Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    nTopNG not working with HTTPS

    Traffic Monitoring
    2
    5
    199
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      frostyw
      last edited by

      After installing nTopNG on pfSense+ 24.11, I am unable to connect to the service. Although it claims to track the system setting for HTTP/HTTPS connectivity, and my gateway is set for HTTPS, port 3000 is responding with HTTP and re-directing to HTTPS on the same port, which fails.

      Screenshot from 2024-12-04 19-46-54.png

      I can see in the ntopng.conf file, that it is set for http-port=0 and https-port=[my IP]:3000. So could this be a regression in the version of nT used by pfSense?

      --http-port=0
--https-port=172.16.1.1:3001,2001:xxx:xxxx:1::1:3001
      F dennypageD 2 Replies Last reply Reply Quote 0
      • F
        frostyw @frostyw
        last edited by

        @frostyw ntopng.pcap

        1 Reply Last reply Reply Quote 0
        • dennypageD
          dennypage @frostyw
          last edited by

          @frostyw said in nTopNG not working with HTTPS:

          After installing nTopNG on pfSense+ 24.11, I am unable to connect to the service. Although it claims to track the system setting for HTTP/HTTPS connectivity, and my gateway is set for HTTPS, port 3000 is responding with HTTP and re-directing to HTTPS on the same port, which fails.

          Screenshot from 2024-12-04 19-46-54.png

          I can see in the ntopng.conf file, that it is set for http-port=0 and https-port=[my IP]:3000. So could this be a regression in the version of nT used by pfSense?

          --http-port=0
--https-port=172.16.1.1:3001,2001:xxx:xxxx:1::1:3001

          Your screen capture, ntopng config file, and packet capture do not match. Your screen capture shows port 3000, and an error that generally occurs when you attempt to establish a TLS (HTTPS) connection to an HTTP server. Your config file shows HTTPS on port 3001. Your packet capture shows an initial connection attempt to HTTP (on port 3000) rather than HTTPS.

          The ntopng port is hard-coded as 3000, so 3001 should not be in the config file. Did you hand edit the file?

          FWIW, there is no HTTP -> HTTPS redirect. There is a redirect that happens in the context of pfSense to send the connection to port 3000 when accessing Diagnostics -> ntopng, but this is not the same thing as an HTTP -> HTTPS redirect.

          Setting all that aside, there is a new IPv6 / ntopng issue with 24.11 that needs to be looked at. Uncheck the box that says "Server IPv6" in the "HTTP(S) Server Options" section and try again.

          1 Reply Last reply Reply Quote 0
          • dennypageD
            dennypage
            last edited by

            Confirmed: There is a new bug in ntopng. It can do secure connections on IPv4 or IPv6, but not both. Until it's fixed, you can only have one box checked.

            It also now requires brackets on IPv6 addresses for non wild-card listens (All interfaces). This will require a package update to correct. I'll have that shortly.

            F 1 Reply Last reply Reply Quote 0
            • F
              frostyw @dennypage
              last edited by

              @dennypage Confirmed that unchecking the IPv6 box allows the page to load securely on IPv4. That's quite a discovery!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.