WebGUI page - no response / unable to configure pfSense
-
@Gertjan thank you.
I went to the console again and this time I typed first the sockstat command, and this time it did bring up something. It looks exactly like your screenshot, except that I see 6 roots. Not sure if it makes a difference but my numbers are in the 6000s range, and instead of 5 and 10, I get 5 and 7. The tcp4 and the *443 and *80 are just like in your screenshot.
As to the ps aux command, I have only 2 nginx processes and what shows up is like in your screenshot, except I get for the for the first one (the - Is):
0:00.00 ngninx: master process /usr/local/sbin/nginx -c/var/etc/nginx-w
For the S+, the text is exactly like in your screenshot.
-
@newbieuser1 said in WebGUI page - no response / unable to configure pfSense:
I went to the console again and this time I typed first the sockstat command, and this time it did bring up something. It looks exactly like your screenshot, except that I see 6 roots. Not sure if it makes a difference but my numbers are in the 6000s range, and instead of 5 and 10, I get 5 and 7. The tcp4 and the *443 and *80 are just like in your screenshot.
The process ID numbers, also called PIDs are random, something between 2 and 65535. That's ok.
The good news is : the GUI web server is listeing on the http and http ports. So, that's not the issue.
Now, next question : what is/are the firewall rules on the LAN interface ?
When you install pfSense, there is one pas-all rule, so any device connected on LAN can access the pfSense GUI.Use option 4 on the console menu, this will reset everything and the pfSense GUI access will work for sure.
@newbieuser1 said in WebGUI page - no response / unable to configure pfSense:
As to the ps aux command, I have only 2 nginx processes
I have use also the captive portal that needs a web server (nginx) process. That's why I have 3 of them.
-
@Gertjan, thanks. Option 4 is a factory reset, right? Will that also reset absolutely everything, including the IP address for the WebGUI access I had to set up, admin access passwords etc? I have not played with any firewall rules and setting yet (only tried to set up Quad9 for the DNS settings).
My Protectli Vault is not connected to anything and I have not incorporated it my network yet (still struggling to put my router in Bridge Mode...and dealing with my ISP).
-
@newbieuser1 said in WebGUI page - no response / unable to configure pfSense:
Will that also reset absolutely everything, including the IP address for the WebGUI access
Not only the network "IP" assignment, but also the list with known NICs, which means that the initial setup has to be done using the 'serial' console access.
( Or USB keyboard and HDMI screen, if that's your boot option )Normally, after assigning the interfaces 'WAN' and 'LAN', you should keep for WAN the dhcp (client) and assign a static IP for your LAN, which, in your case, can't be 192.168.1.1/24 as this one is already used by your upstream ISP router.
So, chose, for example 192.168.10.1/24
The LAN DHCP server has to set set up with a DHCP pool like 192.168.10.2 (start) to 192.168.10.50 (end) mask 24 or "255.255.255.0".
And done.Btw : if possible, change your ISP's router LAN setup, and change it's LAN 192.168.1.1/24 and DHCP server seting, set it up to use, for example 192.168.50.1/24 and change the DHCP accordingly.
From that point on, you can keep pfSense 100 % with the default settings with only one exception :
The password.** so it will always work.
-
@Gertjan Is not there any other way/step to fix the https issue? It sounds like the factory reset will bring me to square one and it was already such a challenge to even set things up to this point....as you can probably tell, I am a complete beginner...
I could be wrong but if I try to create a new static LAN address and this time choose 'Yes' for https (instead of 'No' as I did initially), would that be an alternative? Or learn how to create and import a self-signed certificate?
-
@newbieuser1 said in WebGUI page - no response / unable to configure pfSense:
Is not there any other way/step to fix the https issue? It sounds like the factory reset will bring me to square one and it was already such a challenge to even set things up to this point....as you can probably tell, I am a complete beginner...
If the "http" access works, but not the "https" access, then there is a solution, its documented in the pfSense documentation.
There is a console menu option for that (afaik).If, after a GUI setting change, the GUI becomes inaccessible : no panic, there is a console menu option that lets you pick the config file you had just before the GUI edit. This will undo what you did, and you have the GUI access back again.
And I know, all these options, you want to try and use the all. But there is a major 'but' : in case of emergency, when the drive fails, and you have to re install, and you 'forgot' to make a recent backup, you have to rebuld 'from scratch' anyway. That's why you should keep it simple (KIS).
Btw : Have a look here : /cf/conf/backup : you'll find the latest 100 config files.
Accessing pfSense over http isn't really an issue, as traffic flows over your own network, and doesn't contain private info, neither mail or credit card info ^^
-
@Gertjan, thanks. Could you please point me to the right section in the documentation you are referring to?
I am assuming the static LAN address I was wondering about is not going to be a solution?
-
-
Can you show your :
LAN settings ?
DHCP server LAN settings ?
Your LAN firewall rules ?After you tried to access the GUI using https, check the GUI web server log : Status > System Logs > System GUI Service - what did you see ?
edit : most networked devices have a GUI these days : Your ISP router, your printer, your NAS, the airco, fridge and even the fish tank.
Some, if not all of these devices offer both http and https access.
Can yo access any of your own 'LAN' devices with your browser ?I'm asking this (test) so we know if your browser isn't just plain refusing self (auto) signed certificates.
-
@Gertjan thanks for your continuous help! I ended up just restarting the GUI from the console (option 11) and this somehow fixed the issue....I am no longer getting the time out error and can use the https link.
