• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Cannot access PfSense GUI

Scheduled Pinned Locked Moved Hardware
11 Posts 6 Posters 2.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    theaddies
    last edited by Jul 12, 2015, 2:02 AM

    I have something strange happening and I am at my whits end.  I have installed PfSense on Xenserver and everything works swimmingly.  I have a pretty bog standard setup with the LAN assigning IP addresses and the gateway set at 192.168.1.1.  Everything works.  I can ping the gateway, the VM works fine, the internet works fine.  The only thing I cannot do is type 192.168.1.1 into the web browser on my desktop.  It simply times out.  The wierdest thing is that from another computer on the same network the GUI is accessible with no problem.  What could I possibly have done to the setup of my Windows 7 PC to prevent it from accessing the address.  By the way, it is exclusively 192.168.1.1.  If I change the gateway address to something else, I can get to the GUI from this PC.  Thanks in advance for the help.

    1 Reply Last reply Reply Quote 0
    • P
      phil.davis
      last edited by Jul 12, 2015, 3:28 AM

      Some duplicate 192.168.1.1 address in your part of the subnet/switches or even your Windows7 is set to 192.168.1.1?

      arp -a
      

      and see what MAC address your Windows7 thinks is 192.168.1.1 compared to another client that is OK.

      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

      1 Reply Last reply Reply Quote 0
      • T
        theaddies
        last edited by Jul 12, 2015, 9:46 AM

        Great suggestion.  I did it and the MAC address on 2 different windows 7 machines for 192.168.1.1 are the same.  It works on the other one and not this one.  I only have one 192.168.1.1 on this machine, the problem one.

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by Jul 12, 2015, 9:57 AM

          @theaddies:

          I only have one 192.168.1.1 on this machine, the problem one.

          Huh? ??? ??? ???

          Do yourself a big favour and avoid setting your firewall IPs to an IP used on half of the equipment out there by default: http://www.techspot.com/guides/287-default-router-ip-addresses/

          1 Reply Last reply Reply Quote 0
          • J
            johnpoz LAYER 8 Global Moderator
            last edited by Jul 12, 2015, 12:38 PM

            ^ exactly!!!  All of my local side interfaces on pfsense all end in .253 because .1 and .254 are very very common device IPs.  I moved away from the 192.168.0 and 192.168.1 segments a while back..  But continue to use .253 out of habit.

            So your windows PC that can not get to the pfsense gui IP address is 192.168.1.1???  Please post an ipconfig /all output from your problem machine..

            You do understand your PC can not have the same IP as pfsense right??  They both can not be 192.168.1.1 ;)  You say it works when you change the pfsense IP.. So it seem to point to you have the same IP on your pc and pfsense and then not understanding why your pc can not talk to pfsense..  Which unless your like high as a kite seems just flabbergasting ROFL!!

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • S
              stephenw10 Netgate Administrator
              last edited by Jul 12, 2015, 4:58 PM

              It reads to me like he ran arp- a on the client that cannot reach the pfSense webgui as Phil suggested and saw one MAC using the 192.168.1.1 address, as expected. Then to check it wasn't some random MAC checked it on another client and it was the same.
              The only thing left is to check that's actually the correct MAC for the pfSense LAN interface. He may already have done that.

              However, yes, changing to use a different subnet on the LAN is often a good idea. It will rule out some local IP blocking issue at least.

              Steve

              1 Reply Last reply Reply Quote 0
              • T
                theaddies
                last edited by Jul 12, 2015, 8:52 PM

                Thanks for the responses guys.  I will follow your advice and make the change from the .1 address.  I am definitely a NOOB at all this stuff but thankfully I am not such a dope to not know that my Windows PC can be configured on 192.168.1.1.  My windows PC is 192.168.1.107.  StephenW10's hypothesis was correct.  I checked the MAC address on my problem PC and another PC with arp -a and they are the same.  I also confirmed that it is the same MAC address listed within Xencenter for the PfSense VM.

                The only reason I haven't changed the LAN IP address as yet is that I have a lot of devices in the network and I didn't want to change the default gateway for all of them.

                I would post an ipconfig /all but it is a absolute mess because I have a VPN adapter and a Virtual Box adapter included in it.  I also realize that this probably has something to do with my issues.

                Anyway, thanks for the discussion.  I am really enjoying learning about all of this and I realize dealing with dopes like me is not often enjoyable.

                1 Reply Last reply Reply Quote 0
                • S
                  stephenw10 Netgate Administrator
                  last edited by Jul 12, 2015, 11:59 PM

                  No problem. That's what the forum is for.  :)
                  When you try to connect from the blocked client do you see blocked traffic in the firewall log in Status > System Logs, Firewall tab? Obviously you'd have to use a different client to check.
                  It seems very likely it's a local block at the client. Have you tried multiple browsers?

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • T
                    theaddies
                    last edited by Jul 13, 2015, 11:48 AM

                    OK, so this is really weird.  It works on IE, which I never use, but not on chrome or firefox.  How can this be?

                    1 Reply Last reply Reply Quote 0
                    • P
                      phil.davis
                      last edited by Jul 13, 2015, 12:45 PM

                      Do a ctrl-F5 or whatever in Firefox to make it completely reload the whole pfSense webGUI. Maybe if there is nothing old cached then it will be happy.

                      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                      1 Reply Last reply Reply Quote 0
                      • ?
                        Guest
                        last edited by Jul 13, 2015, 2:41 PM

                        OK, so this is really weird.  It works on IE, which I never use, but not on chrome or firefox.  How can this be?

                        In the MS IE mostly nothing comes pre-installed and you will only to accept and allow something comes java based
                        as this would be normal in this days pointed to the java security.

                        But, the other browsers comes often or will be often later sorted with script and adware blockers and there for
                        it could be that you will be getting in trouble then, not only on a pfSense box, as I see it right!

                        For sure let the Ccleaner running once before you will reconnect to the pfSense box makes in some rarely
                        cases also sense. So that nothing from earlier connects will be stored in the cache or elsewhere that can
                        corrupt the login process.

                        1 Reply Last reply Reply Quote 0
                        11 out of 11
                        • First post
                          11/11
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                          This community forum collects and processes your personal information.
                          consent.not_received