OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: Redundanz on November 21, 2019, 12:13:55 am

Title: SSH / Webportal issue
Post by: Redundanz on November 21, 2019, 12:13:55 am
hello!

preface: i don't know if this problem popped up because of the update i did (believe it was to 19.7.3 or .4) or if it is something else that "triggered" this issue.
i am running the firewall on an amd 4850e (dual core) for 2 years now, just as a convenient method of being able to centralize ip traffic control (filtering & traffic shaping) in my home.

the problem is that i cannot access the webportal - anymore - NOR use a ssh client (puTTy in my case just gets a timeout) to connect to the machine.
!!! to make it clear the firewalls main functionality, i.e. filtering and traffic shaping works perfectly !!!

connecting with chromium based browsers gives me a "ERR_SSL_PROTOCOL_ERROR"
firefox gives me a "SSL_ERROR_BAD_SERVER"
both can be reproduced and the error message stays the same with every request, so there seems to be a very precise issue. i am mentioning this because i had problems with my ddwrt router/modem in the past that would show different http errors every time i access it, or even sometimes work, or timeout depending on the mood of the httpd.


so this certainly points towards some webserver/sshd issue, be it misconfiguration on my end (which i couldn't remember specifically...) or some behaviour change after 19.7.3/4 or just some other thing like we all know happens from time to time when "life hates you"  ;) and maybe some file gets corrupted - what i don't believe tbh but i won't fully deny the possiblity)

what i did so far: rebooting , complete power down / power up cycle did nothing.
now physical access is of course available, but tbh i never used it except for the initial installation.
and to my surprise after i attached a monitor & keyboard i see the last output on the screen is
Code: [Select]
load_dn_sched dn_sched FIFO
load_dn_sched dn_sched QFQ
load_dn...
...
load_dn_aqm dn_aqm PIE

but i cannot (or wouldn't know how to) get to the login prompt that i am used to through puTTy.
tried switching tty with ALT+F1..F2... combinations , no reaction , pressed basically all keys on my keyboard but no login prompt will show up.

so if there is any hint or possiblity i could try before proceeding with a full reinstall, i'd be thankful for anyone sharing it.

cheers,
R
Title: Re: SSH / Webportal issue
Post by: apiods on February 21, 2020, 01:04:40 pm
FYI - same issue here on 19.7.x - has been running fine for months. Had to powerdown/boot the box and it never came back online.

Plugged in a monitor, last line on screen:

Code: [Select]
load_dn_aqm dn_aqm PIE loaded
Will try a re-install...
Title: Re: SSH / Webportal issue
Post by: apiods on February 21, 2020, 03:33:25 pm
So, installed fresh image of 20.1 and initially it looked okay - booted fine and I could configure an IP, etc.

Restored a config file to it, and now when rebooting  (or power off/on), the console output (VGA) gets "stuck" at the same place -
Code: [Select]
load_dn_aqm dn_aqm PIE loaded
However, I can still reach the LAN interface okay, log in okay, etc.

Not sure why the console boot output is not completing fully ???
Title: Re: SSH / Webportal issue
Post by: franco on February 22, 2020, 10:34:02 am
Squid proxy maybe? IPFW (as in shaper or captive portal) has been know to block squid start.


Cheers,
Franco
Title: Re: SSH / Webportal issue
Post by: apiods on February 22, 2020, 12:37:04 pm
Squid proxy maybe? IPFW (as in shaper or captive portal) has been know to block squid start.

I'm not running squid. It's a fresh install - no plugins, but with my config loaded.
Title: Re: SSH / Webportal issue
Post by: apiods on February 22, 2020, 02:03:31 pm
I'm not convinced that the
Quote
load_dn_aqm dn_aqm PIE loaded
message that's the last thing on the console is the issue - this message appears related to the Shaper config I have setup.

If I disable the Scheduler config, then this message doesn't appear, but the console now just stops at another line.
However:
- Connecting via serial console is fine - I get to a login prompt
- I can connect to the GUI, all is working fine

So, I'll let it run and see if I get any real problems :)