Unable to access GUI from specific PC
-
@enjawd it is an exception only.
if you have plus - then look to see if you have mac filtering enabled. Look in advanced firewall/nat - or do you even see the ethernet tab in firewall?
Would of kind of had to put in a specific rule - how would you not know you did such a thing?
And again - what happens, what does your multiple browsers you have put in show - just a timeout? Some error - are you using https via that 8443 port, are you trying redirection by hitting port 80 via http first?
Is the browser just telling you it doesn't trust the cert. Without a very specific ethernet rule - I don't see how this is possible your blocked.
Is this the error your getting in your browser?
And again are you running IPS?
-
I would probably run a pcap at this point just to be sure packets from the client in question are actually arriving.
-
i think i have found the problem, think someone had change the MTU on my pc to 9000 instead of 1500. Changed it back and im able to access GUI again.
-
Ah, that could do it.
-
@enjawd said in Unable to access GUI from specific PC:
think someone
So you mean you ;) I mean who else would be touching your pc? And to be honest why and the F would they be messing with mtu?
But yeah could do it..
Sniff would of brought that out - but yeah not something on my list to think of ;)
-
@johnpoz haha it was my bro, we are trying to set up our local network all 10g since our ISP providing 10G up/down. But we had issue with slow speed on iperf between local device(around 3Gbps, but my bro change it to MTU 9000 we had speed bump up to 9+ gbps).
But what surprise me is that why is it only specifically the pc is not able to access the GUI, but via ssh/telnet no issue. All other device didnt had issue as well.
-
@enjawd because your routing it, but not to pfsense interface. Pfsense will fragment if you send say 9000 to say google.com
For sure a weird one in a million type of setups.. If you would of mentioned you were running jumbo might of occurred but I wasn't even thinking if you went full jumbo that you wouldn't changed your router - and you said your other devices worked etc..
as fir ssh/telnet those would never be full jumbo - that is tiny tiny amounts of data moving back and forth.
mixed mtu on a nework is going to cause nothing but pita.. But you should be able to reach closer to 10ge without jumbo.
Slow speed your seeing on iperf.. could be iperf related - what version are you running, what happens when you go to 1500, but send multiple streams? Somewhat recent believe there is a multithread iperrf, before it was always single threaded. I think the older iperf2 might of been multithreaded.
google iperf3 and 10ge testing.
I would throw up say openspeedtest and try that.
But the limit your seeing could be just how your testing with iperf
I can only get about 3.3gbe on 5ge - but haven't looked too deep into it because the iperf3 running on my nas is old, and the nic in nas is just a usb dongle. Is the isp side running jumbo? I doubt it - you get 10ge from isp? I think that came up but the thread has gotten kind of long.
So when you getting slower speeds with 1500 mtu, what was the cpu load on 2 test devices?
-
@johnpoz so i did a test again eariler on iperf3, some where forum mention to add in -P4 and i do get 10g speed.
Im not sure if my isp side is on 9k MTU as they usually dont share this info. But on normal speedtest im able to get around 8G both up and down on 1500 or 9000 MTU
-
@enjawd well just look on your interface - pretty much bet you its 1500 on your wan interface.
ifconfig would give you that info.
did you check with openspeedtest?
-
Mmm, I'd be amazed if your ISP was using anything other than 1500.
