This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to View Webmin from any Interface

Hello All, 

I have done some searching for similar questions, but all results I have found were solved by either a reboot, or someone forgetting to either include the "https://" or configure their computer's NIC to be on the same subnet.

On the console of the UTM, I see the IP for Webmin as "https:192.168.0.2:4444" as expected, so this is what I am attempting to connect to. I had set this network up as a /24, so I set my laptop to 192.168.0.4/24. In theory this should work. 

I set up my UTM box quite a while ago, was able to log into the webmin portal and it was working just fine. After putting it away for some time (lab environment) I attempted to connect to the Webmin portal again and no matter what interface I plug into, the page is still unresponsive. I do not believe I made any configuration changes the last few times the device had been reloaded before this. I have performed several restarts in attempts to help, as well as restarting httpd via "/etc/rc.d/httpd restart". Nothing seems to help. 

Worst case scenario, I suppose I could copy the config and reinstall using this article https://community.sophos.com/kb/en-us/119814. However, I would really like to not have to rebuild the whole system if I don't need to. Does anyone have any suggestions on what I can try? 



This thread was automatically locked due to age.
Parents
  • Hi Pedro and welcome to the UTM Community!

    You will need to do some spelunking from the command line...

    Find the networks allowed to reach WebAdmin:

    cc get webadmin allowed_networks

    If you named one Internal, you likely will see something like REF_NetIntInternal and that's the one that we want to find.  Which NIC is it defined on?

    cc get_object REF_IntEthInternal |grep itfhw

    That should give you something like 'itfhw' => 'REF_ItfEthEth0IntelCorpo'.  That tells us that the hardware is an Intel NIC assigned eth0.

    If that didn't help you to identify the correct NIC to which you should connect, show the results here of those two commands along with the output of the following command.

    cat /etc/udev/rules.d/70-persistent-net.rules

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks a lot for the welcome, and the reply!

    The first command, "cc get webadmin allowed_networks", gave the expected result of the second provided command (which gave no output). I have plugged into each of the available interfaces (0-3) in attempts to connect. 

    "cc get webadmin allowed_networks"   ==>  REF_NetIntEth3IntelCorpo2

    "cat/etc/udev/rules.d/70-persistent-net.rules"  followed this output format for each interface:

    SUBSYSTEM == "net",ACTION=="add",DRIVERS="?*",ATTR{address}="<mac of given interface>",ATTR{type}=="1",kernel="eth*",NAME="eth<eth number>"

  • "cc get webadmin allowed_networks"   ==>  REF_NetIntEth3IntelCorpo2

    That doesn't look like something I would expect, Pedro.  Please show a picture of the command and the result.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  •  

    Sorry for the poor quality photo. I could be missing something here, but I'm not sure that I am. It might make sense to blow everything out, but I am intrigued, and it could possibly be helpful for others as well. 

  • If the addresses in persistent-net-rules are sequential, then it's safe to assume that eth3 is physically the last of the four NICs.

    So, that indicates that the Interface was defined with a blank name and that it was assigned a name like: eth3 Intel Corporation 82574L Gigabit Network Connection

    If you know that you didn't leave the name blank, I'd be tempted to restore a configuration backup that you know is good.

    If you didn't assign a name, try the following to determine the subnet on eth3:

    cc get_object REF_NetIntEth3IntelCorpo2

    Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  •  

    Hi Bob!

    Thank you very much for your persistence in helping out with my situation. I do remember pairing interfaces 1-3 together and making a group named something similar to "Internal" and having eth0 be the WAN connection.

    So I ran your command, and as as you see, it's giving an address of 10.0.0.0 (Obviously not an assignable IP, but maybe this just means the network?). Is this an expected kind of output, or at this point is something deeper clearly wrong (By something I did goofy or otherwise)?  Going off that output, I was however able to hop on 10.0.0.0/24 and reach the Webmin page at 10.0.0.15.

    Here are the Webmin and Interface configs.

     

    Firmware Version: 9.509-3

    Pattern Version: 146998

    Thanks much!

Reply
  •  

    Hi Bob!

    Thank you very much for your persistence in helping out with my situation. I do remember pairing interfaces 1-3 together and making a group named something similar to "Internal" and having eth0 be the WAN connection.

    So I ran your command, and as as you see, it's giving an address of 10.0.0.0 (Obviously not an assignable IP, but maybe this just means the network?). Is this an expected kind of output, or at this point is something deeper clearly wrong (By something I did goofy or otherwise)?  Going off that output, I was however able to hop on 10.0.0.0/24 and reach the Webmin page at 10.0.0.15.

    Here are the Webmin and Interface configs.

     

    Firmware Version: 9.509-3

    Pattern Version: 146998

    Thanks much!

Children
  • That looks good, Pedro.  I think you're OK now.  My guess is that you first created the Interface definition with a blank name and that you later changed it to INTERNAL.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA