webGUI

• R

  Setting firewall log size: Fatal error: Uncaught Error: Cannot use string offset as an array in /usr/local/www/status_logs_common.inc:668
  • rgijsen

  3
  0
  Votes
  3
  Posts
  16
  Views

  R

  Thanks for the quick reply! I totally missed that. For now I edited config.xml's syslog section, and sure enough it works perfectly fine now!
• L

  Feature Request: DHCP recycle buttons on Dashboard
  • LeftCoastGeek

  1
  0
  Votes
  1
  Posts
  48
  Views

  No one has replied

• C

  pfSense Classic Orange Theme
  • cheesyboofs

  6
  1
  Votes
  6
  Posts
  778
  Views

  C

  Hi Mate, If you check out my other thread that has a bit more information, https://forum.netgate.com/topic/118855/new-theme-pfsense-dark-orange Plus a downloadable zip file. You need to right click on the hyperlink and select save as rather than just clicking on the link as that throws up an error. Cheers
• M

  Login protection for webGUI
  • maoe-tsuru

  7
  0
  Votes
  7
  Posts
  140
  Views

  M

  OpenVPN server, ones started is pretty stable and solid. I just read the OpenVPN section of the pfSense book. It seems like OpenVPN on pfSense with multi-WAN is the way to go.
• L

  Cannot Backup XML Configuration
  • LeiShen

  4
  0
  Votes
  4
  Posts
  86
  Views

  L

  Thanks everyone! I only have about a dozen extensions in Chrome, so I went through each one and disabled them until I found the culprit: Free Download Manager. That one used to work... So I've disabled that extension for pfSense and everything is happy now. I'll trundle over to FDM forum and post a bug report there. Thanks again!
• B

  Update SSL Certificate from command line
  • berbec

  15
  0
  Votes
  15
  Posts
  1142
  Views

  L

  @bartgrefte said in Update SSL Certificate from command line: Once I got certbot-auto working, i Hi i was testing u script last friday so i geting somes issues, tomorrow i will tell exactly.. i'm at home rigth now. I really do not understand at all, in all or almost all the post I read that acme package does the job of importing the certificate, but my other devices are without connection to the internet, some think like you are describe. it is clear to me that those options are there in the code of acme package to import it into the pfsense interface, but the question would be that parameter is passed for the case that is not to validate or renew the certificate and this only download or copy from or to another devise without internet conection like internal intranet. thanks.
• R

  (Solved) Dashboard traffic not consistent with Status > Traffic Graph
  • Raffi_

  9
  0
  Votes
  9
  Posts
  179
  Views

  R

  @jdillard Thank you! Awesome, that was quick. I have my box set to stable branch. I'll take a look at that in the next stable release.
• T

  Automating Certificate imports with letencrypt script
  • tylerhoadey

  18
  0
  Votes
  18
  Posts
  8503
  Views

  L

  @hvisage said in Automating Certificate imports with letencrypt script: enewAll weekly/monthly from cron, followed by Hi @hvisage thats script still alive? it work on recent vertions?? i'm stating to automate the copy of my acme generated certificates on one pfsense/dns server to other servers web, mail on my network, i'm looking for some solutions scripting for that end... ofther runn my script it give to me some error related permission over config.xml and config.cache so thats permissions cant be changed by a regular user. has ben pass 2 years of this post but never is late to make the work fine ... thanks
• 

  Status / Monitoring does not show anything
  • _neok

  4
  0
  Votes
  4
  Posts
  184
  Views

  

  @chrismacmahon Thank you for answering. I'd already done it. But just to confirm, I installed a new Opera browser and tried. Same issue . Definitely a pfSense problem. I just don't know how to track it. Could it be that there is some process or scheduled task that collects that data that is failing?
• S

  reuse DHCP leases list?
  • Sir-Silence

  1
  0
  Votes
  1
  Posts
  77
  Views

  No one has replied

• B

  WebGUI unavailable after ip change
  • billmcg

  2
  0
  Votes
  2
  Posts
  103
  Views

  

  Yes, flushing the browser cache fixes many Web-related glitches.
• V

  Setting issue or bug?
  • Visseroth

  11
  0
  Votes
  11
  Posts
  456
  Views

  C

  Thank god i found out this thread :) I was thinking, that something is wrong with my custom pfSense box, but i can confirm, that this issues still resides. If I started a download in Firefox and then used the same Firefox browser to view the dashboard for the traffic graphs - the download would slow down a lot. When i view the dashboard from Chrome, no problem with speed. using: 2.4.4-RELEASE-p1 (amd64) built on Mon Nov 26 11:40:26 EST 2018 FreeBSD 11.2-RELEASE-p4 EDIT: with the latest Firefox 64.0 version, the issue is gone!
• J

  Chrome is still trying to access web gui with ssl
  • jnic

  2
  0
  Votes
  2
  Posts
  137
  Views

  

  Try clearing your cookies etc, try using Incognito mode, try using a different browser. It's not a pfSense issue.
• T

  Suricata cannot change HOME NET list?
  • tomstephens89

  11
  0
  Votes
  11
  Posts
  359
  Views

  

  @justme2 In general, third-party tools are not the best idea on a firewall. pfSense includes a number of useful API-type function calls for parsing network masks and addresses and performing other types of IP address related functions. Take a look at the include files and functions in the /etc/inc directory on your firewall. See if the built-in functions will work for you first. You can also use any built-in PHP calls.
• Z

  Webgui does not start after reboot
  • zorrox

  13
  0
  Votes
  13
  Posts
  360
  Views

  Z

  After a few hours, my pfsense is magically accessible on port 444 again. I think it did not change the port to default when I tried it the first time because it was not responding when I saved the change. So I have tried saving it with the default port 443 again and now it is working, I can access the openvpn and webgui on port 443 from my WAN interface. However I think it is not safe to expose the webgui to Internet so I revert to 444. I cannot restrict 443 to certain IP addresses as I want OpenVPN accessible from anywhere.
• F

  LDAP failed Diagnostics-Authentication
  • fayRofa

  1
  0
  Votes
  1
  Posts
  81
  Views

  No one has replied

• N

  PFSENSE : Disable WAN WebGUI on Virtual IP port for use later
  • nathansj26

  11
  0
  Votes
  11
  Posts
  368
  Views

  J

  FWIW - submitted it and the response was a bit disheartening. Apparently a ticket has been open over 8 years ago on this issue. A work-around was suggested. The primary issue with "work arounds" is that at some point when a firewall's configuration is complex enough - it begins to look like a spaghetti mess. Some years ago was tasked with auditing and cleaning up a firewall where it was on the order of somewhere around 36k lines. Every change to code on a product has a cost, but hopefully at some point this issue (and like issues) will be resolved so that work arounds aren't required. Not to mention the fact that adding unnecessary complexity simply aids in the probability of mistakes or inadvertent passing of unintended packets. There's an interesting line between simplicity and the ability to provide enough "configure-ability" to meet a variety of needs.
• M

  board panel : long, looooong time to load...
  • megs

  4
  0
  Votes
  4
  Posts
  115
  Views

  

  Bas DNS still has impacts these days ^^
• P

  Web GUI SSL error ERR_SSL_VERSION_OR_CIPHER_MISMATCH
  • philled

  8
  0
  Votes
  8
  Posts
  380
  Views

  R

  Mea Culpa. Laptops loaded with BITDEFENDER 2019 are using encrypted web scan protection even when an exception is loaded for PFSENSE firewall which is triggering the error. Turning off encrypted web scan under online web protection allows the correct self-signed security error under the browsers which may be overridden. Thanks for all. Off I go to Bitdefender to ask them to truly honor added exceptions. Sigh.
• 

  Can not access: System Advanced
  • icabrera

  3
  0
  Votes
  3
  Posts
  159
  Views

  

  @kom thanks a lot for your help, I did the hard refresh and rebooted the system and the problem has gone.
• 

  disabling NAT redirect entry clears description in associated rule
  • adamw

  1
  0
  Votes
  1
  Posts
  69
  Views

  No one has replied

• 

  2.4.4: Secure Shell Public Key Settings Not Generating Key
  • beremonavabi

  6
  0
  Votes
  6
  Posts
  163
  Views

  

  I'm pretty sure this is fixed with 2.4.4_1. The error messages have gone away and when I reset the options the system paused for quite some time. I'm assuming it was generating the keys. I didn't get any message about key generation, though.
• R

  Slow GUI
  • rmessina

  6
  0
  Votes
  6
  Posts
  1048
  Views

  R

  Hello Guys, I did had the same problem before, notice the pfsense was routing the tracfic to the wrong gateway check your configurations under System-->Routing make sure the pfsense is pointing to the correct gateway let me know if that help Thanks.
• 

  Can't Access pfSense Interface When Using 10GbE NIC
  • ARAMP1

  7
  0
  Votes
  7
  Posts
  196
  Views

  

  @aramp1 Good work! Bravo
• 

  webGUI log in extremely slow
  • adamw

  13
  0
  Votes
  13
  Posts
  284
  Views

  

  Kind of side track - but software that I have been using for years and just love... Best few bucks ever spent on software ;) I use it pretty much every single day. http://www.faststone.org/FSCaptureDetail.htm They still update it and it has all kinds of bells and whistles for taking screenshots.. It well worth the $20 that is for damn sure.
• X

  SSL_ERROR_NO_CYPHER_OVERLAP when trying to connect to webgui
  • xenicle

  43
  1
  Votes
  43
  Posts
  1941
  Views

  J

  @crbon said in SSL_ERROR_NO_CYPHER_OVERLAP when trying to connect to webgui: When the access the same IP 192.168.1.1 from my PC (running Bitdefender AV) I get the SSL_ERROR_NO_CYPHER_OVERLAP error message instead, and there is no way to bypass it. So that means the AV (Bitdefender in this case) is messing with the connection/certificate as a defense mechanism? (I have ntopng installed as per @jgravert 's reference to the other thread) Defiantly Bitdefender Scan SSL (Encrypted web scan) is active. You may need to flushdns, cache, then restart your browser after turning off Scan SSL in Bitdefender. I had to in order to get mine working again. Alternatively if you get new CA and Certificates then install them on your PC it shouldn't matter if Scan SSL is active. If that doesn't work you may need to completely remove Bitdefender from the PC then reinstall it.
• P

  Fatal Error Selecting DNS Forwarder
  • pfnewb2016

  5
  0
  Votes
  5
  Posts
  341
  Views

  P

  I restored a backup and then was careful to not enable DNS Forwarder while DNS Resolver was already enabled.
• D

  WAN interface only to be manged
  • Dafoxx

  16
  0
  Votes
  16
  Posts
  273
  Views

  D

  Ah, I've changed that over thanks, and yeah ill suggest to the customer to use openVPN, then we dont need the other IP for his server.
• F

  Traffic graph issue
  • Fishrman

  6
  0
  Votes
  6
  Posts
  227
  Views

  F

  @nelsonjhone thank you for trying to help me. I found out what was going on. I figured out that this may be caused by wrong time on my server. For a few versions of PFsense it was showing wrong time. It was always one hour behind, although a correct timezone was selected. I checked BIOS time, I replaced the CMOS battery... I started digging on the Internet and found a guy with similar problem. His solution was setting services -> NTP to both interfaces LAN and WAN. This finally fixed my time and.... traffic graphs. THNX for helping
• J

  Cant edit users
  • joelt

  4
  0
  Votes
  4
  Posts
  172
  Views

  

  Humm. Was about to edit my post but @johnpoz was to fast. Again, I took a user "001", etc etc see my image above. So, I checked the manual (/usr/local/www/systemuser_manager.php and /etc/inc/auth.inc where the function local_user_set() lives) and put this function in debug mode (adding $debug=1; at the start of the function). Logging should became more verbose. Then, I did the thing one shouldn't do, I edited (deleted the line) the user "001001:*:2057:65534:002:/home/001:/sbin/nologin in /etc/passwd. (and removed /home/001001/ also). From there on : I had more vebose logs ***, no more problems. I could edit - and edit again - re-edit, delete, create, edit. I removed the debug line. Still, all ok, the error vanished. Curious. I have this feeling that I touched the /etc/passwd file (system == FreeBSD maintained) and after that all was ok again. I can't explain .... ** more verbose logs in the ....... captive portal log - not the system log ... edit : I rebooted. Could edit a user just fine. Strange - but solved
• 

  Kill OVPN client connection
  • Gil

  43
  0
  Votes
  43
  Posts
  4349
  Views

  M

  Has anyone tried to reproduce the bug?
• J

  SSL certificate signed
  • JohnnyBeGood

  35
  0
  Votes
  35
  Posts
  21499
  Views

  M

  hi; ok i had to do this for https filtering in pfsense i generated the key in pfsense and downloaded it then sudo to ca certs folder made new folder renamed key to .crt file and a etc /cert area then did sudo update-ca-certificates (ubuntu 18.04 based distro) to import and it worked with the message no perm key found or the like, because before doing this you can go nowhere in the net with out that key /crt in or the perm . so I killed https filter and went back to stock squid but still maybe having av scanner issue on fresh install pf 2.4.4 . A lot has changes for me with squid and the setup so still getting pass the new stuff. swore I read https filtering has to be on now as fixed clamav scanning issue I may be wrong but it is a good thing
• A

  Show serial number in webgui?
  • almw

  7
  0
  Votes
  7
  Posts
  315
  Views

  

  Probably being ignored since it's so short. Looks like the widget expects the serial to be 10-16 digits. If you change this line to say 7 instead of 10 it should show up for you.
• D

  Web GUI not accessible on external networks via bridge interface
  • DerShorty

  2
  0
  Votes
  2
  Posts
  151
  Views

  D

  ~ Solved yesterday. Due to tiredness some FW and NAT Rules were not configured correct.
• N

  CSRF Check Failed on Login with no internet
  • Niquest

  5
  1
  Votes
  5
  Posts
  517
  Views

  N

  I know that both the system clock I was logging into from and the pfsense clock were correct BEFORE I disconnected the WAN side, but I didn't check the PFsense clock while disconnected. I know it was correct after I reconnected the WAN side, but I'm using NTP to keep the pfsense clock up to date. I'll test that later and see what I come up with, but I see no reason it would have changed
• B

  Bug? - Traffic Graph Widget
  • bclothier

  1
  0
  Votes
  1
  Posts
  142
  Views

  No one has replied

• S

  "WebCfg - System: User Password Manager" privilege does not allow users to access the UI
  • skullnobrains

  5
  0
  Votes
  5
  Posts
  252
  Views

  S

  thanks to you. i'm reasonably proficient with BSD, but pfsense definitely saves some time even with such glitches. thumbs up for the nice work.
• C

  Can't access to Webgui.please help!
  • Cobik

  10
  0
  Votes
  10
  Posts
  346
  Views

  

  Then you'll probably have to reinstall. You might have added a space in there incorrectly and wiped out the entire drive. You might connect with ssh or scp and see if /conf/config.xml is still there. If so, grab a copy, or at least try https://www.netgate.com/docs/pfsense/backup/automatically-restore-during-install.html#recover-config-xml
• M

  Strange behavior on changing SSH settings
  • maoe-tsuru

  6
  0
  Votes
  6
  Posts
  329
  Views

  M

  Thank you for the info. I just applied the patches using the System Patches package and the configurator seems to work fine.
• R

  Cannot add view under Status->Monitoring
  • revengineer

  2
  0
  Votes
  2
  Posts
  184
  Views

  R

  I was able to fix this myself by editing the config.xml. In the <rrd> section, there was an entry "<savedviews>A</savedviews>" that must have been left over from when I originally created and then deleted a test view. After deleting the line above and rebooting the firewall, adding new view works again. So there is somewhere a bug here but I did not test this to the point where I have instructions for replicating the issue.