http://mytools.management is part of every adam:ONE® instance. This is how it should appear when it is functional:
If your endpoint is on an adam:ONE® network segment, and mytools.management isn’t working on pfSense®, this is your troubleshooting guide:
Symptom 1 - DNS not resolving properly
If you run dig or nslookup you get a public IP for mytools.management like this:
$ dig mytools.management +short
34.120.8.140
The website displayed as a result is:
Solution 1A: Make sure endpoint’s DNS client is using only adam:ONE® (gateway) for DNS
- For devices with static network configuration, make sure the DNS server is set to use the gateway, and the gateway only
- For devices obtaining details via DHCP, make sure the DHCP server is set to use the gateway (and only the gateway) as DNS
- Set browser to disable DNS-over-HTTPS
- For Active Directory Controllers see adamnet.io/dttsad
Solution 1B: If multi-homed, check network order
When you have a device with more than one Internet connection, it is the higher-priority connection that usually is used for DNS. Consider adjusting the network priority.
For example, if a smartphone hotspot is enabled and connected to your computer, it may be the prioritized Internet connection.
Symptom 2 - connection timed out
When you attempt to visit mytools.management there is no response:
% curl -v http://mytools.management
* Trying 192.168.99.1:80...
* connect to 192.168.99.1 port 80 failed: Operation timed out
* Failed to connect to mytools.management port 80: Operation timed out
* Closing connection 0
curl: (28) Failed to connect to mytools.management port 80: Operation timed out
In a browser, the following is the experience:
Solution 2: Start adam:ONE® service
To start adam:ONE® service, go to Diagnostics → Command Prompt and execute the following:
service anmuscle.sh start
Or, alternatively to restart, run:
service anmuscle.sh restart
Symptom 3 - connection refused
When you attempt to visit mytools.management there is no response:
% curl -v http://mytools.management
* Trying 192.168.99.1:80...
* connect to 192.168.99.1 port 80 failed: Connection refused
* Failed to connect to mytools.management port 80: Connection refused
* Closing connection 0
curl: (7) Failed to connect to mytools.management port 80: Connection refused
In a browser, the following is the experience:
Solution 3: Make sure there’s a firewall rule that allows LANnet TCP port 80 to Self
This firewall is generated when following the installation steps, so make sure that there’s no block or reject rule matched before it:
Symptom 4 - https redirect attempt
After entering mytools.management in the browser URL bar, it attempts to redirect to https://mytools.management:20443
Solution 4 Part A: disable WebGUI redirect (and/or any other port 80 conflict)
This setting in pfSense® System → Advanced must be set as follows:
Solution 4 Part B: clear your browser cache
Until your browser cache is cleared, even if the WebGUI redirect has been disabled, it will re-attempt the forwarding as required by the HSTS cookie in your browser.
Symptom 5 - your browser does not allow the connection
This symptom can be verified by running tcpdump -i [LANinterface] -vvnnnXX tcp port 80 while trying to visit mytools.management and no traffic is reaching the gateway. In such a case, endpoint software may be preventing internal LAN TCP communications.
Solution 5: check your endpoint security software
Your endpoint or anti-virus software may have a setting to allow LAN communications to override this false positive.