Not able to access webgui after changing https port
-
Hi,
I was reading the PfSense book and deciding to follow the advice on changing webgui port. I changed to webgui https port to 5501 and the system came op with the message "redirecting in 10 seconds…" but nothing happend.
Afterwards I wasn't able to connect to the webgui, and I tried a reboot, but still nothing. When i type in https://192.168.1.1:5501 it immidely shows me the standard FireFox connection error:
The connection was reset
The connection to the server was reset while the page was loading.
* The site could be temporarily unavailable or too busy. Try again in a few
moments.* If you are unable to load any pages, check your computer's network
connection.* If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.I tried all sorts of combinations also the ones mentioned in the book (https://192.168.1.1:80 http://192.168.1.1:443) but without any luck. Anyone been through the same problem?
It's kind of embarrassing but my usual pc used to connect to the Soekris through serial modem isn't working and I haven't enabled ssh in the webgui :'(
-
I forgot to mention that when I try accessing the webgui with this URL:
http://192.168.1.1:5501
I get this message:
SSH-2.0-OpenSSH_5.1p1 Debian-5
Not sure if its any help…
-
Well it seems that I was a bit lucky. I found a old computer with a serial port, I was able to connect and select option number 2, so that I could reset the LAN interface, i selected the new ip address (192.168.1.1) and the new subnet (24) and then selected yes to run a dhcp server on the interface and run webgui on the http protocol. After a restart of the PfSense and the client iam stille not able to connect, now iam getting a timeout on http://192.168.1.1, are there any workarounds I may be able to use? Have have enabled ssh login now.
-
A little more research showed that the webgui apparently still are listening on port 5501?
netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 xxx.80 xxx.2236 ESTABLISHED
tcp4 0 0 192.168.1.1.22 192.168.1.200.43280 ESTABLISHED
tcp4 0 0 192.168.1.1.22 192.168.1.200.43279 FIN_WAIT_2
tcp4 0 0 *.8000 . LISTEN
tcp6 0 0 *.53 . LISTEN
tcp4 0 0 *.53 . LISTEN
tcp4 0 0 *.5501 . LISTEN
tcp4 0 0 127.0.0.1.8023 . LISTEN
tcp4 0 0 127.0.0.1.8022 . LISTEN
tcp4 0 0 127.0.0.1.8021 . LISTEN
tcp4 0 0 127.0.0.1.19014 . LISTEN
tcp4 0 0 127.0.0.1.19013 . LISTEN
tcp4 0 0 127.0.0.1.19012 . LISTEN
tcp4 0 0 127.0.0.1.19011 . LISTEN
tcp4 0 0 127.0.0.1.19010 . LISTEN
tcp4 0 0 127.0.0.1.19009 . LISTEN
tcp4 0 0 127.0.0.1.19008 . LISTEN
tcp4 0 0 127.0.0.1.19007 . LISTEN
tcp4 0 0 127.0.0.1.19006 . LISTEN
tcp4 0 0 127.0.0.1.19005 . LISTEN
tcp4 0 0 127.0.0.1.19004 . LISTEN
tcp4 0 0 127.0.0.1.19003 . LISTEN
tcp4 0 0 127.0.0.1.19002 . LISTEN
tcp4 0 0 127.0.0.1.19001 . LISTEN
tcp4 0 0 127.0.0.1.19000 . LISTEN
tcp4 0 0 *.22 . LISTEN
tcp6 0 0 *.22 . LISTEN
udp4 0 0 *.67 .
udp6 0 0 *.53 .
udp4 0 0 *.53 .
udp4 0 0 xxx.6884 xxx.123
udp4 0 0 xxx.19489 xxx.123
udp4 0 0 xxx.45722 xxx.123
icm4 0 0 . . -
I think I found the problem after looking at the /conf/config.xml file, my webgui section look like this:
<webgui><protocol>https</protocol>
<port>5501</port>
<certificate><private-key></private-key></certificate></webgui>This is when I have enabled https and changed the port to 5501, I think it looks wrong since there is no certificate and maybe thats why it's not working.
I works if I modify the section into this:
<webgui><protocol>http</protocol>
<port>80</port>
<certificate><private-key></private-key></certificate></webgui>Obviously my webgui now dosen't allow connections on the https protocol but it works with http, still not sure if I have made something wrong or discovered a bug…
-
did you allow access to that port =?
are you sure that the firewall isn't blocking the traffic?
look at /var/log/filter.logand did you generate the ssl certificate?
-
I have similar problem but I wasn't changing the port. I was changing SSL certificat and now I can't access webgui. I have SSH enable so I checked lighttpd but it doesn't look like it is running:
[root@pfsense.local]/root(5): sockstat | grep lighttpd
[1.2.3-RELEASE]/var/log/lighttpd.log has million ^@^@^@^@^@^@^@^@^@^@^@^@^@^
and I don't see anything usual is system.log … except those ^@^@^@^@^ at the end. Is it normal?I'm running nanoBSD 1.2.3 on ALIX embedded.
I did reboot but still no go
Any suggestions?
Thanks
nozyczek -
OK, I found sicky at http://forum.pfsense.org/index.php/topic,3079.0.html and it helped. I don't know to apply SSL to make it work. And if someone could please explain those @@@@ in my logs? Is it normal?
Thanks -
i have it too so i guess its ok:)
-
The bits in the log are explained here:
http://doc.pfsense.org/index.php/Why_can%27t_I_view_view_log_files_with_cat/grep/etc%3F_%28clog%29
-
Jimp,
I had no idea that something like clog existed. At first I thought that my CF was corrupted. Thanks for point to that link.
