What's new

Diversion Banking application not working

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

miniterror

Regular Contributor
Hi all, after a short step to Ubiquiti im back at the Asus camp with a AX-86U, first thing i did was install diversion to have adblocking again for my internal devices.
On the Ubiquiti i used pihole.
Now the funny thing is, i started with a AC68U and had diversion, misses complained that her banking application didnt work, didnt really looked into it as she could switch to 4G instead of WiFi.
With the UDM and Pihole i used the exact same blockinglists, (so they should be identical between my Asus setup and the former Ubiquiti setup) and the application worked without problems for her.
Last week when i received the AX86U i hooked it up (with diversion active) and the same day i received the conplaint again her banking application doesnt work anymore.
She can login but then everything stays blank.

I have done some investigation in the dnsmasq log and i can not see domains being blocked that contain the banking URL.
After some investigation in tech sites from my country i noticed more complaints about this, funny thing is.
People with Pihole dont have a problem, but people who have android and use the app 'adaway' for example have the exact same problem.
They also posted a solution what they can do in the adaway application to fix it but im not sure how to implement this in Diversion, hope some one can point me in the right direction.
To resolve the problem for users with adaway the have to go into global settings of that app and in the settings they have to disable the webserver option, after that it works for all of them.

I have pixelserv active, i believe that acts as a webserver and might be the problem.
Not sure if possible, but can i redirect certain domains to not use pixelserv?
I think that might actually resolve the problem.


Edit: disabled Pixelserv and the app works again as she expects.
Enable it and its broken again, so its definetly something in pixelserv that is causing the problem, just not sure what part.
 
Last edited:
Hi all, after a short step to Ubiquiti im back at the Asus camp with a AX-86U, first thing i did was install diversion to have adblocking again for my internal devices.
On the Ubiquiti i used pihole.
Now the funny thing is, i started with a AC68U and had diversion, misses complained that her banking application didnt work, didnt really looked into it as she could switch to 4G instead of WiFi.
With the UDM and Pihole i used the exact same blockinglists, (so they should be identical between my Asus setup and the former Ubiquiti setup) and the application worked without problems for her.
Last week when i received the AX86U i hooked it up (with diversion active) and the same day i received the conplaint again her banking application doesnt work anymore.
She can login but then everything stays blank.

I have done some investigation in the dnsmasq log and i can not see domains being blocked that contain the banking URL.
After some investigation in tech sites from my country i noticed more complaints about this, funny thing is.
People with Pihole dont have a problem, but people who have android and use the app 'adaway' for example have the exact same problem.
They also posted a solution what they can do in the adaway application to fix it but im not sure how to implement this in Diversion, hope some one can point me in the right direction.
To resolve the problem for users with adaway the have to go into global settings of that app and in the settings they have to disable the webserver option, after that it works for all of them.

I have pixelserv active, i believe that acts as a webserver and might be the problem.
Not sure if possible, but can i redirect certain domains to not use pixelserv?
I think that might actually resolve the problem.


Edit: disabled Pixelserv and the app works again as she expects.
Enable it and its broken again, so its definetly something in pixelserv that is causing the problem, just not sure what part.
are you using skynet as well? Skynet has a history of occasionally blocking ip address's of pay sites or banking logins.
 
I am pretty sure Pixel-serv is blocking a domain that you could not otherwise properly block without pixel-serv. That has to be why you are having no issues with pixel-serv turned off. If you can figure out the domain it should fix your issue by whitelisting it.
 
Last edited:
I am pretty sure Pixel-serv is blocking a domain that you could not otherwise properly block without pixel-serv. That has to be why you are having no issues with pixel-serv turned off. If you can figure out the domain it should fix your issue by whitelisting it.

Thanks for getting back to me.
I guess im am unable to actually tell then wich one it actually is.
I do see blocks when she opens the banking application but none of them have the actual domain of the bank in it.
Sdk.split.io for example, this domain is blocked by multiple blocklists i jave enabled.
Tags.tiqcdn.com is another one, i jave tried adding them to the whitelist and processed the whitelist.
I can see them being allowed afterwards but the application still doesnt work correct for her.
Any tips on how to find the exact URL that is the curlpit causing this problem?

Edit:
Did a follow of the dnsmasq log filtered on the IP of her phone.
Started right before she opend the banking application and stopped when she logged in and reached the white screen.
All i see coming by is below output, the bank itself is called Rabobank and i see bankieren.rabobank.nl as allowed in the logfiles.
Also manually verifying the rabobank domains they do not match any blocklist.

Code:
Jan 14 08:58:42 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
08:58:42 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
Jan 14 08:58:42 dnsmasq[2022]: query[A] events.split.io from 192.168.1.218
08:58:42 dnsmasq[2022]: query[A] events.split.io from 192.168.1.218
Jan 14 08:58:42 dnsmasq[2022]: query[A] bankieren.rabobank.nl from 192.168.1.218
08:58:42 dnsmasq[2022]: query[A] bankieren.rabobank.nl from 192.168.1.218
Jan 14 08:58:42 dnsmasq[2022]: query[A] app-measurement.com from 192.168.1.218
08:58:42 dnsmasq[2022]: query[A] app-measurement.com from 192.168.1.218
Jan 14 08:58:43 dnsmasq[2022]: query[A] tags.tiqcdn.com from 192.168.1.218
08:58:43 dnsmasq[2022]: query[A] tags.tiqcdn.com from 192.168.1.218
Jan 14 08:58:44 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
08:58:44 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
Jan 14 08:58:44 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
08:58:44 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
Jan 14 08:58:47 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
08:58:47 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
Jan 14 08:58:47 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
08:58:47 dnsmasq[2022]: query[A] sdk.split.io from 192.168.1.218
 
Last edited:
Got the exact same problem but also no sollution :-(

Bypass is 4g when using rabobank app
Yeah, that is what she does too.
Unfortionally im umable to see from above logfiles is actually causing the problem.
I tried whitelisting them all to no avail.
 
I have the same problem, i've tried whitelisting these domains:
sdk.split.io
events.split.io
tags.tiqcdn.com
app-measurement.com
w.usabilla.com
firebase-settings.crashlytics.com

To no avail. I've written a complaint to rabobank.nl, the app should function without tracking me
 
Turn off pixelserv then, and install Ublock Origin on your browsers.
 
I have the same problem, i've tried whitelisting these domains:
sdk.split.io
events.split.io
tags.tiqcdn.com
app-measurement.com
w.usabilla.com
firebase-settings.crashlytics.com

To no avail. I've written a complaint to rabobank.nl, the app should function without tracking me
I think the problem is that Rabobank doesnt accept the PixelServ certificate.
Maybe im wrong but from my understanding the PixelServ interacts as sort of man in the middle, so Rabobank doesnt see my client certificate but the PixelServ certificate and isnt accepting that, hence the app doenst work as intended.
That is just a guess from my side though, i would have to make packet captures at the WAN interface to truly find out.
 
You are right! If i disable Pixelserv on diversion the app functions properly.
Thanks for your reply
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top