Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web GUI Access Denied even with password reset

    Scheduled Pinned Locked Moved
    Official Netgate® Hardware
    2
    6
    216
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      badbobby
      last edited by badbobby

      I have a NetGate pfSense 1100 device. Went to log into the Web UI with the admin account and couldn't get in. After a failed login attempt both the web UI and SSH become unresponsive for several minutes. Thinking I had the incorrect password, I tried resetting via the serial console.

      I've tried:
      a) Choosing option #3 from the console menu to reset the admin password
      b) Dropping to console and running the /etc/rc.initial.password script
      c) Going to the phpshell and running "playback changepassword"

      Additionally, from the console menu I've tried options #11 and #16 to restart the Web UI and the PHP-FPM. I've tried pfctl -T flush -t sshguard in case that was blocked. Also rebooted the unit.

      Nothing works.

      From the phpshell I've tried printing the users and the account is there. After changing the password (e.g. vi playback changepassword) the password hash changes, so the password is being updated, but I still get an incorrect username or password message when trying to log in.

      netgate_users.png

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        What pfSense version are you running?

        What is logged when you try to login?

        B 1 Reply Last reply Reply Quote 0
        • B
          badbobby @stephenw10
          last edited by

          @stephenw10 Thanks for the follow-up. The devices is running Pfsense Plus v23.05.1

          I don't see any log entries. There's a /var/log/auth.log file, but that doesn't include any entries for the failed Web UI login, only the fact that I accessed the serial as root.

          SSH to the device times out, so I can't check the log for those entries.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            I assume you can access the filesystem at the console though?

            The main log (/var/log/system.log) shows failed login attempts when you try to login?

            B 1 Reply Last reply Reply Quote 0
            • B
              badbobby @stephenw10
              last edited by

              Thanks again for your time. I have access to that log. There are really old entries from previous months, e.g.

              Sep 20 16:02:08 webproxy php-fpm[736]: /index.php: webConfigurator authentication error for user 'admin' from: 10.254.201.100
Sep 20 16:05:39 webproxy php-fpm[736]: /index.php: Successful login for user 'admin' from: 10.254.201.100 (Local Database)

              But there are no recent entries of either failed or successful logins (and there were many failed logins over the last day). It's not a case of storage, as it has other recent entries (e.g. the root login on tty0, or from running the "changepasswd" script).

              We use about 50 Netgates for various services and have had to bring a few back in for a factory default because they've gone belly-up. I don't know if it's related, but this one is running more critical I'd really like to avoid the downtime and perhaps find a root cause.

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Hmm, odd. Do you have logs from when it initially failed? That's the only way we're likely to know what happened.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post