Akom's Tech Ruminations

Various tech outbursts - code and solutions to practical problems

Locked myself out of pfSense Code and Hacks

Posted by Admin • Saturday, September 26. 2009 • Category: Code and Hacks

I was experimenting a bit with pfSense 1.2.3rc1 as a replacement for a WRT54G router today.
So I set did the following, among many things:
  1. Switched web configurator to SSL (443)
  2. Turned on reflection (applies NAT port forwarding rules to local LAN)
  3. Set up NAT port forwarding, which includes port 443 to one of my servers (which isn't up at the moment)


Guess what? Can't access webconfigurator.... an hour of being very confused later... I get it. All my SSL requests for webconfigurator are now being sent to the nonexistent internal NAT-ed server! I can't get back in, and reboots don't help!

Fixing this is not too hard. Log in (SSH or console) and edit /conf/config.xml
<webgui>
    <protocol>https</protocol>

Now just change to http. (If you're not running off hard drive, you may need to save directly to your floppy.) Obviously changing this will prevent you from using reflection from a NAT-ed server on port 80 now :-)

NOTE: you may need to "rm /tmp/config.cache" to clear out config cache, and restart web configurator from the menu.

0 Trackbacks

  1. No Trackbacks

0 Comments

Display comments as (Linear | Threaded)
  1. No comments

Add Comment


You can use [geshi lang=lang_name [,ln={y|n}]][/geshi] tags to embed source code snippets.
Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

What is the primary language of this blog? (Anti-SPAM question)


Submitted comments will be subject to moderation before being displayed.