Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web interface malfunctioning after upgrade.

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    4 Posts 4 Posters 867 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      A_Kuiken
      last edited by

      All,

      I updated yesterday my 2.2.6 release to 2.3.1-p5.
      After I did that I also added 2 new interfaces (via VSphere).

      When I rebooted the FW it all come up online as expected, with everything working and it was showing up an em4 and em5 interface (my 2 new ones).
      But the problem started when I tried to add the interfaces to assigned interfaces, the interface showed up, but when i reloaded the page it was gone.|

      Then I added them via CLI and also assigned IP via CLI. They are up and connected now. I can ping the subnets. But when I try to add any rule (also on any other interface), it "saves" without any change. So my rules do not shown up.

      Update 23-06 14:15: Just found out that the entire web interface is unresponsive. Every page loads but none of the options i change are saved.
      Please help me how to debug this.

      Update 23-06 14:20: Just found out that the issue occurs only with the LDAP users. When I use a local user everything works fine.
      The LDAP user group is also configured in the PFsense with all rights. (Worked before upgrade).

      Anyone got any idea?

      Kind Regards,

      Arjan

      1 Reply Last reply Reply Quote 0
      • T Offline
        tarakesh
        last edited by

        You have added the right "User - Config: Deny Config Write"
        Please remove that right from the Group and you will be able to change the config

        2.4.1-RELEASE (amd64) on Intel D2500CCE Board Intel Atom D2500 DC @1.86GHz, 2GB RAM, 64GB Transcend SSD370
        Internet Connection: UnityMedia 200Mbit/10Mbit Cable

        1 Reply Last reply Reply Quote 0
        • N Offline
          naex
          last edited by

          Thanks for the information, this was driving me crazy. I find this option a little strange since I can still apply system patches, edit the config file manually, and grant/remove that privilege to any user.

          1 Reply Last reply Reply Quote 0
          • P Offline
            phil.davis
            last edited by

            @naex:

            Thanks for the information, this was driving me crazy. I find this option a little strange since I can still apply system patches, edit the config file manually, and grant/remove that privilege to any user.

            There are multiple ways in to the system. Some of the Diagnostics menu options effectively give you all privilege - Edit File and Command Prompts come to mind. If someone has either of those then they can effectively do anything they like, editing config.xml to make a user with all privs, or execute any command they like.
            Similarly with system patches, a user with access to that can make whatever patch they like to the code and apply it. So that is another option that is effectively "all privs".

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.