Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Lost access to pfsense

    Scheduled Pinned Locked Moved webGUI
    9 Posts 3 Posters 389 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FrankZappa
      last edited by

      Not sure what happened here. I accidentally changed the admin password (thinking it was for another user). However, after that happened, I can no longer access the GUI using 192.168.1.1 or even https://192.168.1.1:8443. I tried three different browsers, cleared the cache, no Joy. I can ping the pfsense box, but it can't connect. All I get is this:
      b641650e-2128-4f2f-bd2e-210adbe75cd1-image.png

      I have access to the console and have tried restoring to previous configs. However, I still can't access the GUI. Do you have any ideas?

      patient0P 1 Reply Last reply Reply Quote 0
      • patient0P
        patient0 @FrankZappa
        last edited by

        @FrankZappa said in Lost access to pfsense:

        I have access to the console

        Regarding password you can reset the password for the console menu, point 3) Reset webConfigurator password.

        Have you changed the default port of the pfSense to 8443? On what version are you, CE 2.7.2 or Plus xxx?

        Do you get the same error 'Connection hat timed out' when you go to https://192.168.1.1 ?

        F 1 Reply Last reply Reply Quote 0
        • F
          FrankZappa @patient0
          last edited by

          @patient0 Currently on 24.11 Plus. Yes, if I try https://192.168.1.1, no Joy. Just wont connect, yet I can ping the pfsense box on 192.168.1.1. I did try the password reset on the console. The problem is it wont let me connect.

          patient0P 1 Reply Last reply Reply Quote 0
          • patient0P
            patient0 @FrankZappa
            last edited by

            @FrankZappa the error message is the same, connection timeout?

            If you log into the console and to the shell (8), what is the output of:

            sockstat -ln | egrep ':(80|443)'

            F 1 Reply Last reply Reply Quote 0
            • F
              FrankZappa @patient0
              last edited by

              @patient0 IMG_4548.jpg

              patient0P 1 Reply Last reply Reply Quote 0
              • patient0P
                patient0 @FrankZappa
                last edited by

                @FrankZappa if your LAN IP in that screen says 192.168.1.1 then you have to be able to reach it with http://192.168.1.1. It's not listening on 443.

                Not sure what service lighttpd_p is on 10.10.10.1, but it's not the LAN IP anyway.

                just out of curisosity: do you have OpenVPN listening on your WAN on 443?

                F 1 Reply Last reply Reply Quote 0
                • F
                  FrankZappa @patient0
                  last edited by

                  @patient0 Yes, OpenVPN is also listening on 443 (Many public Wi-Fi hotspots block 1194, e.g., Dunkin Donuts. That's why I also listen on 443).
                  I think I switched the default GUI port to 8443. However, I can't log in to see if that's true.

                  F 1 Reply Last reply Reply Quote 0
                  • F
                    FrankZappa @FrankZappa
                    last edited by

                    @FrankZappa Thanks Patient0. I'm in. Not sure why, but suddenly I can log in again. I wonder if I set a lockout on a number of bad attempts. Not even sure where that setting is. Nonetheless, thanks for all your help.

                    GertjanG 1 Reply Last reply Reply Quote 0
                    • GertjanG
                      Gertjan @FrankZappa
                      last edited by

                      @FrankZappa said in Lost access to pfsense:

                      but suddenly ...

                      You've probably triggered :

                      Go here : System > Advanced > Admin Access and scroll down to :
                      "Login Protection"

                      When you make an error while logging in, after a couple (2 or so) errors, your (LAN) IP will get firewalled (blacklisted) for a moment.
                      You still can access pfSense, use another device, or change the LAN IP of the device you are using.

                      If you trust all your LAN devices, you could set :

                      ba2cc5a9-7cdf-4d61-a96c-091da9a71130-image.png

                      ( if 192.168.1.0/24 is your LAN network )

                      @patient0 said in Lost access to pfsense:

                      Not sure what service lighttpd_p is on 10.10.10.1, but it's not the LAN IP anyway.

                      That's the pfBlockerng DNSBL Webserver (it uses lighthttp, not nginx) :

                      a7c2ce43-f3ac-404c-a9de-96dfb793c98f-image.png

                      No "help me" PM's please. Use the forum, the community will thank you.
                      Edit : and where are the logs ??

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.