No access to pfSense webgui (suddently) but SSH works, other clients in VLAN can access

LaUs3r

Guys,

I am fully lost in the woods.

Suddenly I cannot access my pfSense webgui anymore from my main PC (192.168.10.2, VLAN 10).
My pfSense is on 192.168.0.1 (port 80)

On my client (192.168.10.2) --> pfSense (192.168.0.1):

• webgui: http://192.168.0.1:80 endless loading, no timeout message (Firefox, Chrome, Edge - also in private Tab)
• SSH: OK
• PING: OK
• Powershell: test-netconnection 192.168.0.1 -Port 80: TcpTestSucceeded: True
• tracert: 1 hop < 1ms
• no Windows firewall rule (disabled fw)

Troubleshooting so far without success:

• added pfSense rule to allow 192.168.10.1/24 to 192.168.0.0/24 (any ports, any protocol) just to make sure really nothing is blocked
• assigned different IP to my mainPC and tested connection: not working
• used different PC in the vlan 10 (VM with 192.168.10.12 sharing my main PCs network adapter = bridged mode), here webgui works = VLAN per se ok
• compared routes of mainPC and VM: are the same
• other webGUIs on 192.168.0.1/24 are reachable from main PC (for example 192.168.0.4)
• restarted pfSense webGUI
• restarted pfSense
• restarted mainPC

Configs:

• pfSense Plus: 24.11-RELEASE (latest)
• mainPC: Windows 11, Firefox (latest)

Any advice where to look any further?

stephenw10

I assume pfSense has an interfaces in VLAN10? Can you reach the webgui on that IP? 192.168.10.1 perhaps?

The webgui listens on all IP addresses on the firewall so you should be able to reach it as long as firewall rules allow it.

Otherwise anything that might dynamically block your client would block the IP for all services.

I would run a pcap on VLAN 10 for traffic from your client IP and make sure the http requests are actually arriving.

Also why are you using http and not https?

LaUs3r

@stephenw10 , thx.
I tried now the most obvious thing and booted my PC with a live Ubuntu. Therefore I get the same IP settings from my pfSense DHCP.
With Linux I can access the webgui without problems.

This makes me assume that my win11 settings are somehow corrupt.

Before now resetting my PC or removing manually updates, would you have other suggestions?
I already disabled the firewall and AV.

netstat shows a TCP connection on 192.168.0.1 port 80 on my PC. I just have the feeling that the packages from pfSense are not handled correctly on my PC

Btw. changing to https didn't change anything.
Connection to the vlan gw does not work either (192.168.10.1)

This is what I got from the pcap:

Running packet capture:
/usr/sbin/tcpdump -ni ix0.10 -c '1000' -U -w - '((host 192.168.0.1)) and ((not vlan))'

18:13:14.921601 IP 192.168.0.1.80 > 192.168.10.3.57339: tcp 5043
18:13:24.501554 IP 192.168.10.3.57339 > 192.168.0.1.80: tcp 1
18:13:24.501651 IP 192.168.0.1.80 > 192.168.10.3.57339: tcp 0
18:13:24.501736 IP 192.168.10.3.57339 > 192.168.0.1.80: tcp 0
18:13:27.022080 IP 192.168.0.1.80 > 192.168.10.3.57206: tcp 5041
18:13:30.015909 IP 192.168.10.3.57369 > 192.168.0.1.80: tcp 0
18:13:30.016042 IP 192.168.0.1.80 > 192.168.10.3.57369: tcp 0
18:13:30.016195 IP 192.168.10.3.57369 > 192.168.0.1.80: tcp 0
18:13:30.016388 IP 192.168.10.3.57369 > 192.168.0.1.80: tcp 341
18:13:30.016405 IP 192.168.0.1.80 > 192.168.10.3.57369: tcp 0
18:13:30.098483 IP 192.168.0.1.80 > 192.168.10.3.57369: tcp 5044
18:13:31.102586 IP 192.168.0.1.80 > 192.168.10.3.57369: tcp 5044
18:13:33.346892 IP 192.168.0.1.80 > 192.168.10.3.57369: tcp 5044
18:13:34.511978 IP 192.168.10.3.57339 > 192.168.0.1.80: tcp 1
18:13:34.512073 IP 192.168.0.1.80 > 192.168.10.3.57339: tcp 0
18:13:34.512152 IP 192.168.10.3.57339 > 192.168.0.1.80: tcp 0
18:13:37.588787 IP 192.168.0.1.80 > 192.168.10.3.57369: tcp 5044
18:13:40.024986 IP 192.168.10.3.57369 > 192.168.0.1.80: tcp 1
18:13:40.025073 IP 192.168.0.1.80 > 192.168.10.3.57369: tcp 0