Changed to http and now locked out of webgui



  • Hello all, just recently upgraded to 2.3.3 AND I changed from HTTPS to HTTP and now I'm locked out.  Page just times out no error.  I can still access the console and searching around a found a number of people that had this issue and I tried the various "fixes" to no avail (option #3 to change the webconfig password does change the password to default pfsense but it doesn't prompt to change from http to https, etc…).  #2 does reset the IP and says that it's at HTTP: but still nada.  Tried what i found about this on doc.pfsense.org but still nothing) At this point I'm almost thinking of doing a reinstall (even if I would hate doing that).

    Thank you for your assistance ahead of time.

    EDIT:  After a few restarts I get this message just before it loads the console menu (the *** Welcome to pfSense 2.3.3-... message).

    Enter an Option: 518.729637 [12330] netmap_mem_global_config reconfiguring

    Googling around didn't get me much but there were a few things that seem to point to Suricata (which I thought was installed but turned off).  I just don't know how to turn that off/uninstall from the shell.



  • Hi I had a similar issue today I changed the cert being using for HTTPS web access and I was not unable to connect all my browsers refused to connect due to the bad cert I was able to fix this by editing the config.xml to HTTP and port 80

    Login with SSH select option 8
    switch to directory /conf
    edit the config.xml file by typing ee config.xml

    Scroll down a bit and find the following XML code

     <protocol>https</protocol>
                            <loginautocomplete></loginautocomplete>
                            <ssl-certref>/ssl-certref>
                            <dashboardcolumns>3</dashboardcolumns>
                            <port>443</port></ssl-certref> 
    

    I just edited it to say http and port 80 then I rebooted it and I was able to access it something to note with yours you have changed from HTTPS to HTTP have you tried just going to http://192.168.1.1:80


  • Banned

    Also, do NOT use hostname when you switch HTTPS to HTTP.



  • So I ended up doing a reset to defaults, going through the initial setup and it's back up and running.  Just did the basics to get things going and the webui is up and internet is kinda up.  Traffic coming through either wired connections (various PC's, devices like Roku, etc…) and wireless connections (laptops and cell phones) are spotty.  For example on PC's I am getting seemingly random connectivity.  On PC's it get the following:

    This site can’t be reached
    website took too long to respond.
    ERR_CONNECTION_TIMED_OUT

    I would have to say that I get that about 60 to 80% of websites that I normally visit on a daily basis.  On cellphones it just typically times out and on devices it just will not connect.  I've tried a number of laptops, PC's and devices (ex: if I switch to Cellular and visit the websites giving errors they come up right away and connection testing websites say the site is up for everyone).

    At this point i'm a bit confused I'm not sure WTF is going on.


  • Banned

    Erm, I think there's something seriously wrong with your network/hardware/ISP if you get connection timeouts on 60-80% of websites you visit.



  • I wanted to wait a few days to make sure I did enough testing to feel fairly comfortable.  @doktornotor That thought had crossed my mind but I have always had some sporadic connection issues (to websites where someone would get the the ERR_CONNECTION_TIMED_OUT error).  But to try to eliminate things I removed my Pi-Hole VM, my Kujo security appliance, a few consumer grade non-managed switches with decent quality HP/Dell managed switches, my consumer AP's and replaced them with rock solid Adtran BSAP-1920's.  But I would still get the sporadic connection issues.  Hell I even shut down my Guacamole VM just to be sure.

    But with this latest problem I wanted to remove pfSense and I realized I still had some VM's from when I was testing various firewalls/UTM software.  I knew for sure that Sophos UTM 9 and OPNsense were functioning.  So I powered down the pfSense VM and fired up both the VMs (testing one at a time) and my connections came back (tested for about and hour).  I then powered down the other VM and powered up pfSense and back to the connection issues.  So for this past two days I've been running on Sophos UTM and everything has been just fine.  Not one single connection time out issue.  I even have my pi-hole and Cujo connected and no issues.

    So I'm not sure what the hell I did with pfSense (since I don't make many changes) but something I changed/checked seemed to have hosed my config.  At this point when I get back from Portland I'll have time to reinstall pfSense and start all over.  going forward I will make sure I take detailed backups whenever I make a change.