Bizarre network problem

I added a Unifi 16 XG to my network stack. Now I’m unable to reach the pfSense GUI or HAproxy web pages from Windows machines, but I still can from Linux and Android. I’m able to ping all devices and reach anything that is not hosted or served by pfSense.

I’ve rebooted the pfSense and double checked that the trunks are serving all vlans. I didn’t change any settings anywhere. I’ve tried from multiple vlans, staying on the same one or crossing, and the only commonality I can find between success and failure is the OS.

Anyone have a clue how to fix this?

Confirming, can you ping the pfsense internal IP from your Windows host, or not reachable at all?

Win -> pfsense http/https fails
Linux -> pfsense http/https works

Win -> Linux ping succeeds

Win, Linux, pfSense are all on same network (same IP network and netmask). Confirming that ssh/http(s) both fail to the pfSense host?

Sounds like a browser issue perhaps clear cache and try again.

1 Like

@baldpope I can ping the pfSense from any device or network. I’m not sure that I have a Windows device on the management network that the pfSense GUI is assigned to. For the HAproxy interface, the devices are on the same subnet.

@neogrid I thought about that too. I’ve tried multiple browsers, incognito mode, and devices that have never accessed those web pages before. All fail if they are Windows based.

1 Like

weird, but hey, it’s windows being windows

What you’re describing doesn’t make sense. Confirming what you’ve said so far…

From a Windows host, you can ping the internal IP (or the management IP) of the pfSense host. This is the same IP you want to connect to via HTTP/HTTPS. From this same host, you cannot connect to the web interface.

From Linux, you can ping and connect to the web interface. No issues at all.

I’m curious, in Chrome (or whatever browser of choice) can you enable the Developer Tools and then review the networking tab to see what’s going on with the request, when you connect to the pfSense webserver.

Beyond that, assuming that the Linux and Windows hosts are on the same network and you don’t have any unique firewall rules that are restricting access from the Windows hosts. It really doesn’t make any sense if you can ping the pfSense host but not connect to the web interface, unless you have a firewall rule blocking it (not necessarily on pfSense). Are you using any proxy in front of the pfSense host that might be getting in the way?

Well I fixed it. It turned out that Jumbo Frames weren’t enabled on the new switch. I guess Windows must be using the Jumbo Frames and Linux is not. Somehow that determined what did and did not work on the pfSense box. Not 100% sure why that seems to be the only content host that was affected.

edit: I also couldn’t RDP to one of my Linux boxes, although XtoGo was working.
edit 2: It also broke the SMB connection from my Plex server to my unraid server. The odd thing is Windows to Unraid was working. Although that traffic probably wouldn’t have passed through the disabled switch.