webGUI

• 

  Status / Monitoring does not show anything
  • _neok

  4
  0
  Votes
  4
  Posts
  119
  Views

  

  @chrismacmahon Thank you for answering. I'd already done it. But just to confirm, I installed a new Opera browser and tried. Same issue . Definitely a pfSense problem. I just don't know how to track it. Could it be that there is some process or scheduled task that collects that data that is failing?
• S

  reuse DHCP leases list?
  • Sir-Silence

  1
  0
  Votes
  1
  Posts
  41
  Views

  No one has replied

• B

  WebGUI unavailable after ip change
  • billmcg

  2
  0
  Votes
  2
  Posts
  61
  Views

  

  Yes, flushing the browser cache fixes many Web-related glitches.
• V

  Setting issue or bug?
  • Visseroth

  11
  0
  Votes
  11
  Posts
  372
  Views

  C

  Thank god i found out this thread :) I was thinking, that something is wrong with my custom pfSense box, but i can confirm, that this issues still resides. If I started a download in Firefox and then used the same Firefox browser to view the dashboard for the traffic graphs - the download would slow down a lot. When i view the dashboard from Chrome, no problem with speed. using: 2.4.4-RELEASE-p1 (amd64) built on Mon Nov 26 11:40:26 EST 2018 FreeBSD 11.2-RELEASE-p4 EDIT: with the latest Firefox 64.0 version, the issue is gone!
• J

  Chrome is still trying to access web gui with ssl
  • jnic

  2
  0
  Votes
  2
  Posts
  88
  Views

  

  Try clearing your cookies etc, try using Incognito mode, try using a different browser. It's not a pfSense issue.
• T

  Suricata cannot change HOME NET list?
  • tomstephens89

  11
  0
  Votes
  11
  Posts
  278
  Views

  

  @justme2 In general, third-party tools are not the best idea on a firewall. pfSense includes a number of useful API-type function calls for parsing network masks and addresses and performing other types of IP address related functions. Take a look at the include files and functions in the /etc/inc directory on your firewall. See if the built-in functions will work for you first. You can also use any built-in PHP calls.
• Z

  Webgui does not start after reboot
  • zorrox

  13
  0
  Votes
  13
  Posts
  254
  Views

  Z

  After a few hours, my pfsense is magically accessible on port 444 again. I think it did not change the port to default when I tried it the first time because it was not responding when I saved the change. So I have tried saving it with the default port 443 again and now it is working, I can access the openvpn and webgui on port 443 from my WAN interface. However I think it is not safe to expose the webgui to Internet so I revert to 444. I cannot restrict 443 to certain IP addresses as I want OpenVPN accessible from anywhere.
• F

  LDAP failed Diagnostics-Authentication
  • fayRofa

  1
  0
  Votes
  1
  Posts
  50
  Views

  No one has replied

• N

  PFSENSE : Disable WAN WebGUI on Virtual IP port for use later
  • nathansj26

  11
  0
  Votes
  11
  Posts
  261
  Views

  J

  FWIW - submitted it and the response was a bit disheartening. Apparently a ticket has been open over 8 years ago on this issue. A work-around was suggested. The primary issue with "work arounds" is that at some point when a firewall's configuration is complex enough - it begins to look like a spaghetti mess. Some years ago was tasked with auditing and cleaning up a firewall where it was on the order of somewhere around 36k lines. Every change to code on a product has a cost, but hopefully at some point this issue (and like issues) will be resolved so that work arounds aren't required. Not to mention the fact that adding unnecessary complexity simply aids in the probability of mistakes or inadvertent passing of unintended packets. There's an interesting line between simplicity and the ability to provide enough "configure-ability" to meet a variety of needs.
• M

  board panel : long, looooong time to load...
  • megs

  4
  0
  Votes
  4
  Posts
  76
  Views

  

  Bas DNS still has impacts these days ^^
• P

  Web GUI SSL error ERR_SSL_VERSION_OR_CIPHER_MISMATCH
  • philled

  8
  0
  Votes
  8
  Posts
  250
  Views

  R

  Mea Culpa. Laptops loaded with BITDEFENDER 2019 are using encrypted web scan protection even when an exception is loaded for PFSENSE firewall which is triggering the error. Turning off encrypted web scan under online web protection allows the correct self-signed security error under the browsers which may be overridden. Thanks for all. Off I go to Bitdefender to ask them to truly honor added exceptions. Sigh.
• 

  Can not access: System Advanced
  • icabrera

  3
  0
  Votes
  3
  Posts
  108
  Views

  

  @kom thanks a lot for your help, I did the hard refresh and rebooted the system and the problem has gone.
• 

  disabling NAT redirect entry clears description in associated rule
  • adamw

  1
  0
  Votes
  1
  Posts
  45
  Views

  No one has replied

• 

  2.4.4: Secure Shell Public Key Settings Not Generating Key
  • beremonavabi

  6
  0
  Votes
  6
  Posts
  116
  Views

  

  I'm pretty sure this is fixed with 2.4.4_1. The error messages have gone away and when I reset the options the system paused for quite some time. I'm assuming it was generating the keys. I didn't get any message about key generation, though.
• R

  Slow GUI
  • rmessina

  6
  0
  Votes
  6
  Posts
  992
  Views

  R

  Hello Guys, I did had the same problem before, notice the pfsense was routing the tracfic to the wrong gateway check your configurations under System-->Routing make sure the pfsense is pointing to the correct gateway let me know if that help Thanks.
• 

  Can't Access pfSense Interface When Using 10GbE NIC
  • ARAMP1

  7
  0
  Votes
  7
  Posts
  131
  Views

  

  @aramp1 Good work! Bravo
• 

  webGUI log in extremely slow
  • adamw

  13
  0
  Votes
  13
  Posts
  193
  Views

  

  Kind of side track - but software that I have been using for years and just love... Best few bucks ever spent on software ;) I use it pretty much every single day. http://www.faststone.org/FSCaptureDetail.htm They still update it and it has all kinds of bells and whistles for taking screenshots.. It well worth the $20 that is for damn sure.
• X

  SSL_ERROR_NO_CYPHER_OVERLAP when trying to connect to webgui
  • xenicle

  43
  1
  Votes
  43
  Posts
  1462
  Views

  J

  @crbon said in SSL_ERROR_NO_CYPHER_OVERLAP when trying to connect to webgui: When the access the same IP 192.168.1.1 from my PC (running Bitdefender AV) I get the SSL_ERROR_NO_CYPHER_OVERLAP error message instead, and there is no way to bypass it. So that means the AV (Bitdefender in this case) is messing with the connection/certificate as a defense mechanism? (I have ntopng installed as per @jgravert 's reference to the other thread) Defiantly Bitdefender Scan SSL (Encrypted web scan) is active. You may need to flushdns, cache, then restart your browser after turning off Scan SSL in Bitdefender. I had to in order to get mine working again. Alternatively if you get new CA and Certificates then install them on your PC it shouldn't matter if Scan SSL is active. If that doesn't work you may need to completely remove Bitdefender from the PC then reinstall it.
• P

  Fatal Error Selecting DNS Forwarder
  • pfnewb2016

  5
  0
  Votes
  5
  Posts
  268
  Views

  P

  I restored a backup and then was careful to not enable DNS Forwarder while DNS Resolver was already enabled.
• D

  WAN interface only to be manged
  • Dafoxx

  16
  0
  Votes
  16
  Posts
  200
  Views

  D

  Ah, I've changed that over thanks, and yeah ill suggest to the customer to use openVPN, then we dont need the other IP for his server.
• F

  Traffic graph issue
  • Fishrman

  6
  0
  Votes
  6
  Posts
  165
  Views

  F

  @nelsonjhone thank you for trying to help me. I found out what was going on. I figured out that this may be caused by wrong time on my server. For a few versions of PFsense it was showing wrong time. It was always one hour behind, although a correct timezone was selected. I checked BIOS time, I replaced the CMOS battery... I started digging on the Internet and found a guy with similar problem. His solution was setting services -> NTP to both interfaces LAN and WAN. This finally fixed my time and.... traffic graphs. THNX for helping
• J

  Cant edit users
  • joelt

  4
  0
  Votes
  4
  Posts
  118
  Views

  

  Humm. Was about to edit my post but @johnpoz was to fast. Again, I took a user "001", etc etc see my image above. So, I checked the manual (/usr/local/www/systemuser_manager.php and /etc/inc/auth.inc where the function local_user_set() lives) and put this function in debug mode (adding $debug=1; at the start of the function). Logging should became more verbose. Then, I did the thing one shouldn't do, I edited (deleted the line) the user "001001:*:2057:65534:002:/home/001:/sbin/nologin in /etc/passwd. (and removed /home/001001/ also). From there on : I had more vebose logs ***, no more problems. I could edit - and edit again - re-edit, delete, create, edit. I removed the debug line. Still, all ok, the error vanished. Curious. I have this feeling that I touched the /etc/passwd file (system == FreeBSD maintained) and after that all was ok again. I can't explain .... ** more verbose logs in the ....... captive portal log - not the system log ... edit : I rebooted. Could edit a user just fine. Strange - but solved
• 

  Kill OVPN client connection
  • Gil

  43
  0
  Votes
  43
  Posts
  3937
  Views

  M

  Has anyone tried to reproduce the bug?
• J

  SSL certificate signed
  • JohnnyBeGood

  35
  0
  Votes
  35
  Posts
  20959
  Views

  M

  hi; ok i had to do this for https filtering in pfsense i generated the key in pfsense and downloaded it then sudo to ca certs folder made new folder renamed key to .crt file and a etc /cert area then did sudo update-ca-certificates (ubuntu 18.04 based distro) to import and it worked with the message no perm key found or the like, because before doing this you can go nowhere in the net with out that key /crt in or the perm . so I killed https filter and went back to stock squid but still maybe having av scanner issue on fresh install pf 2.4.4 . A lot has changes for me with squid and the setup so still getting pass the new stuff. swore I read https filtering has to be on now as fixed clamav scanning issue I may be wrong but it is a good thing
• A

  Show serial number in webgui?
  • almw

  7
  0
  Votes
  7
  Posts
  248
  Views

  

  Probably being ignored since it's so short. Looks like the widget expects the serial to be 10-16 digits. If you change this line to say 7 instead of 10 it should show up for you.
• D

  Web GUI not accessible on external networks via bridge interface
  • DerShorty

  2
  0
  Votes
  2
  Posts
  114
  Views

  D

  ~ Solved yesterday. Due to tiredness some FW and NAT Rules were not configured correct.
• N

  CSRF Check Failed on Login with no internet
  • Niquest

  5
  1
  Votes
  5
  Posts
  352
  Views

  N

  I know that both the system clock I was logging into from and the pfsense clock were correct BEFORE I disconnected the WAN side, but I didn't check the PFsense clock while disconnected. I know it was correct after I reconnected the WAN side, but I'm using NTP to keep the pfsense clock up to date. I'll test that later and see what I come up with, but I see no reason it would have changed
• B

  Bug? - Traffic Graph Widget
  • bclothier

  1
  0
  Votes
  1
  Posts
  109
  Views

  No one has replied

• S

  "WebCfg - System: User Password Manager" privilege does not allow users to access the UI
  • skullnobrains

  5
  0
  Votes
  5
  Posts
  202
  Views

  S

  thanks to you. i'm reasonably proficient with BSD, but pfsense definitely saves some time even with such glitches. thumbs up for the nice work.
• C

  Can't access to Webgui.please help!
  • Cobik

  10
  0
  Votes
  10
  Posts
  267
  Views

  

  Then you'll probably have to reinstall. You might have added a space in there incorrectly and wiped out the entire drive. You might connect with ssh or scp and see if /conf/config.xml is still there. If so, grab a copy, or at least try https://www.netgate.com/docs/pfsense/backup/automatically-restore-during-install.html#recover-config-xml
• M

  Strange behavior on changing SSH settings
  • maoe-tsuru

  6
  0
  Votes
  6
  Posts
  278
  Views

  M

  Thank you for the info. I just applied the patches using the System Patches package and the configurator seems to work fine.
• R

  Cannot add view under Status->Monitoring
  • revengineer

  2
  0
  Votes
  2
  Posts
  158
  Views

  R

  I was able to fix this myself by editing the config.xml. In the <rrd> section, there was an entry "<savedviews>A</savedviews>" that must have been left over from when I originally created and then deleted a test view. After deleting the line above and rebooting the firewall, adding new view works again. So there is somewhere a bug here but I did not test this to the point where I have instructions for replicating the issue.
• E

  Unbound DHCP registration checkbox bug?
  • Ender117

  24
  0
  Votes
  24
  Posts
  827
  Views

  E

  @gertjan I submitted a bug report: https://redmine.pfsense.org/issues/8981
• M

  Solved - No access to WebGUI after setting interface addresses
  • MEgearhead

  15
  0
  Votes
  15
  Posts
  568
  Views

  M

  So It's now all working after a reboot. I don't know exactly what change made the difference. What I did was disconnect the downstream router, reset factory defaults, set up the interfaces using autodetect, and then configured the interfaces through WebGUI. After configuring the interfaces, I copied the two default rules from LAN to OPT1. I made an error first then corrected it. At this point LAN worked fine but I had no internet on OPT1. Just so the family would have internet, I reconnected the downstream router since I ran out of time to work on it. When I came back to it later, I rebooted pfsense and everything now works. I thought I had tried that the night before, but I may not have after correcting errors in the copied firewall rules from LAN. (When I copied the rules I changed the interface from LAN to OPT1, but I forgot to also change the destination from LANnet to OPT1net.) Thanks so much for all your help! Here are the settings in case it helps someone else: (Anything related to IPv6 or DHCPv6 is likely irrelevant for me as I don't think my connection supports it) Interfaces/WAN: IPv4 - DHCP IPv6 - DHCP6 Interfaces/LAN: General Configuration: IPv4 Type - Static IPv4 IPv6 Type - Track Interface Static IPv4 Configuration: IPv4 Address - 192.168.1.1/24 IPv4 Upstream Gateway - None IPv6 Configuration: IPv6 Interface - WAN IPv6 Prefix - 0 Interfaces/OPT1 General Configuration: IPv4 Type - Static IPv4 IPv6 Type - None Static IPv4 Configuration: IPv4 Address - 192.168.3.1/24 IPv4 Upstream Gateway - None Services/DHCP Server/LAN: Enable - checked Range - 192.168.1.100 to 192.168.1.199 Services/DHCP Server/OPT1: Enable - checked Range - 192.168.3.100 to 192.168.3.199 Services/DHCPv6 Server&RA/LAN/DHCPv6 Server Enable - checked Range - ::1000 to ::2000 Prefix Delegation Size - 48 Firewall/Rules/OPT1: Edit Firewall Rule: (for first rule) Action - Pass Interface - OPT1 Address Family - IPv6 Protocol - Any Source - OPT1net Destination - any Edit Firewall Rule: (for second rule) Action - Pass Interface - OPT1 Address Family - IPv4 Protocol - Any Source - OPT1net Destination - any Settings for Verizon G1100 router: My Network/Network Connections/Broadband Connection/Settings Internet Protocol - Use the Following IP Address IP Address - 192.168.1.200 Subnet Mask - 255.255.255.0 Default Gateway - 192.168.1.1 My Network/Network Connections/Network/Settings Internet Protocol - Use the Following IP Address IP Address - 192.168.2.1 Subnet Mask - 255.255.255.0 IP Address Distribution - DHCP Server Start IP Address - 192.168.2.2 End IP Address - 192.168.2.199
• S

  webgui loops back to login after successful authentication
  • sojot

  2
  0
  Votes
  2
  Posts
  142
  Views

  S

  Hi, Please ignore this post. it seems 3rd time lucky on installing this. Unfortunately nothing intelligent to say on how this was resolved. i must have either made a mistake in one of the setting during the first 2 installs in Virtual Box (cant imagine what though). or something is messed up on my system or installation off VirtualBox but its resolved. apologies to anyone having spend time reading :-)
• 

  Overly long string in System Information tab
  • rmaeder

  4
  1
  Votes
  4
  Posts
  189
  Views

  

  @grimson said in Overly long string in System Information tab: @occamsrazor said in Overly long string in System Information tab: You can disable the Version information completely in the widget settings, or disable only the update check in the update settings. Some RTFM is in order here. Thanks, am aware you can disable the version information pane entirely, and also the update check. I don't think I or the OP want to lose that functionality. We are just talking about the length of the "Version information updated......" string. My comment "Or I'd personally be happy to have the option not to show that info at all" referred only to that string itself - not the pane as a whole or the update check functionality.
• P

  WebGUI returns ERR_EMPTY_RESPONSE after update
  • Pollux

  6
  0
  Votes
  6
  Posts
  162
  Views

  P

  Thanks, I do have a backup from right before the attempted update. Was just curious if there was some way to do it via SSH as well.
• L

  Lost access to webGui after changing from HTTPS to HTTP
  • LotfiDZ

  6
  0
  Votes
  6
  Posts
  204
  Views

  V

  I think there’s an option in the advanced settings regarding an HTTPS feature called HSTS (HTTP Strict Transport Security) that will tell the browser to always use HTTPS when going to that host. I believe HSTS is enabled by default when HTTPS is enabled. You may need to find where in your browser you can go to clear the HSTS setting for your pfSense hostname and/or IP address in order to access it without HTTPS. Or as suggested, you can always use a different browser.
• A

  RADIUS auth in WebUI/OpenVPN does not work
  • ApolloDS

  2
  0
  Votes
  2
  Posts
  142
  Views

  

  FreeRADIUS should be passing Class as a string by default unless the OS you installed it on does something it shouldn't in its distribution. FreeRADIUS on pfSense returns Class as a string and we do not alter any of the dictionaries or config to force it to be that way. Fix your FreeRADIUS instance and it will work fine.
• A

  2.3 Gateway monitor not working
  • authenticx

  8
  0
  Votes
  8
  Posts
  3513
  Views

  

  @grv97 if you are unable to access pfsense webgui, you have bigger issue then whatever your using as monitor not answering the zero payload monitoring ping. BTW this thread is 2 years old, cmb is no longer with us and have not seen him around for long time - he is very active at his new home unifi forums. You are more likely to get some help if you start your own thread with exact details of your problem.