I'm having trouble as well. I have google.com and google.ca and mail.google.com as "never blocked"… but they are still blocked. And so is youtube. even though I DO NOT have video sharing checked off. This is extremely frustrating. I'm beginning to really hate OpenDns.  I'd really appreciate if some of the answers were easier to understand for normal people.

I have tried everything to unblock google, although I don't want google I only want my gmail… I've tried to unblock all of it… it just won't let me. I'd love some help.

As said, OpenDNS doesn't block this by default, so it must be your settings, e.g. of categories, blocking it.

Visit https://dashboard.opendns.com/stats/all/blockeddomains to see what related domains are still being blocked and why.  Then unblock or whitelist them.

When I visit Google mail, the following domains (and their aliases) are being queried:

mail.google.com  googlemail.l.google.com
accounts.google.com  accounts.l.google.com
clients1.google.com  clients.l.google.com
gtglobal-ocsp.geotrust.com  ocsp.ws.symantec.com.edgekey.net  e8218.ce.akamaiedge.net
fonts.googleapis.com  googleapis.l.google.com
ssl.gstatic.com
lh5.googleusercontent.com  googlehosted.l.googleusercontent.com
accounts.youtube.com  www3.l.google.com
www.google.com
accounts.google.de  accounts-cctld.l.google.com
mail-attachment.googleusercontent.com  googlehosted.l.googleusercontent.com
www.gstatic.com
lh3.googleusercontent.com  googlehosted.l.googleusercontent.com
clients2.google.com  clients.l.google.com
plus.google.com
oauth.googleusercontent.com  googlehosted.l.googleusercontent.com
www.google.com
chatenabled.mail.google.com  b.googlemail.l.google.com
themes.googleusercontent.com  googlehosted.l.googleusercontent.com
apis.google.com  plus.l.google.com

"This is extremely frustrating. I'm beginning to really hate OpenDns."

As you can see, it's Google, not OpenDNS.

I should still add that not all domains being listed above are needed to access Gmail.  I believe at least the following domains (and their subdomains) should not be blocked to use Gmail.

mail.google.com
accounts.google.com
clients.l.google.com
geotrust.com
edgekey.net
akamaiedge.net
googleapis.com
ssl.gstatic.com
googleusercontent.com
gstatic.com
googlemail.l.google.com
apis.google.com

Hi @cocoathedog,

I'm sorry to hear that you're experiencing difficulties. There are a couple of things we noticed with your account. Your account shows that you have a network configured with your OpenDNS Dashboard and the Netgear Live Parental Controls (LPC), having both configured for your home network will cause conflicts with the service and we advise our users to choose which configuration they wish to use.

Keep the Netgear LPC

Please do the following to remove your OpenDNS Dashboard Network

1. Log into your dashboard at http://dashboard.opendns.com/settings
2. Delete the network in your dashbaord (Note, this will delete all whitelist/blacklists)

Keep the OpenDNS Dashboard Network

Please do the following to disable the Netgear LPC

1. Log into your LPC Device using the LPC Manager from http://netgear.opendns.com and your OpenDNS account.
2. Click on the "Disable Live Parental Controls" button
3. Please be sure that you're using the OpenDNS IP Updater from this point, so that your IP address is updated correctly.

After completing one of the above steps, please flush your browser and DNS cache by following the instructions below:

http://www.opendns.com/support/article/67
http://www.opendns.com/support/article/68

Let us know if you continue to experience difficulties and we'll be happy to help you.

Best regards,

i'm also having difficulty opening gmail since i added open dns . i added the websites listed above to the never block domains but i still haven't been successful if it isn't solved i will have stop with it could you please help!!

We (users) cannot really advice what you need to unblock, because we don't know what you have blocked with your individual settings.  So you'll have to find out yourself.  It is not trivial wanting a part of a service blocked and a part being unblocked at the same time due to the complex DNS configuration of some services like Google.

You check the blocked domains by your settings to whitelist the ones needed for Gmail. 
https://dashboard.opendns.com/stats/all/blockeddomains 

If you're unsure what domains these could be, run a DNS query sniffer like http://www.nirsoft.net/utils/dns_query_sniffer.html when visiting Gmail.

Thanks Anthony.  I had the same problem as other users.  As soon as I unchecked the parental controls on my router, gmail worked straight away.

Regards.  Stanton.

The issue appears to be that OPENDNS is issuing a proxy HTTPS certificate when parental blocking is turned on, this certificate is used as a man in the middle (read attack to the browser) proxy to view the encrypted data.  Gmail and other very secure sites are using HTTP Strict Transport Security (HSTS) which doesn't allow this proxy to work.  Is there a setting in OPENDNS to not inspect ssl using HSTS so that it will succeed instead of being blocked?  Or is the only option turning off controls?

FWIW this only seems to be an issue on Firefox; Chrome and IE seem to pass it through without an error.

@baffoni

This is because of HSTS security settings and the way a browser interacts with responses. There's no way to disable this in Firefox, and the only way to disable it in Chrome is through a control setting that we don't recommend. Ideally, you'll want to configure OpenDNS not to block resources you want your users to access. So, if you want them to be able to use Gmail, allow gmail.com.

If you don't know how OpenDNS was configured on your system, or you're not the administrator, you'll need to submit a ticket so that we can help you use OpenDNS, or disable it from your system. 

Thanks Anthony.

Why is OpenDNS injecting it's cert when trying to go to gmail? This started happening when I moved from the regular opendns names servers to the family shield name servers. Does this mean the only way around it, is to switch back?

The FamilyShield resolver addresses shouldn't block gmail unless one or more domains needed by gmail are tagged in a wrong (adult or proxy) category.  Check the cert warning closer to possibly see what (non-OpenDNS) domain is being mentioned.  Or check at https://dashboard.opendns.com/stats/all/blockeddomains what gmail related domain(s) is/are being blocked now.

You may want to report the wrongly categorized/blocked gmail related domains via support ticket to OpenDNS to get it corrected.

As a temporary workaround, you could switch back to the normal OpenDNS resolver addresses (don't forget to flush your caches!), or to introduce entries in your local hosts file with these impacted domains and their real IP addresses.