cannot access pfsense 2.6.0 web interface
-
Hello everyone please I need your help for two weeks impossible to access the web interface of pfsense 2.6.0, sometimes if I manage to have access the internet connection is automatically cut on all my devices
-
How are you trying to access it exactly?
What happens when you do? Do you see an error?
Is this a new install or something that started when you upgraded to 2.6?
Steve
-
@stephenw10 this is a new install
when i type ip address 192.168.2.1 it only searches but nothing happens -
@ben1-0 said in cannot access pfsense 2.6.0 web interface:
Hello everyone please I need your help for two weeks impossible to access the web interface of pfsense 2.6.0, sometimes if I manage to have access the internet connection is automatically cut on all my devices
It sounds like you have address conflicts between pfSense and something else, like your modem. What devices do you have? How are they connected? What addresses have you assigned to them?
-
@ben1-0 same problem here, i have two boxes updated to 2.6.0 and same problem, but Web interface works then stops working. this is ever since updating to 2.6.0. this horrible. so many problems!
-
have you tried clearing your cache and cookies or private mode
-
@bpsdtzpw Not a IP Conflict, nothing is using the IP of the Firewall. SSH still works when Gui doesn't if its a IP conflict the firewall itself would not respond to SSH, ICMP Pings.
-
Using console or SSH, can you :
curl IP:80
where IP is the IPv4 of your WAN interface ?I saw :
<html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>Which means that nginx is answering, and telling us it was moved (to 443, using https).
The important thing is : the web server is up and running. -
@gertjan You will not see Nginx listening on WAN and that is not a good thing, that shows the web gui exposed to the Public, Hitting the WAN on my connection shows a 503, the Gui is completely unresponsive so does not query nothing.
-
If you test from an internal IP the webgui will respond on the WAN address. As long as rules allow it. And that doesn't mean it's exposed externally.
If you do test externally and do not have rules to allow it you should not see any response at all. A 503 response is coming from somewhere.
Steve
-
@stephenw10 Yeah WAN has a rule for Haproxy but not a Rule for Web Gui, when hitting my IP it hits the Haproxy with a error 503, I have tested this outside the network, but its finding what is causing the Web Gui to crash.
-
@violetdragon said in cannot access pfsense 2.6.0 web interface:
You will not see Nginx listening on WAN and that is not a good thing,
?
My WAN interface and IP :
and thus not a good thing ?
My WAN firewall rules :
I have no floating rules.
Error 503 means "No service".
The nginx server logs will tell you why. Go to /var/log/ and you'll find nginx.log.Open a second console access.
In the first :
tail -f /var/log/nginx.log
In the second, use option 11
Look in the first console for indications. -
@gertjan Only thing in the error.log under /var/log/nginx is from 2020,
2020/07/31 12:48:14 [crit] 4493#100471: *102827 SSL_write() failed (13: Permission denied) while processing HTTP/2 connection, client: 192.168.1.9, server: 0.0.0.0:4430 2020/08/26 15:32:03 [crit] 8968#100454: *25803 SSL_write() failed (13: Permission denied) while processing HTTP/2 connection, client: 192.168.1.9, server: 0.0.0.0:10443 2020/09/08 04:19:59 [error] 4127#100429: *20842 upstream timed out (60: Operation timed out) while reading response header from upstream, client: 192.168.1.9, server: , request: "POST /acme/acme_certificates.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "violetdragon.ddns.net:10443", referrer: "https://violetdragon.ddns.net:10443/acme/acme_certificates.php"