Project

General

Profile

Bug #8235

The browser must support cookies to login

Added by Scott Phillips over 1 year ago. Updated 28 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
12/23/2017
Due date:
12/23/2017
% Done:

0%

Estimated time:
6.00 h
Affected Version:
Affected Architecture:

Description

I updated pfsense to use secure socket that utilizes port 443 to login as the adminstrator. Upon attempting to login to pfsense post change, I get "The browser must support cookies to login". I allow cookies within the browser, however I cannot get past this message. I've rebooted the browser and have I've attempted this in firefox, safari, chrome to NO avail. Hoping someone can help me out.

firefox_2017-12-23_18-48-12.jpg (265 KB) firefox_2017-12-23_18-48-12.jpg Phil Keep, 12/23/2017 11:57 AM

History

#1 Updated by Phil Keep over 1 year ago

Hello Scott,
Your symptoms are quite strange. Cookies are working in general since years in PFsense.
This should be something related to your browsers.
1) Could you precise which PFsense version you are using (and also one detailed version
from your client browser and underlying OS).
Maybe you have a kind of (client) OS filter active?
2) Look at the annexed screenshot: Firefox 57.0.2 on Win7 accessing PFsense 2.4.2 amd64.
All works fine with HTTPS and cookies.
Cheers Phil.

#2 Updated by Gabriel Paniagua Castro 7 months ago

Scott Phillips wrote:

I updated pfsense to use secure socket that utilizes port 443 to login as the adminstrator. Upon attempting to login to pfsense post change, I get "The browser must support cookies to login". I allow cookies within the browser, however I cannot get past this message. I've rebooted the browser and have I've attempted this in firefox, safari, chrome to NO avail. Hoping someone can help me out.

I'm having this problem after I restored the web_gui to http from the console using assign IP address to interface. I'm unable to access my pfsense from any browser.

#3 Updated by Jim Pingle 7 months ago

Does the same thing happen with an incognito/private mode browser session that has never visited that firewall before?

When HTTPS is enabled, pfSense sends a secure cookie, and if the browser stores that, it may refuse to process that cookie over HTTP in the future. You may have to manually delete cookies for the firewall host from your browser to continue.

I'm not sure there is anything the firewall itself can do about that. Similar issues can happen with cached HSTS settings.

#4 Updated by Greg Toombs 28 days ago

I'm getting affected by this as well, under similar circumstances.

Jim Pingle wrote:

Does the same thing happen with an incognito/private mode browser session that has never visited that firewall before?

Yes. Incognito mode, as well as using a different browser that's never seen the URL before, pops up the same message.

Also available in: Atom PDF