Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web interface unresponsive

    Scheduled Pinned Locked Moved webGUI
    20 Posts 17 Posters 48.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      anomaly0617
      last edited by

      Just some thoughts: In many cases the WebConfigurator Lockout Rules get in the way, especially for repeated inquiries to the firewall over the WAN interface.

      So, are you trying to do this over the WAN interface or the LAN interface?

      If LAN, do you have your WebConfigurator Anti-Lockout option UNchecked in System -> Advanced?
      If LAN, can you access the console via the console itself, or via SSH?

      If WAN, you might try this, which just fixed the issues for me:

      The unresponsive web interface for the backup turned out to be the WebConfigurator Lockout rule getting in my way.
      I found this by access the WebGUI on the LAN and going to Status -> System Logs -> Firewall.
      I looked at the blocked log entry coming from my source IP to the firewall's destination IP.
      I click on the Red Block symbol on the left, and it tells you what rule blocked it (@12: WebConfigurator Lockout Rule, in my case).

      To solve the issue, I removed all of my allow rules from the NAT and Rules tables allowing my external IP in to this firewall, and then I rebooted the firewall under Diagnostics -> Reboot -> Yes.

      Once the firewall rebooted, I went into the rules table, created a new rule:
      Protocol: TCP
      Source: {MyExternalSourceIP} (I used an alias)
      SourcePort: Any
      Destination: WAN Address
      DestinationPort: {MyAdminPort}
      Gateway: Any
      Queue: None
      Schedule: None

      And voila, I can access the firewall Admin port again from my remote office.

      Good luck, and I hope this helps!

      Hope this Helps!

      1 Reply Last reply Reply Quote 0
      • L
        lutech
        last edited by

        @anomaly0617 Using LAN interface,  Disable webConfigurator anti-lockout rule UNchecked. Not the same problem as you I think. This is more of a UI bug that slows the UI down. If I wait for 1-2 minutes I get a response back. Next request can be fast, and then wait antoher minute for the next. No understandable pattern. Load on the server i LOW.

        1 Reply Last reply Reply Quote 0
        • L
          linco
          last edited by

          Same problem with amd64 version on amd opteron server with 6 intel network cards igb. With 32 bit version of pfsense - no problems. What kind of network driver you have? (em, igb?). I think its network driver problem for 8.1 freebsd 64+igb.

          1 Reply Last reply Reply Quote 0
          • C
            computermad
            last edited by

            see if u hv incorrect settings on the ldap auth.
            I got mine fixed after removing the inactive ldap server entries from the user auth. setting.

            1 Reply Last reply Reply Quote 0
            • O
              oduesp
              last edited by

              Same thing here on 2.0.1-RELEASE-pfSense (amd64) on Dell R610 with:
              4 Intel and 4 Broadcom NIC (on 2 X E5620 and 8GB RAM). When the GUI became unresponsive, the SSH daemon answer and the connection gets stuck after entering the password or immediately logs me out.
              Very frustrating as it happens randomly in a time frame between 5mn to 20mn and I'm trying to create a huge amount of rules for router/firewall migration

              Edit: putting the nic in promiscuous mode dont help

              Edit2: The recover time is also random (2mn to TimeOut)

              Edit3: nothing is suspect in the logs, at least those in /var/log

              1 Reply Last reply Reply Quote 0
              • F
                fiftyheight
                last edited by

                hi
                We've got the same here, with 2.0.1 amd64 / intel gigabit + intel quad port gigabit nics (all em driver)
                In the cases, all services seems OK but webinterface no

                The jimp's workaround work, but it's a quite frustrating issue

                1 Reply Last reply Reply Quote 0
                • T
                  tozdemirel
                  last edited by

                  Hi,

                  I had the same problem with 4 bce and 2 em interfaces on HP DL380 G7 server. I also had boot messages about em interfaces like;

                  em0 Could not setup receive structures
                  

                  I fixed that issue after some workaround.

                  With my installation /boot/loader.conf file comes with that line;

                  kern.ipc.nmbclusters="0"
                  

                  I replaced that 0 with 655356 and issue solved…

                  You can get more information about that parameter and use proper value for your system.

                  1 Reply Last reply Reply Quote 0
                  • S
                    StitchTech
                    last edited by

                    I have the same issue and I can't make changes using the GUI because it's so unresponsive. I generally get a login prompt after a long wait when trying to connect but when I put in my username and password it usually comes back with a 503 - Service Not Available error. I'm a Linux newbie (but a CCNA so I know my way around a network) so I don't have a clue how to make the changes recommended in this thread by editing the config files. Any help would be greatly appreciated. I'm running a Dell T110 server with 500GB disk drive. I have three LANs along with the WAN all using the Dell bce ports on the two installed NIC cards.

                    1 Reply Last reply Reply Quote 0
                    • B
                      Bittone66
                      last edited by

                      Hello people,
                      same problem here: 2.0.2, AMD 64 on a Della 2950 server 1 Opteron dual core CPU, 8 GB ram, 2 broadcom + 4 intel Eth Adapter.
                      I'm running Squid a revrse proxy, multiple OPENVPN tunnels, FreeRADIUS 2, IPSEC VPN as server.
                      Bye

                      A.T.

                      1 Reply Last reply Reply Quote 0
                      • C
                        CDuv
                        last edited by

                        @computermad:

                        see if u hv incorrect settings on the ldap auth.
                        I got mine fixed after removing the inactive ldap server entries from the user auth. setting.

                        Also happens when there is DNS resolving issues with the LDAP(s) server(s) FQDN :

                        Sep 12 14:27:39 pfsense php: /status_services.php: ERROR! ldap_get_groups() could not bind to server MyCompany. : Can't contact LDAP server

                        One advice is to set an IP address in "Authentication Servers" config page (or to have complete faith into it's DNS server to respond).

                        1 Reply Last reply Reply Quote 0
                        • jimpJ
                          jimp Rebel Alliance Developer Netgate
                          last edited by

                          @CDuv:

                          One advice is to set an IP address in "Authentication Servers" config page (or to have complete faith into it's DNS server to respond).

                          That would work with plain LDAP, but with LDAP+SSL, a hostname is required (and it must match the hostname of the LDAP server's certificate CN also)

                          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                          Need help fast? Netgate Global Support!

                          Do not Chat/PM for help!

                          1 Reply Last reply Reply Quote 0
                          • T
                            turbo
                            last edited by

                            Thought I bring this old post up as it happens still with 2.2.5 i386. After initial start the system runs just fine for weeks/a few month. Traffic is still going as supposed. Happened a lot lately and I fixed every time with a "cold start". Now I know a smoother way.

                            I was used to have the system running without a keyboard. Wanted to edit some rules and no response. Searched and found this thread. Attached a keyboard, and entered from jimp mentioned commands into the shell.

                            killall -9 php
                            killall -9 lighttpd
                            /etc/rc.restart_webgui
                            

                            or just enter Option 11 (Restart webconfigurator)

                            Problem solved.  :D
                            Guess have to keep the keyboard attached now.  :(

                            1 Reply Last reply Reply Quote 0
                            • H
                              hollister
                              last edited by

                              Still seems an issue with 2.3.2-RELEASE (amd64)
                              built on Tue Jul 19 12:44:43 CDT 2016
                              FreeBSD 10.3-RELEASE-p3
                              Webgui not really responsive, I can wait up to 1min just to get the login screen and then things work.
                              Hardware APU or AMD G-T40E Processor

                              1 Reply Last reply Reply Quote 0
                              • A
                                alexjensen
                                last edited by

                                I'm not sure if this is related to your issue but I was having trouble with php-fpm / web console crashes a few weeks back while running on 2.3.2, I also read somewhere that people on 2.3.1 were having similar problems.

                                If you're using them, try removing the IPSec and/or OpenVPN widgets from the web console home page.

                                I don't know which widget was causing the problem for me but I haven't had any issues for almost 3 weeks now, previously was having an incident (web console crashing and dial in OpenVPN connections breaking and 1 incident of IPSec VPN becoming unresponsive) weekly.

                                1 Reply Last reply Reply Quote 0
                                • H
                                  hollister
                                  last edited by

                                  I only have the following widgets:
                                  System Information, Interfaces, Services Status, NTP Status, Installed packages, Thermal Sensors
                                  For now I removed Installed packages
                                  will see if there is any improvment on the next logon

                                  1 Reply Last reply Reply Quote 0
                                  • T
                                    tonymorella
                                    last edited by

                                    @hollister:

                                    I only have the following widgets:
                                    System Information, Interfaces, Services Status, NTP Status, Installed packages, Thermal Sensors
                                    For now I removed Installed packages
                                    will see if there is any improvment on the next logon

                                    If you are using a PC engines board disable hardware TCP Seg and large receive offloading and see if this helps. I noticed a huge difference.

                                    1 Reply Last reply Reply Quote 0
                                    • M
                                      MatthewH
                                      last edited by

                                      This morning the web GUI wouldn't load. I'm running 2.3.2. Tried it in IE & Chrome on 2 computers in different subnets with same result. Tried using IP address & FQDN, same result. I got a warning about an invalid https certificate, which I shouldn't & don't usually get, and when I told the browser to proceed anyway it just sat trying to load. There were no messages on the console since when I successfully logged in yesterday.

                                      Console options 16, then 11 fixed it.

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.