Block page not shown with Gateway/Teams

Hi,

I am using Gateway for a while now and I enabled to show a block page, but it isn’t shown at all. Instead I see

This site can’t be reached

DOMAIN ’s server IP address could not be found.

Try:

ERR_NAME_NOT_RESOLVED

When doing a dig it also doesn’t resolve. The above error isn’t very helpful at all.
A little bit about my setup. I am using Pi-Hole with a DOH Cloudflare uplink. All internal DNS queries are forced through that Pi-Hole.

Cheers

Tom

That’s similar to my setup, but I haven’t tested out the block page. Have you tried configuring a device to go direct to Cloudflare DNS for your Location?

I just tried from an iPad going through my PiHole. It looks like the PiHole send the request through, but it looks like the block page has an invalid certificate (ECC, I think).

Thanks. I haven’t tried that.
It’s just a home setup and I don’t really want to have to configure each client to use DOH Cloudflare directly. Granted, it’s not too many devices, but I used Pi-Hole for a reason - to have centralized DNS management.

Oh, I agree on the PiHole, and for more than just centralized DNS. But it’s worth testing just one device to see if you get the block screen with a direct connection to Cloudflare DNS.

I think it requires to install cloudflare certificate so that it can show the block page

Thanks.
In my case I am getting DNSSEC errors as it can’t validate the response.
I am not going through the hassle to install a 3rd party certificate manually (just a home network)
everywhere. Why is it not possible to have a ‘regular’ CA sign this cert so not to have to go through the hassles of adding a cert?
Last time I have done that, my Android isn’t too happy about 3rd party certs and certain functionality is switched off.

I have switched off my DOH upstream lookup and I am going normal DNS again leaving the blockpage to Pi-Hole. All working.

Regards

Tom

1 Like

The problem with the cert is that your browser is pointing to company.com and Cloudflare can’t forge a certificate for that domain to get the block page to work.

Ah yeah, sorry, forgot about that. I should know better… :slight_smile:

1 Like

You need to download and install cloudflare certificate, you need to take look at documentation