Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cant access web config from lan *FIXED*

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      Ulich05
      last edited by

      lighthttpd is running but for some reason i cannot access the webconfig from anywhere on the lan (i can ssh in and use the web in general from the lan). This happened after I relocated my office so probably zero correlation there.

      assuming i restore to factory default settings id like to be able to back up my aliases and interface rules, where is this data stored?

      ideally id like to unload snort first bc there is nothing in the regular rules that would have caused this. something may have triggered snort, not sure. So is there a way to disable snort first from the command line before i start backing up settings and restore factory defaults?

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        What if you SSH tunnel to 127.0.0.1:443?

        1 Reply Last reply Reply Quote 0
        • U
          Ulich05
          last edited by

          not working at all actually but i may not be doing it right

          ive tried ssh -D 443 -C admin@192.168.0.50
          and
          ssh -L 443:127.0.0.1:443 -l admin -p 22 192.168.0.50
          as well and flipped the ffox to use localhost socks 5 port 443

          192.168.0.50 is the pfsense box

          its strange bc i see absolutely nothing in the filter logs from any machine on the lan i try to use to connect to the pf box. its like httpd isnt even running

          ive rebooted the box a few times w/o any luck. I do have the settings backed up in the xml file from before, but i would need a way to get that file on the machine locally and import thru the command line.

          1 Reply Last reply Reply Quote 0
          • U
            Ulich05
            last edited by

            i was able to get an ssh tunnel out w ssh -D 443 -f -C -q -N admin@192.168.0.50

            but, "Firefox can't establish a connection to the server at 192.168.0.50."

            httpd is just hanging it looks like.

            netstat -a on the pfbox reveals that lighttpd is not actually listening to anything, its not listed at all where it should look like:
            tcp4       0      0 *.http                 .                    LISTEN

            which is the case on another pf box on the lan.

            kill -HUP PID for lighttpd didnt resolve it either.
            i will keep digging

            at least we know a rule or snort didn't go haywire

            edit
            fixed it, originally i had httpd bound to port 443 to enable ssl by default. i killed the pid of lighttpd and manually edited
            /var/etc/lighty-webConfigurator.conf
            and changed "server.port = 443" back to "server.port = 80"
            then start it back up again: /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf

            and now:
            tcp4      0      0 *.http                .                    LISTEN

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.