Skip to main content

PFS000 - Failed to Connect to pfSense

Agent error code #206000#PFS000 indicates that the agent could not reach the pfSense REST API at all. The request failed before any authentication or alias operation could take place.

This error is distinct from authentication failures (#206001)#PFS001), authorization failures (#206002)#PFS002), TLS errors (#206003)#PFS003), and timeouts (#206004)#PFS004). It indicates a general connectivity failure such as connection refused or DNS resolution failure.

Common causes include:

  • The hostname configured on the Knocknoc backend is wrong or no longer resolves
  • pfSense is offline, rebooting, or its web GUI is on a different port
  • A network firewall, proxy, or VPN between the agent and pfSense is dropping traffic
  • The pfSense web GUI is bound to a different IP than the one the agent is dialling

Steps to Resolve

Verify the Hostname

  1. Confirm the pfSense URL value in the Knocknoc backend matches the URL you use to log into pfSense
  2. Include the scheme (https://) and any non-default port

For the full setup, see the pfSense setup guide.

Test Connectivity From the Agent Host

  1. From the host running the Knocknoc agent, run: curl -v https://<pfsense-host>/api/v2/system/version
  2. If the command fails with a connection refused or DNS error, fix the underlying network issue before retrying in Knocknoc

Check Routing and Firewall Rules

  1. Verify the agent host can reach the pfSense management interface on its management port
  2. If pfSense's web GUI is on a non-default port, ensure the pfSense URL in Knocknoc includes that port

Still Having Issues?

We can help you out, contact us at support@knocknoc.io.

Back to top