Timeout during connect (likely firewall problem)

We have problems with challenge. LE cant reach one specific IP 185.31.240.175 (domain c24.ee).
mtr --address 185.31.240.175 66.133.109.36
Host Loss% Last Avg Best Wrst StDev
1. 172.31.254.1 0.0% 0.3 0.2 0.2 0.3 0.0
2. 85.234.244.82 0.0% 0.2 0.1 0.1 0.2 0.0
3. 85.234.244.40 0.0% 0.4 0.2 0.1 0.4 0.1
4. r7-eth-3-3-0-TLL-VS.ee.zonedata.net 0.0% 0.2 0.3 0.2 0.4 0.0
5. r3-eth-3-1-0-TLL-TIX.ee.zonedata.net 0.0% 0.2 0.3 0.2 1.3 0.3
6. r1-eth-3-1-0-TLL-Linx.ee.zonedata.net 0.0% 7.2 2.9 0.3 9.8 3.5
7. 194.204.1.145 0.0% 0.3 4.8 0.3 40.4 11.8
8. 213.192.184.221 0.0% 0.5 0.5 0.4 0.7 0.1
9. 213.192.184.74 0.0% 8.9 7.6 7.5 8.9 0.4
10. et-0-0-13.edge1.Stockholm1.Level3.net 0.0% 7.6 8.6 7.5 15.5 2.2
11. 4.69.137.41 0.0% 170.9 171.0 170.9 171.0 0.0
12. ???
Another IP from same subnet:
mtr --address 185.31.240.43 66.133.109.36
Host Loss% Last Avg Best Wrst StDev
1. 172.31.254.1 0.0% 0.2 0.2 0.1 0.2 0.0
2. 85.234.244.82 0.0% 0.2 0.2 0.2 0.2 0.0
3. 85.234.244.40 0.0% 0.1 0.1 0.1 0.2 0.0
4. r7-eth-3-3-0-TLL-VS.ee.zonedata.net 0.0% 0.3 0.3 0.3 0.5 0.1
5. r3-eth-3-1-0-TLL-TIX.ee.zonedata.net 0.0% 0.2 0.2 0.2 0.2 0.0
6. r1-eth-3-1-0-TLL-Linx.ee.zonedata.net 0.0% 0.3 1.5 0.3 3.7 1.6
7. 194.204.1.145 0.0% 0.3 0.3 0.3 0.4 0.0
8. 213.192.184.221 0.0% 1.9 1.4 0.4 3.0 1.0
9. 213.192.184.74 0.0% 11.1 9.4 7.5 12.6 2.3
10. et-0-0-13.edge1.Stockholm1.Level3.net 0.0% 7.6 10.2 7.5 20.7 5.9
11. 4.69.137.41 0.0% 171.4 171.3 171.2 171.4 0.1
12. VIAWEST-INT.bar2.SaltLakeCity1.Level3. 0.0% 175.1 175.0 174.9 175.1 0.1
13. be21.bbrt02.slc04.viawest.net 0.0% 174.8 174.9 174.8 175.0 0.1
14. be151.crrt01.slc07.viawest.net 0.0% 170.8 170.8 170.7 171.1 0.2
15. vl62.aggm01.slc07.viawest.net 0.0% 170.4 170.5 170.4 170.6 0.1
16. outbound1.letsencrypt.org 0.0% 170.7 170.7 170.7 170.8 0.1

Is this IP 185.31.240.175 blocked?

Hi @Silver

please share the complete command and output.

Checking the domain there is a (wrong looking) redirect to another domain ( https://check-your-website.server-daten.de/?q=c24.ee ):

Domainname Http-Status redirect Sec. G
http://c24.ee/
185.31.240.175 301 https://credit24.ee/ 0.197 E
http://www.c24.ee/
185.31.240.175 301 https://credit24.ee/ 0.167 E
https://c24.ee/
185.31.240.175 301 https://credit24.ee/ 0.597 N
Certificate error: RemoteCertificateNameMismatch
https://www.c24.ee/
185.31.240.175 301 https://credit24.ee/ 0.564 N
Certificate error: RemoteCertificateNameMismatch
https://credit24.ee/ 200 0.767 I
http://c24.ee/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
185.31.240.175 200 0.270
Visible Content:
http://www.c24.ee/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
185.31.240.175 200 0.216
Visible Content:

And /.well-known/acme-challenge/random-filename answers with a http status 200, not the expected status 404 - Not Found.

Last certificate is new:

CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
	2019-06-10 08:52:53
	2019-09-08 08:52:53
	c24.ee, koduraha.ee, www.c24.ee, www.koduraha.ee - 4 entries 

but you don't use it, instead, there is a wrong certificate.

CN=*.credit24.ee, O=IPF Digital AS, L=Tallinn, C=EE
	10.08.2018
	15.08.2019
expires in 49 days	*.credit24.ee, credit24.ee - 2 entries

Looks like the wrong vHost is used. Perhaps with an additional redirect to the wrong domain.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.