PGShield DNS_PROBE_FINISHED_NXDOMAIN

anoop

Junior Member
Original poster
Local time
2:35 PM
Dec 26, 2018
5
2
PG Version
8.6.3
Server Type
Remote - Dedicated Server
Hey Everyone,

I am trying to setup my server and I'm running into a problem when I install PGShield. Everything seems to work with traefik and port guard(I've ensured that portainer.mydomain.com is working).

I install PGshield (per these instructions: https://github.com/PGBlitz/PGBlitz.com/wiki/PG-Shield). When I go to portainer.mydomain.com, I am shown the google authentication screen and when I select one of my approved google accounts, I get the error DNS_PROBE_FINISHED_NXDOMAIN on chrome.

Does anyone have any idea what could cause this error?

Thanks
 
  • Like
Reactions: timekills

mikey

Junior Member
Local time
11:35 PM
Jun 2, 2019
10
1
I have the same issue, anyone has a clue on how to solve this?
 

artiume

Full Member
Local time
5:35 PM
Mar 19, 2018
36
11

So the issue is your Dns server (most likely your router at this point) can't resolve your domain.

I'm going to assume that your server is local and not cloud based. Hairpinning is probably what you need.


Try and access your site from outside your house, see what happens
 
  • Like
Reactions: bloodray

artiume

Full Member
Local time
5:35 PM
Mar 19, 2018
36
11
But now you're dependent on the big G haha. Awesome, I'm glad I could help out.
 

markfilan

Noob
Local time
4:05 AM
Sep 2, 2019
1
0
The DNS PROBE FINISHED NXDOMAIN problem was started due to incompatibility of IP addresses with computer DNS. To be more technical, DNS converts all messages from a domain into a form of IP address. The real problem arises when someone enters a URL in their browser; it's up to DNS to find a server with the appropriate server IP address. While in the general case, the search process is directed to the target site, but if the DNS fails, this will produce an error. Changing DNS server to Google DNS or OpenDNS , or remove all cookies and cached files on your browser will help to resolve this issue immediately. Like any other error, there are several ways you can solve these problems by yourself:

  • Release or Renew Your IP Address
  • Change DNS server
  • Restart DNS Client service
  • Reset hosts file
  • Reset Chrome Flags
  • Reset Winsock program
 

amara21

Junior Member
Local time
4:05 AM
Dec 4, 2019
2
0
It is clear that dns_probe_finished_nxdomain arises due to issues in DNS, therefore flush the DNS of the computer or restart the DNS client. This will let you open the Google chrome and you can access the webpage that shows you this error.
If these two fixes don’t help then you can try changing the DNS settings or you can release and create a new IP address.
Sometimes, the outdated cache can cause this error so it is better to change the IP address, you just simply need to type the commands in the command prompt.
ipconfig /release
ipconfig /all
ipconfig /flushdns
ipconfig /renew
netsh int ip set dns
netsh Winsock reset
close the command prompt and restart your computer and that’s it, the DNS error will vanish.
 

amara21

Junior Member
Local time
4:05 AM
Dec 4, 2019
2
0
Hello,
I am new to this forum and I would like to share my knowledge to solve the issues of people.
Talking about DNS_PROBE_FINISHED_NXDOMAIN Error, then this error can be solved either by Flushing DNS from the computer or by restarting the DNS client.
Hope this works for you.
 

timekills

Legendary Member
Staff
Donor
Local time
1:35 AM
Sep 12, 2018
357
171
Suggestion if you get that error upon trying to authenticate from multiple locations - especially if you're using Cloudflare or another resolver.

For example. if you've tried at home (using 8.8.8.8/8.8.4.4 for DNS) or through VPN, or remotely off another server, or via mobile - i.e. all differing IP origination and different DNS servers - and still getting this error.

Potential solution: Ensure you have (in preferred security order, but more restrictive order as well) one of the following in our name server:

1. (Preferred for security) The oauth alias/name set as an A record and proxied
OauthProxy.png

2. The oauth alias/name set as an A record and pointing to the actual IP of your server
OauthExpose.png

3. A wild card for * alias set as an A record or CNAME pointing to the actual IP of your server.

The first solution doesn't allow any additional exposure of your server's actual IP.

The second solution exposes oauth.yourTopLevelDomain's actual IP of the server. But only from that FQDN.

The third solution solves a lot of problems, but also exposes the actual IP of your server to anyone that types in something.yourserver and isn't an preset name in your name server.
 
Last edited:

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads


Maintenance Donations

Recommend NewsGroups

      Up To a 58% Discount!

Trending