unable to log into web GUI in Chrome browser



  • Hi all,

    It's 2.4.4 on Netgate SG-3100 and I've experienced it on 2 devices already.
    I'm at the very early stages of initial set up and running web GUI on http port 78.
    I'm stuck on the login screen with no info being produced there after I type valid admin username and password.
    On the console I can see the following:

    /index.php: Successful login for user 'admin' from: 192.168.1.2 (Local Database)

    sockstat -4L | grep nginx
    root nginx 33271 6 tcp4 *:78 :
    root nginx 33161 6 tcp4 *:78 :
    root nginx 33161 10 tcp4 192.168.1.1:78 192.168.1.2:49825
    root nginx 33161 11 tcp4 192.168.1.1:78 192.168.1.2:49826
    root nginx 33060 6 tcp4 *:78 :

    pfctl -ss | grep 78
    mvneta1 tcp 192.168.1.1:78 <- 192.168.1.2:49821 FIN_WAIT_2:FIN_WAIT_2
    mvneta1 tcp 192.168.1.1:78 <- 192.168.1.2:49822 FIN_WAIT_2:FIN_WAIT_2
    mvneta1 tcp 192.168.1.1:78 <- 192.168.1.2:49825 ESTABLISHED:ESTABLISHED
    mvneta1 tcp 192.168.1.1:78 <- 192.168.1.2:49826 ESTABLISHED:ESTABLISHED

    Executing 16) Restart PHP-FPM doesn't solve it (tried multiple times).
    I've also tried restarting nginx (service nginx onerestart) followed by restarting php-fm and a full firewall reboot and still no joy.
    I can log in fine in Safari and Firefox.
    Restarting the OS of the machine I'm accessing from seem to have fixed it for Chrome too.
    So far I've experienced it in:
    Chrome 70.0.3538.77 on MacOS High Sierra
    Chrome 70.0.3538.102 on Ubuntu 16

    What's the nature of this bug?
    Is it on pfSense or (more likely) Chrome side?
    Any chance it will get fixed soon?

    Regards,
    Adam



  • Hi,

    You're pretty close to a prove of concept that the issue isn't pfSense, but Chrome.
    Chrome's bug fixes or other issues are not known on this forum - see Chrome's support forum.

    I do think that flushing Chrome's cache will help you with this issue.

    edit : btw : most routers and firewall use port 80 for an initial contact with it's admin. Then, port "80" is de activated and the communication takes place on 443 - or "https".
    No need to change the "listening port" and Chrome will be happy.
    If you are in a "hostile" environment, use LAN only for admin jobs, and activate other OPTx interface for your users - and lock down any access to pfSense web server ports (80 and 443).