[SOLVED] No access to WebGui RE SSL error

[breimer273]

Hello, I have lost access to my webgui. My browser (Brave) says that

Code Select Expand

This site can't provide a secure connection
192.168.1.1 sent an invalid response.
ERR_SSL_PROTOCOL_ERROR

I've tried

Code Select Expand

configctl webgui restart renew

based on the guidance from https://docs.opnsense.org/troubleshooting/webgui.html but there was no effect.

Anything else I could try? This firewall is in production and I really don't want to have to restore from scratch because I don't have a good backup.

The last things I remember changing were some NAT Settings (enabling NAT reflection) and opening up port forwarding. Everything else appears to be working flawlessly, just can't access the gui....

When I try to restore from backup the farthest back I have is Thursday January 16 and my last known good was Monday January 13th.

EDIT: Sovled. The issues appears to have been caused by port forwarding 80/443. Changed the webgui port to 8443 and we are back in business. Thanks for listening!

[breimer273]

May be relevant, the ports I forwarded were 80, 443, and 32400. Since the webgui is still listening on 80/443, could that be the issue?

[dseven]

hah, I'd already composed this before I saw your followup post....

Were you trying to port forward the port (number) used for the WebUI? If you do that, and enable reflection, you won't be able to get to the WebUI any more, even from your LAN. If that's what happened, I'd probably be hacking /conf/config.xml and trying to set system/disablenatreflection to `yes` and see if that restores access from the LAN... or you could try changing the system/webgui/port to some other number. There may be a nicer way....

[Patrick M. Hausen]

Or disconnect WAN, disable all firewall with "pfctl -d", then connect to the UI from LAN and fix things.