAAWIFI hotspot at Camp Scholler has 110 and all other common ports NOT open. So a few thousand vendors or other business users won't be able to do email, like they have in all previous years. Also, for info, I'm measuring about 3 mb/sec. of download speed, ok for simple websites, but nothing more.

  7. #7
    dclaxon's Avatar
    Join Date
    Jul 2011
    Location
    Giffordl, IL
    Posts
    108
    Quote Originally Posted by Elayna Hall View Post
    I've sent a note to our IT department about this issue and they are looking into it. Thank you for bringing this issue to our attention, I hope to have an update soon.

    Any update, Elayna? I also have screenshots of the error messages if that will help, if I can find a way to send them to you without access to my email. I would rather not post them publicly, since they do show the URLs to my home network. I have G-mail working, but only through the web mail interface, if I can figure out how to attach pic to it.

    Dave

  8. #8

    Join Date
    Apr 2014
    Posts
    66
    There is some slimey stuff going on. I just got a warning that an ssl cert for my mail server is invalid. When I click on details, I see that a fortinet box has created a fake cert for my domain and is trying a man in the middle attack/snoop/scam on the traffic. Be aware EAA is snooping on your traffic if you ignore warnings about invalid SSL certificates

  9. #9
    DaleB's Avatar
    Join Date
    Sep 2015
    Location
    KMLE
    Posts
    673
    Quote Originally Posted by mc20 View Post
    There is some slimey stuff going on. I just got a warning that an ssl cert for my mail server is invalid. When I click on details, I see that a fortinet box has created a fake cert for my domain and is trying a man in the middle attack/snoop/scam on the traffic. Be aware EAA is snooping on your traffic if you ignore warnings about invalid SSL certificates
    Usually when you see that, it means there's a redirect trying to send you to a splash page for either access or some other notice. I see that a lot in hotel wifi setups. Take a closer look at the cert your system is complaining about, you will probably see that the CN is not your server, but someone else's to which you're being redirected. It's very common when using wifi service offered by someone else.

    Fortinet, by the way, is one of the larger manufacturers of firewalls and security appliances, VPN, etc.
    Measure twice, cut once...
    scratch head, shrug, shim to fit.

    Flying an RV-12. I am building a Fisher Celebrity, slowly.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •