Lost access to pfsense

FrankZappa

Not sure what happened here. I accidentally changed the admin password (thinking it was for another user). However, after that happened, I can no longer access the GUI using 192.168.1.1 or even https://192.168.1.1:8443. I tried three different browsers, cleared the cache, no Joy. I can ping the pfsense box, but it can't connect. All I get is this:

I have access to the console and have tried restoring to previous configs. However, I still can't access the GUI. Do you have any ideas?

patient0

@FrankZappa said in Lost access to pfsense:

I have access to the console

Regarding password you can reset the password for the console menu, point 3) Reset webConfigurator password.

Have you changed the default port of the pfSense to 8443? On what version are you, CE 2.7.2 or Plus xxx?

Do you get the same error 'Connection hat timed out' when you go to https://192.168.1.1 ?

FrankZappa

@patient0 Currently on 24.11 Plus. Yes, if I try https://192.168.1.1, no Joy. Just wont connect, yet I can ping the pfsense box on 192.168.1.1. I did try the password reset on the console. The problem is it wont let me connect.

patient0

@FrankZappa the error message is the same, connection timeout?

If you log into the console and to the shell (8), what is the output of:

sockstat -ln | egrep ':(80|443)'

FrankZappa

@patient0

patient0

@FrankZappa if your LAN IP in that screen says 192.168.1.1 then you have to be able to reach it with http://192.168.1.1. It's not listening on 443.

Not sure what service lighttpd_p is on 10.10.10.1, but it's not the LAN IP anyway.

just out of curisosity: do you have OpenVPN listening on your WAN on 443?

FrankZappa

@patient0 Yes, OpenVPN is also listening on 443 (Many public Wi-Fi hotspots block 1194, e.g., Dunkin Donuts. That's why I also listen on 443).
I think I switched the default GUI port to 8443. However, I can't log in to see if that's true.

FrankZappa

@FrankZappa Thanks Patient0. I'm in. Not sure why, but suddenly I can log in again. I wonder if I set a lockout on a number of bad attempts. Not even sure where that setting is. Nonetheless, thanks for all your help.

Gertjan

@FrankZappa said in Lost access to pfsense:

but suddenly ...

You've probably triggered :

Go here : System > Advanced > Admin Access and scroll down to :
"Login Protection"

When you make an error while logging in, after a couple (2 or so) errors, your (LAN) IP will get firewalled (blacklisted) for a moment.
You still can access pfSense, use another device, or change the LAN IP of the device you are using.

If you trust all your LAN devices, you could set :

( if 192.168.1.0/24 is your LAN network )

@patient0 said in Lost access to pfsense:

Not sure what service lighttpd_p is on 10.10.10.1, but it's not the LAN IP anyway.

That's the pfBlockerng DNSBL Webserver (it uses lighthttp, not nginx) :