[SOLVED] No access to webGUI on fresh install
-
I had skimmed over your question for the arps tell 0.0.0.0 I mentioned which you have a lot of in that sniff.
Since no answers.. Client is resorting to asking anybody out there - hey router/switches do you know this IP… what is its mac??
So you did a mac spoof on pfsense, or you changed the mac on your machine? You could reverse your nics as quick fix.. So you put the mac on the other L2, this would allow you to get to your LAN and the web gui from your machine. And your ISP would most likely give you the IP your machine was getting before if connected to the modem, etc.
But yeah in the long term I would correct that.. Another quick fix if the original mac was lost - is just change it to something else that you don't have a duplicate of ;)
-
Yes, I changed mac on pfSense. Was thinking that my ISP might want it, because I was not getting to internet… but that's another question)
Hm, I don't know how to reverse them, lost that mac already. I guess anything but duplicate will be okay)
Changed it with
ifconfig re1 ether 00:23:ad:32:71:2b(made it up)
Is this proper way?And… dhcp seems working finally! But still can't access!
Will check further and post... disabled proxy already. -
…
Changed it withifconfig re1 ether 00:23:ad:32:71:2b(made it up)
As long as it isn't a duplicate of something that lives in the neighborhood.
-
Well I see arp back in that pcap, and see you send syn to 192.168.1.1 on that mac… But there is no answer. Do you have pfsense listening on 443 for the gui? Did you turn off the anti lockout rules?
Why would you not atleast use the correct vendor part of the mac? You have it setup for Xmark Corporation?
Your other nic shows fc:aa:14 which lists GIGA-BYTE TECHNOLOGY CO.,LTD
-
Well I see arp back in that pcap, and see you send syn to 192.168.1.1 on that mac… But there is no answer. Do you have pfsense listening on 443 for the gui? Did you turn off the anti lockout rules?
Why would you not atleast use the correct vendor part of the mac? You have it setup for Xmark Corporation?
Your other nic shows fc:aa:14 which lists GIGA-BYTE TECHNOLOGY CO.,LTD
I reverted it to http now just to try. Attaching sockstat & netstat. No, I didn't turn them off. They must be default. I Tried to explicitly turn off the firewall (forgot that exact command), no luck.
Should I care about that mac, like at all? I like how Xmark sounds) If only it all worked…
-
well from your sockstat your listening on 80.. So is it working on 80… Do you see mac in your arp on client... Do you get an arp reply back.. when you send syn to 80 do you get syn ack back?
Maybe that nic doesn't like other mac... Put it mac back, or get another nic.. You didn't mess with the wan nic right... Well then reverse them and see if you can get the gui..
But to restate Derelict comments.. Realtek nics do pretty much suck ;)
-
The MAC address on an interface in pfSense is set permanently in Interfaces > INTERFACE_NAME.
-
well from your sockstat your listening on 80.. So is it working on 80… Do you see mac in your arp on client... Do you get an arp reply back.. when you send syn to 80 do you get syn ack back?
Maybe that nic doesn't like other mac... Put it mac back, or get another nic.. You didn't mess with the wan nic right... Well then reverse them and see if you can get the gui..
But to restate Derelict comments.. Realtek nics do pretty much suck ;)
It was indeed that!
I've just changed to hardware mac and it finally works now!
Now I'm on my next problem, haha. And it looks very confusing…
But I'm getting to webGUI and even internet works... kind of.
Thank you very much!The MAC address on an interface in pfSense is set permanently in Interfaces > INTERFACE_NAME.
It was very useful advice when I was not able to get to webGUI, thanks.
-
….and even internet works... kind of.
Oh. Let me guess … the quad-8 problem ?
Anyway, glad things worked out.
-
….and even internet works... kind of.
Oh. Let me guess … the quad-8 problem ?
Anyway, glad things worked out.
Never heard… this https://forum.pfsense.org/index.php?topic=145038.0
Thanks, closing this as solved.
