On Mon, 2005-10-31 at 15:04 -0500, Scott Ullrich wrote: > If you do not provide an address on the LAN ip then there is no > anti-lockout rule. To get around it, add a lan address.
I have LAN address at this point set to be the same as WAN address. Also see below - pfctl was disabled after I booted and I could not connect. (I initially tried to add the rule to lock me out) and after pfctl -e I did not even need the rule. So I guess something else triggered it. > > On 10/31/05, Peter Zaitsev <[EMAIL PROTECTED]> wrote: > > Hi, > > > > After the tests today ( I guess I disabled firewall mode for test and > > then enabled it back) I got locked out of my pfsense box - it is > > inaccessible both from WAN and LAN (which are bridged and so anti > > lockout rule does not work). > > > > There seems to be no way to operate web interface from console :( > > > > > > .... Looking more into it - it looks like the problem is I actually > > rebooted the box while firewall was disabled. > > > > This resulted in very interesting effect - I could connect to the box > > behind the firewall but not to the box itself. - SSH as well as Web > > were dead. > > > > As soon as I did pfctl -e I could connect :) > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
