Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Fixed: After upgrade Web GUI only available if I stop ha_proxy
« previous
next »
Print
Pages: [
1
]
Author
Topic: Fixed: After upgrade Web GUI only available if I stop ha_proxy (Read 1373 times)
ddt3
Newbie
Posts: 24
Karma: 0
Fixed: After upgrade Web GUI only available if I stop ha_proxy
«
on:
February 07, 2024, 01:15:12 pm »
I was running 23.x just fine but have an issue after upgrading to 24.1 (and 24.1.1) the OPNsense webgui cannot be reached. Even when using the ip-address of the OPNsense LAN interface I cannot reach the webgui but end up on my public webserver.
I found out that when I stop ha_proxy (using a shell) the web interface is available. The moment I start ha_proxy, it becomes unavailable again. This setup had ran fine before the upgrade to 24.x
Any help / pointers/ questions for more information would be welcome, can't really use OPNsense at the moment.
«
Last Edit: February 19, 2024, 04:22:39 pm by ddt3
»
Logged
ddt3
Newbie
Posts: 24
Karma: 0
Re: After upgrade Web GUI only available if I stop ha_proxy
«
Reply #1 on:
February 19, 2024, 07:55:52 am »
My system is headless so I am reluctant to start over (or even downgrade) Can anyone please give me some ideas on where to look?
«
Last Edit: February 19, 2024, 08:00:19 am by ddt3
»
Logged
Patrick M. Hausen
Hero Member
Posts: 6824
Karma: 572
Re: After upgrade Web GUI only available if I stop ha_proxy
«
Reply #2 on:
February 19, 2024, 08:16:59 am »
Look at the NAT > Port Forward rules. Possibly the one responsible for your public web server is to broadly specified - e.g. floating instead of WAN or similar.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
amichel
Jr. Member
Posts: 87
Karma: 8
Re: After upgrade Web GUI only available if I stop ha_proxy
«
Reply #3 on:
February 19, 2024, 01:45:08 pm »
I faced a similar issue and it turned out that after the update to 24.1 haproxy simply was working listening on all IP interfaces for port 443.
That is the only option for me as I am getting a dynamic IP Address on my WAN port so I cannot bind Haproxy to a specific one and had to us e0.0.0.0:443
So the first workaround was to move the admin website to a different port than 443
Then I fixed it by implementing a VIP where I used port forward to redirect all traffic for 443 to a different port on that VIP and then used haproxy to proxy that.
See:
https://github.com/opnsense/plugins/issues/722
Most important thing here was to redirect port 443 in the Nat to a different Port on the VIP for example 40443 and then bind haproxy to that IP/port
«
Last Edit: February 19, 2024, 01:49:17 pm by amichel
»
Logged
ddt3
Newbie
Posts: 24
Karma: 0
Re: After upgrade Web GUI only available if I stop ha_proxy
«
Reply #4 on:
February 19, 2024, 04:22:00 pm »
Quote from: amichel on February 19, 2024, 01:45:08 pm
So the first workaround was to move the admin website to a different port than 443
That fixed it! Thank you!
Logged
amichel
Jr. Member
Posts: 87
Karma: 8
Re: Fixed: After upgrade Web GUI only available if I stop ha_proxy
«
Reply #5 on:
February 19, 2024, 06:52:23 pm »
Glad to hear that!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Fixed: After upgrade Web GUI only available if I stop ha_proxy