Ouch, could not find anything with the search function and overlooked this thread you linked.
Thanks for clearing it up.

-Rico

@forbidden_magic said in Web GUI Issue (pfSense_2.4.4-p2):

but it tells me that the address is already in use and fails to bind.

By who / what process ?

edit : enter console mode, option 8 and run this command :

ps ax | grep 'nginx'

kill any nginx 'master' process.
Using the kill command followed by the process ID.

Use also

sockstat -4l | grep ':80'

to see which process is bound to the port 80.

Kill them all - and retry option 11.

Your WAN is RFC1918? You need to uncheck Block private networks and loopback addresses then.

-Rico

@JeGr Sorry for taking so long to reply.

Broken link came from navigating to the "Status" --> "Monitoring" page in my pfSense router, then clicking on the "?" icon in the top right of the page. That links to "https://192.168.1.1/help.php?page=status_monitoring.php", which seems to redirect to "http://docs.pfsense.org/index.php/No_Help_Found", which then redirects to "https://docs.netgate.com/pfsense/en/latest/index.html". I was expecting documentation about the "Monitoring" page. I guess I'm still just a n00b but I was expecting the redirect to something that actually pertained to the page I was looking at.

I don't know how the "documentation" and the "book" differ in the origin of their content. I erroneously thought they originated from the same place because their visual layout was / is nearly identical. I had to compare the URLs side-by-side to realize I was looking at a different body of documentation. We can consider this issue resolved.

@kom Hi
Yeah, it's a little weird, I'll look for a phone with a newer version of android and do the test. Thanks.

forget my question.
I should read the whole doc before asking...

https://docs.netgate.com/pfsense/en/latest/usermanager/locked-out-of-the-webgui.html#ldap-authentication-problems

@gertjan thanks! I've checked that post but it seems in that case he's waiting quite a few of seconds. I'm waiting here like a 2 seconds or so to load the main web page, while the others are loading almost instantly.

In any case I've tried removing the DNS (I had 1.1.1.1 and 8.8.8.8 on General setup) and disabled automatic updates checker. Still same problem. I'm guess this is just normal 🤔

1st & 3rd fields are my email address, so From: and Notification:

@dam034 said in Bind webGUI only to certain interfaces:

The pfsense machine WAN IP is private, and I'm now trying from another pc in the same LAN as pfsense's WAN interface.
Is there any mistake?

No mistake at all.
Look at your firewall rules.
The first rule is put in place 'automatically' when you check this option on the WAN interface.
Here it is :
0_1551249981391_1d0b3dca-7a30-4529-a723-1c0b7dbcce20-image.png
So, when this box is checked - yours is checked - local IP's like (192.168./16 10/8 etc) are blocked.
The counter in front of your first rule indicates it is blocking "something".
These must be your attempts to use your phone to connect to the GUI.

When you use your phone, you use some real WAN IP (an address IPv4 that is addressable on the Internet).
The connection comes in on your first router, probably the one your ISP gave to you, or some other upstream device.
This device NAT's to the pfSense WAN IP - and this IP is a "RFC 1918" class IP.
pfSense, according to your instructions, blocks these IP's.

Btw : before you ask : the second rule will not bother you, although it's a nice exercise to know who's triggering that rule ^^

I'd be tempted to create student001 to student100.

You may be able to get clever and create student001 via the GUI, do a backup and take a text editor to the XML file to create the other 99 accounts.

<config> <sortable></sortable> <varusersusername>student1</varusersusername> <varuserspassword>student1</varuserspassword> <varuserspasswordencryption>Cleartext-Password</varuserspasswordencryption> <varusersmotpenable></varusersmotpenable> <varusersauthmethod>motp</varusersauthmethod> <varusersmotpinitsecret></varusersmotpinitsecret> <varusersmotppin></varusersmotppin> <varusersmotpoffset></varusersmotpoffset> <qrcodetext></qrcodetext> <varuserswisprredirectionurl></varuserswisprredirectionurl> <varuserssimultaneousconnect></varuserssimultaneousconnect> <description></description> <varusersframedipaddress></varusersframedipaddress> <varusersframedipnetmask></varusersframedipnetmask> <varusersframedroute></varusersframedroute> <varusersvlanid></varusersvlanid> <varusersexpiration></varusersexpiration> <varuserssessiontimeout></varuserssessiontimeout> <varuserslogintime></varuserslogintime> <varusersamountoftime></varusersamountoftime> <varuserspointoftime>Daily</varuserspointoftime> <varusersmaxtotaloctets></varusersmaxtotaloctets> <varusersmaxtotaloctetstimerange>daily</varusersmaxtotaloctetstimerange> <varusersmaxbandwidthdown></varusersmaxbandwidthdown> <varusersmaxbandwidthup></varusersmaxbandwidthup> <varusersacctinteriminterval></varusersacctinteriminterval> <varuserstopadditionaloptions></varuserstopadditionaloptions> <varuserscheckitemsadditionaloptions></varuserscheckitemsadditionaloptions> <varusersreplyitemsadditionaloptions>Class := &quot;admins&quot;</varusersreplyitemsadditionaloptions> </config>```

I can attest to this behaviour. There's a bug in the monitoring page where it can get into this state where no new views can be added, claiming to succeed but failing silently.

Thanks for the quick reply! I totally missed that. For now I edited config.xml's syslog section, and sure enough it works perfectly fine now!

Hi Mate,

If you check out my other thread that has a bit more information,

https://forum.netgate.com/topic/118855/new-theme-pfsense-dark-orange

Plus a downloadable zip file. You need to right click on the hyperlink and select save as rather than just clicking on the link as that throws up an error.

Cheers

OpenVPN server, ones started is pretty stable and solid.

I just read the OpenVPN section of the pfSense book. It seems like OpenVPN on pfSense with multi-WAN is the way to go.