Disable pfSense or find password
-
Starting off by saying I have limited knowledge of anything electronic. My 16 year old daughter will know more than I do and this is all way over both of our heads. My husband used PF Sense however we don't know the password and it appears that he has this set up as our firewall and then other routers attached to it. We are struck, we can't get anything new online and we don't want to loose anything off of the what it looks like 6 computers in the basement attached to it. It is all of our movies memories etc. He passed away suddenly so we are really in a bind. Any suggestions or help to not loose all our stuff would be appreciated.
-
You won't lose anything on the other computers by turning of the pfSense box and turning it on again. See if that gets you back online again.
The only concern is that the pfSense box may not restart properly. Have you had any power failures recently?
-
no power failure, but if I turn it off and can't log back in how do we get other devices added to the internet. We know the WIFI password but the PFSense blocks it from accessing. He had it set up that he had to add any devises to be allowed to have access.
-
The admin password for WebGUI can be reset from the console via option 3.
If the console is password-protected, then any remedies would be very technical and not likely something you would be able to do. If nobody else has anything that helps, contact Netgate Support and they might have a suggestion. I certainly don't know how to bypass those passwords easily, and they wouldn't be very effective otherwise.
Your other devices are unaffected by the firewall status other than Internet connectivity, so there is nothing to lose.
Was this all working before? When did it stop working? Is there anything on the console screen?
I see from his profile that he had been active here since 2016. Please accept my sincere condolences from his passing.
-
Is there a monitor attached to the pfSense box or can you attach one? Keyboard as well.
If so, do you see something like this when you hit Enter?
This is the console that KOM mentioned.
My condolences as well.
-
Hi, this is the daughter.
We are all online, but we purchased a new laptop and cannot get it online due to PFSense. There's been no recent power outages, but I know that he has a IP address whitelist either in the router settings or in PFsense itself (I don't know how this works.) so I can't put anything new on the wifi, unfortunately.
Here's what I know:
We have two routers, I know that we somehow have two internet connections? One is our non VPN connection, and one is our VPN connection through Private Internet Access. (Although, I'm finding things on his computers for OpenVPN too, so I'm not sure.)
I don't know what the PFSense box is. I know it can be on routers, but I don't know exactly how to "plug it in" and find out. It is password protected, and I've tried everything in the book to try to guess what he may have put it as.
I'm not worried about the memories - we have a server and it's completely disconnected from this, and it does cloud backups which I think is what my mom thought the internet would screw up. Luckily, we are all okay on that front.
My dad was a hobbyist when it came to internet security, and from his notes I've basically have found that he did this all for "fun." I'm way in over my head when it comes to cracking the puzzle though! :D
-
Sorry to hear about your father/husband.. Lost my dad this year and that is tough. We knew it could come and still..
Do this. Go to your start window. Push the "windows" key on your keyboard (Im assuming your using windows.)
Its usually the third key on the bottom from the left.
Type CMD
When the black window comes up type "ipconfig /all
Look at ipv4 address. Share it here. Be patient.
What region are you in?
-
@bigjess007 said in Disable pfSense or find password:
Hi, this is the daughter.
So sorry for your loss... :(
We are all online, but we purchased a new laptop and cannot get it online due to PFSense. There's been no recent power outages, but I know that he has a IP address whitelist either in the router settings or in PFsense itself (I don't know how this works.) so I can't put anything new on the wifi, unfortunately.
It sounds like he used MAC filtering on one or all wireless routers/access points. That's where devices are only allowed on the wireless by the unique network ID (the MAC address) that each device's network card carries. You would need to have the router's Management ID/PW in order to change that. That is different from the WiFi's name/PW. You may be able to download a manufacturer's manual and learn how to reset the router to defaults and set it up again. Normal consumer routers usually have a reset button on the back that you hold in and power on. If you were to hardwire the laptop rather than wifi it, it would probably work right away.
Here's what I know:
We have two routers, I know that we somehow have two internet connections? One is our non VPN connection, and one is our VPN connection through Private Internet Access. (Although, I'm finding things on his computers for OpenVPN too, so I'm not sure.)
I don't know what the PFSense box is.
WHAT it is is a firewall. WHERE it is would be the first device inside after the modem. It may help if you could describe what devices are where in your network (we already know that the PCs and phones are at the end).
I know it can be on routers, but I don't know exactly how to "plug it in" and find out. It is password protected, and I've tried everything in the book to try to guess what he may have put it as.
I'm not worried about the memories - we have a server and it's completely disconnected from this, and it does cloud backups which I think is what my mom thought the internet would screw up. Luckily, we are all okay on that front.
My dad was a hobbyist when it came to internet security, and from his notes I've basically have found that he did this all for "fun." I'm way in over my head when it comes to cracking the puzzle though! :D
-
@provels I tried plugging an ethernet cord into the port we have in the wall and plugging it into the new computer, and it didn't work - although I don't know what router that goes into.
Our modem is ARRIS TM822, and one of our routers is a D-LINK DGS 1024A (which I'm pretty sure isn't even a router?), and a RT-AC68U. My dad has one main computer that he uses, it's like his "screw around on Reddit computer" and then another computer that he remotes into (which I know the password and username to, and have been accessing it periodically) that is where any router info I have found is.
The biggest issue is finding what goes to what, right now. My dad's "office" overtook the entire basement, so there is everything from CAT 6 wires to extension cords intricately hooked to our unfinished basement ceiling, and drilled through the wall to reach the other side. Every computer that I've found I attempt to plug a monitor and keyboard/mouse into, and they are either blank (black screen but the LCD is clearly on) one showing a bootloader (but I couldn't do anything) and the other one just simply showing military time in the middle, with the rest of the screen being black. We also have a home-ade wifi booster, that connects to the RT-AC68U.
Regarding the mac whitelist, I found a document he made called "Router Current" that shows some website called "dd-wrt" and the web address of 192.168.10.1, but whenever I type that in, it just pulls up PFSense. The login that he has for that doesn't work for the PFsense login page.
-
@bigjess007 said in Disable pfSense or find password:
D-LINK DGS 1024A and Asus RT-AC68U
You're right, the D-LINK DGS 1024A is a switch (just a wired distribution device), not a router. The Asus RT-AC68U is indeed a router which is probably your only wireless access and I would suspect where the laptop is being blocked.
Gee, this guy could be my doppelganger. I suspect he may have installed the DD-WRT router operating system on the Asus router. Login for DD-WRT is normally ' root ' with a password. But pfSense's normal login for the web page is 'admin ' . If you have the DD-WRT 'root' password from the doc, try using it with the 'admin' user ID at the pfSense login page. If he was like me, he had a super-secret master PW that he used repeatedly for administration accounts.
Another test you could do with the laptop would be to plug it directly into one of the the Asus' routers ports (or the D-Link) and see if you get Internet. If you do, I suspect the router's wireless is what is blocking the lappy and not pfSense.
But none of this really tells us where pfSense is. Where does the network jack coming from the Arris modem go? Can you trace the wires or do they just go to a wall jack?
-
After a late night of ladder climbing I think I've traced them. I just want to preface, we have an unfinished basement.
The modem is by our basement door, a red wire comes out of it, and traces along the ceiling to this area where black plastic is for some reason stapled to the rafters, and comes out and plugs into a "IN" port on a powerstrip. Then, one wire comes from the out and plugs into our server, and another one into the D-LINK. These powerstrips are by belkin, if that helps at all - but there's way too much plugged into them for me to try to see what kind they are.
A few wires come out of the D-LINK and trace to the Asus Router.
I know the DD-WRT login/pass as it's in the doc (luckily) but I tried doing that with PFSense and it's password denied.
I did also find this router (the label was peeling off and I can't read it's exact type besides the fact it says linksys) that was plastered in T Mobile logos. I know my Dad set up a separate network to put my friends on (lord only knows why) and I unplugged it and nothing happened, so I have to assume that's what it was.
There's also something called PRTG on his computer, but it won't send the OTP to the email for me to password reset so I have limited access.
Am I way in over my head? I'd love to have a crash course of Intro To Comp Sci - believe me, but I'm wondering if it's just better to just reset and rebegin.
If you want me to take pictures of anything, let me know.
-
-
If you can get to your pfsense router then try the defaults
user= admin
pass= pfsense
Do you know what hardware your pfsense router is running on?
-
We don't know that AFAIK. But from that screen shot and the fact the first device after the modem is a server I suggest it may be running in virtual box on the server.
If that is the case the pfSense console would be accessed through virtual box there.Steve
-
@stephenw10 @chpalmer
There is a desktop icon for Oracle VM Virtualbox.
Here's what I found when I clicked it. We use PBX for our home phone, so I have to assume that's what all this is?I can plug a monitor into the server, I'll do that and see what I can find.
https://imgur.com/a/vkJqEYF
-
Hmm, OK well no VMs powered on there so it can't be in VirtualBox (even if it was misnamed) assuming you can still hit the pfSense login screen.
If the 'server' is the first connected there though perhaps it has some other virtualisation platform running there? VMWare workstation perhaps? Or maybe what you're connecting to as the 'server' is actually another VM inside some hypersisor running on the hardware? Though running VirtualBox inside a VM makes little sense....Maybe if we could see photos of exactly how this is wired we might be able to make better suggestions.
Steve
-
it can be under another user, if it launch it at boot it coul be under root user launched with --type headless
ps aux on a terminal would clarify this, if it's a linux machine, can't say from the photo -
@bigjess007 said in Disable pfSense or find password:
I can plug a monitor into the server, I'll do that and see what I can find.
Post a photo of what's displayed. If it's the pfSense console you're in business - at least as far as resetting the password is concerned.
BTW, If there are just a lot of messages on the screen you may have to hit enter to bring up the pfSense console menu.
If it's not the pfSense console, the photo will help.
-
Great news! I have password reset pfSense! I found a computer behind another computer, and after plugging a monitor into it I was able to access the password reset thingy.
Bad news:
Something in my unplugging - replugging of different computers has messed up the one computer that my dad remoted into (that had PRTG, and a bunch of other things) and now it's not letting me remote into it anymore.
Does DD-WRT tie into pFsense? Can't I just get rid of DD-WRT? Can I do that without that computer? Everytime I see him adding things to the whitelist it's always in DD-WRT, but I don't know how to get to that from here.
-
DD-WRT is almost certainly running on the Asus RT-AC68U and could be where your dad whitelisted computers to connect to the WiFi.
Are you saying that the PRTG+ computer was how your dad got to DD-WRT?
EDIT:
Well done on the pfSense password reset.
When you say " . . . in my unplugging - replugging . . . ", did you disconnect/reconnect the power from one of the computers or just a LAN cable? Removing a monitor or keyboard shouldn't have harmed anything.
If it was the power, it may be that computer didn't automatically start up again. Some have a setting that lets you choose what to do when power is returned. It could also be corrupted as a result of not being shut down properly.
-
@bigjess007 Here's what we can try to find the IP address of the Asus wireless router. Look at the label on the Asus and write down the MAC address if it's there (it will be in hex format, looking something similar to 00-15-5d-00-14-30 or 00:15:5d:00:14:30).
Then open up a command window like you did to get the IP address info you earlier posted to Imgur. This can be done on any connected computer. We know the Virtualbox computer is 192.168.10.111, so hopefully the rest of the network is also 192.168.10.xxx.
Type
ping 192.168.10.255
and hit enter. It will ping 4 times and end.Then type
arp -a
and hit enter. It should return the IP and MAC addresses of all network connected devices.Match up the MAC address of the Asus to the display and note the IP address associated with it. For example, the first entry in mine is my PF and the second and third are my 2 wireless access points.
Then open a browser and try to connect to either
http://<the Asus IP address>
or
https://<the Asus IP address>
If we're lucky you'll see a login prompt somewhat like this. If the fields are pre-filled, hit Sign In or try the DD-WRT login info you have. Fingers crossed. If you can't determine which MAC belongs to the Asus, post a screen cap like you did earlier and maybe we can muddle through. :)
-
Wonder how this all turned out.
-
Yeah. Tough situation. Hope they were able to get everything under control.
Steve
-
@stephenw10 Maybe I should doc my network for my heirs? Nah. They'll just recycle it anyway. LOL
-
I mean I'm not sure I'd want to burden anyone with a lot of the obsolete junk I have.
Makes you think though....
Steve
-
@stephenw10 Don't get me started. I'll just leave instructions to hit everything with a hammer. Let me tell you about My Everex Cube, circa 1992, Full-house, 64MB RAM, 2! 2GB SCSI drives and SCSI CD, 486DX2-66 upgrade!, $10,000 new... Hey, where ya going...? LOL