webGUI

• E

  Browser freezes when loading 2000+ rows of firewall rules
  • ekanthan  

  11
  0
  Votes
  11
  Posts
  128
  Views

  

  @ekanthan said in Browser freezes when loading 2000+ rows of firewall rules: As a workaround, Disabling the dragging option in System -> General Setup resolves this freezing issue That is the reason that option exists. It's a client browser issue, not a firewall bug, and that option helps your browser cope with large rulesets.
• T

  LDAP SSL AD auth Issue with 2.4.5-RELEASE
  • travisbrackett  

  5
  0
  Votes
  5
  Posts
  59
  Views

  

  OK. First things first, try to run options 16 and 11 from the console (ssh or serial/video console), or reboot after making any changes to the LDAP auth config. Sometimes the PHP LDAP environment gets out of sync and the 16/11 combo is the fastest way to ensure it's consistent.
• S

  Locked out - no access to WebGUI
  • sensori  

  3
  0
  Votes
  3
  Posts
  30
  Views

  S

  @viragomann many thanks!!! Restored, rebooted and now everything is ok again.
• S

  Access Web GUI from WAN
  • schuhdw  

  1
  0
  Votes
  1
  Posts
  22
  Views

  No one has replied

• M

  From subnets, I can access pfsense GUI by using my public address.
  • mcury  

  3
  0
  Votes
  3
  Posts
  48
  Views

  M

  Thanks for the reply Derelict. I have been configuring my firewall rules since a long time, just blocking access to internal networks, including subnets gateway, ports 80,443,22. Now, I will include block to wan address as well.
• T

  Firewall Logs no longer showing rule names
  • tekkat  

  3
  0
  Votes
  3
  Posts
  38
  Views

  T

  I'm not concerned about what is being logged. (I had log bogon on, then turned it off.) I'm concerned that the Rule name has disappeared. e.g. why is it saying 11000 instead of saying 'block bogon...' in the Rule column? Is this the case for all default rules?
• E

  Unbound DHCP registration checkbox bug?
  • Ender117  

  25
  0
  Votes
  25
  Posts
  1370
  Views

  

  I hit this one today... made a comment over here: https://forum.netgate.com/post/920791
• V

  Web GUI Smart Card Authentication Howto
  • valedito  

  1
  1
  Votes
  1
  Posts
  41
  Views

  No one has replied

• T

  LAN link showing as "down" in the webGUI widget even though everything is functioning normally
  • timesscar  

  1
  0
  Votes
  1
  Posts
  24
  Views

  No one has replied

• E

  csrf-magic.php crash report
  • e-1-1  

  1
  0
  Votes
  1
  Posts
  25
  Views

  No one has replied

• D

  Web UI Disable TLS 1.1
  • defunct78  

  3
  0
  Votes
  3
  Posts
  41
  Views

  D

  Thanks sound good. Tested and it worked great. Thanks for the quick response.
• D

  Web UI times out when WAN is down
  • DavidGA  

  3
  0
  Votes
  3
  Posts
  50
  Views

  

  @DavidGA said in Web UI times out when WAN is down: Additional Googling reveals this bug. Is this my problem? https://redmine.pfsense.org/issues/8987 Looks like it. I'm not quite sure how to parse that page but it looks like it's resolved in "2.4.5-p1". I'm running "2.4.5" - is that the same version? It claims there are currently no updates available. 2.4.5-p1 is not out yet. It's being tested now, will be out soon.
• K

  Pfsense Web interface unavailable
  restore networking virtualization • • Klueze  

  1
  0
  Votes
  1
  Posts
  40
  Views

  No one has replied

• P

  Use of WebGUI Requires Two Attempts in Order to Invoke Action.
  • pslinn  

  1
  0
  Votes
  1
  Posts
  29
  Views

  No one has replied

• B

  Gui Logon Issue
  • Bridger  

  1
  0
  Votes
  1
  Posts
  47
  Views

  No one has replied

• Z

  best practices for remotely administering a pfSense machine after remote install?
  • zippydan  

  3
  0
  Votes
  3
  Posts
  107
  Views

  Z

  Thanks. I ended up taking your advice and setting up another light linux VM to use as simply a browser client.
• K

  SEC_ERROR_INADEQUATE_KEY_USAGE when accessing the webGUI from Firefox
  • kevindd992002  

  23
  0
  Votes
  23
  Posts
  17168
  Views

  M

  @Gertjan said in SEC_ERROR_INADEQUATE_KEY_USAGE when accessing the webGUI from Firefox: Hi, Click on and you see what cert is used by pfSense, what SAN, if the dates are ok, etc. The Time is set good .. no problem with it This : @jimp said in SEC_ERROR_INADEQUATE_KEY_USAGE when accessing the webGUI from Firefox: You can make a fresh GUI cert from the console with current best defaults with pfSsh.php playback generateguicert This the point .. How i can generate a new cert and from where Please can you help me will generate a new cert. Firefox won't trust it at first, but you can overreirde this. because you know that "https://192.168.1" or "https://my-pfsense.my-network.tld" IS your pfSese and not some hacked site. You can also use the console access to reset GUI access, so that http://192.168.1.1 is useable, so you can inspect with the GUI what the issue is. I did this when i could not access since first time .. and it works with http
• M

  Weird error in syslog - open() "/usr/local/www/robots.txt" failed (2: No such file or directory)
  • Madsurfer  

  3
  0
  Votes
  3
  Posts
  39
  Views

  M

  @jimp Ok clear. I will monitor what is specifically happens from that IP and dig a little deeper. Thanks for the swift reply.
• K

  how to access webgui over wan port?
  • KhaledSN  

  3
  0
  Votes
  3
  Posts
  58
  Views

  

  @KhaledSN Have you tried these methods? https://docs.netgate.com/pfsense/en/latest/book/config/what-to-do-when-locked-out-of-the-webgui.html#add-a-rule-with-easyrule and check that nginx is running and listen on 443: # sockstat | grep 443
• N

  CSRF Check Failed on Login with no internet
  • Niquest  

  10
  1
  Votes
  10
  Posts
  5069
  Views

  B

  I just seen this error today. Internet is all connected. Maybe a clock issue. Dunno. CSRF check failed Missing or expired CSRF token Form session may have expired, cookies may not be enabled, or possible CSRF-based attack. Resubmitting this request may put the firewall at risk or lead to unintended behavior.
• 

  Traffic appearing on two VLAN graphs
  • lohphat  

  2
  0
  Votes
  2
  Posts
  42
  Views

  No one has replied

• B

  Upgrade to 2.4.5 and WebGUI is blank.
  • basm  

  7
  0
  Votes
  7
  Posts
  99
  Views

  B

  @Gertjan Yeah, I restored config via console a couple of times and it didn't help. Something about the GUI got clobbered in the initial update. A reinstall did the trick.
• S

  Status: Monitoring is completely broken, pfSense 2.4.5
  monitoring • • scurrier  

  14
  0
  Votes
  14
  Posts
  210
  Views

  

  @scurrier : check System > Routing > Gateways IS WAN really WAN (an old interface name ?) and now called WAN_DHCP ? (example) ? What are the gateway names ? Is monitoring activated for them ? edit : ls -al /var/db/rrd old, abandoned rrd files (== abandoned interface names) might exist.
• T

  Unable to acccess Web GUI of fresh installed Pfsense on Virtual Box
  • techsovereignty  

  2
  0
  Votes
  2
  Posts
  87
  Views

  T

  If you want to access the LAN side of pfSense that's running in the vm from within windows. You'll have to create a bridge interface in your host OS then set your pfSense's LAN interface to be bridged to that bridge interface. for example windows | bridge interface | virtualbox | pfsense LAN interface (using the bridge interface in the host OS) | pfsense WAN interface (using the NAT interface in virtualbox) | Internet
• C

  RRD Graphs are gone missing??
  • Cool_Corona  

  3
  0
  Votes
  3
  Posts
  33
  Views

  C

  Thanks :)
• T

  Fireall Aliases not working as expected
  • TechTeamjim  

  4
  0
  Votes
  4
  Posts
  42
  Views

  T

  Curious, I looked at one of our routers. Out of 22 IP aliases, mix of host and network, 15 show in diagnostics/tables. When creating a rule though, if you pick "single host or alias" then you can type in the Source Address field to the right and it should dynamically show you matching aliases. Even ones not on the diagnostics page show there for me. They don't show in a dropdown.
• P

  change language not work in 2.4.5
  • peterchan9  

  1
  0
  Votes
  1
  Posts
  55
  Views

  No one has replied

• R

  400 Bad request | The plain HTTP request was sent to HTTPS port | nginx
  nginx webgui • • richardrfb  

  3
  0
  Votes
  3
  Posts
  62
  Views

  R

  @Gertjan, obrigado! Fiz a restauração através do console, opção 15, agora consigo acessar as configurações através do Webconfig. Teve um detalhe, eu tive que efetuar o restar do webconfigurator, depois disso foi possivel logar no Webgui. Mais uma vez, obrigado!
• T

  webConfigurator is blocking port 80
  • TheNetStriker  

  1
  0
  Votes
  1
  Posts
  29
  Views

  No one has replied

• S

  Upgrade to 2.4.5 and admin user has limited rights
  • Stewart  

  2
  0
  Votes
  2
  Posts
  34
  Views

  S

  Found it. config.xml remove the member with the ID of 0 (since that is the ID of the admin user). After a reboot it's working.
• K

  No logs to display
  • karis_pk  

  3
  0
  Votes
  3
  Posts
  158
  Views

  K

  @Gertjan Thank you, it is working perfectly now after setting it up as you have suggested. Thanks again
• C

  WebGUI Lag
  • cyrus104  

  14
  0
  Votes
  14
  Posts
  128
  Views

  C

  Not zombies!!!! Well I did restore this config from awhile ago but I didn't even think I had it active on the last build. Regardless, I went ahead and removed it unless I come up with a reason to use it and then I reinstall it and hopefully that will fix anything broken by an initial misconfiguration. So far it's loading in about 5-8 seconds. I'll continue to check on it while troubleshooting other issues. Thanks.
• C

  Strange webGUI
  • cofee  

  8
  0
  Votes
  8
  Posts
  132
  Views

  C

  @jimp I tried what you suggested, but unfortunately nothing changed. Webgui is not available from other subnets.
• T

  webGUI over HTTPS not working after restoring backup
  • tgoltz  

  6
  0
  Votes
  6
  Posts
  107
  Views

  

  Euhhh, OPenVPN will never ever bind to port 443 TCP. As you already found out, nginx, the GUI web interface binds to 0.0.0.0:443 aka all the available networks. Starting OpenVPN fill produce a fail, or the GUI fails on all pfSense installs that use OpenVPN, and lately, that's a lot. So .... check your OpenVPN config ;) Btw : it's possible to use 443 TCP for OpenVPN. In that case, move the GUI web server out of the way first. @tgoltz said in webGUI over HTTPS not working after restoring backup: Is there a way to tell webconfigurator to only try to bind to the address of my LAN interfaces? Short answer : no. Long answer : of course. Check the nginx web configuator config file. Locate where and how "bind to 0.0.0.0:443" is written. Now, look up where the config file is build (probably /etc/inc/services.inc) and change the part where the "listen ..." is laid out - and hardcode your LAN interface there. Beyond that : make a drop list in the GUI, store the selection in the config file, and use that one to select your interface. Consider even making a pull request and your code will live forever. edit : The coding of the Anti-lockout on System > Advanced >Admin Access will probably need some attention. The word LAN over there would be the interface where nginx is listening.
• 

  Dashboard autologout annoyance in 2.4.5
  • rmaeder  

  3
  0
  Votes
  3
  Posts
  70
  Views

  

  I changed the "Session timeout" in the System/UserManager menu to 43200 (about one month), and so far there haven't been any more forced logouts. Perhaps there is a problem with setting this value to "0"? Let's wait and see.
• P

  User rights - Edit NAT - No interfaces in list to choose from
  • Parallelverschiebung  

  3
  0
  Votes
  3
  Posts
  33
  Views

  P

  Thank you! You're right, firewall access is not ideal in this case. But it's necessary for us to let people manage their port forwarding rules, so this is a preliminary solution we can live with. I hope they change this behaviour in a future release.
• B

  [Solved] Lots webgui, page doesn't load
  • bfred  

  8
  0
  Votes
  8
  Posts
  88
  Views

  

  @bfred said in [Solved] Lots webgui, page doesn't load: it didn't break just after saving it (or applying it?) What you saw was the proof of having a stateful firewall. Initial connections going trough the firewall rules are matched with the firewall rules, top to bottom. If one rule matches as a "pass", a firewall state is created, and subsequent traffic bypasses the firewall, because it's known as accepted. This accelerates a lot traffic throughput. As long as you do not edit the initial matching rule, the state keeps up. Even when you add or edit a rule above your initial rule that would block such a connection. To really apply new rules that do not "seem to work right away" you have to manually reset the states, or, same thing : reset the firewall as does a reboot. See Diagnostics > States > States and Reset States. @bfred said in [Solved] Lots webgui, page doesn't load: https port from 1 machine to a different port on that same machine A device on the Internet ?
• J

  cannot this error when accessing web interface over the internet getting "outdated or unsafe TLS security"
  • jojothehumanmonkey  

  4
  0
  Votes
  4
  Posts
  100
  Views

  J

  thanks much for the advice, i figured out how to setup the openvpn. the wizard was pretty good. took me a while to figure out the the wizard does not create a user in the local user database. i have an account with packtpub.com. they have several books on pfsense. i like my sg1100,
• J

  IPSEC Mobile GUI Improvement
  • jumpers  

  4
  0
  Votes
  4
  Posts
  40
  Views

  J

  Thanks jimp: done as suggested: Feature #10340 (https://redmine.pfsense.org/issues/10340)
• P

  Cannot access webui: web ui is not supported in VSX mode
  • potter  

  3
  0
  Votes
  3
  Posts
  97
  Views

  P

  You are correct. I looked at the the system.log and it is complaining about another 192.168.1.1 with a different mac. I workaround the problem by using 10.x.x.x instead for LAN