Watchguard Firebox M400/M500
-
No it will boot from CF without any BIOS changes. It will run fine but upgrades are painful because CF is slow as hell!
-
@stephenw10 haha that makes sense. Thanks for info, Im excited to get this thing going.
-
-
-
-
I just installed a Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz in my M400.. It had been running the original Celeron G1820 until this last week.
Boots a bit faster.. has AES-NI now.. 4 cores now.. shows running cooler since the fans seem to be actively adjusting their speeds now. fans were always slow before.. even in the summer.
The fans are a bit more noisy and constantly adjusting now which they never did when the Celeron was in place. Celeron showed constant 40c to 45c depending on weather here.. The i5 is a constant 39c.
I have an updated BIOS on the board but cannot find the speed controls.. anyone remember where they are supposed to be?
I want to adjust them more to be constant than the up and down they are doing now.
-
The fan speed controls? They should be there under thermal control. Not much to play with though IIRC.
Does it reboot correctly with that CPU?
Steve
-
@chpalmer I'd replace the existing fans, they are incredibly noisy at most speeds, if you find my posts above I posted a link to the Nocturnas that fit.
-
@stephenw10 Seems to boot fine. Freakin fast compared..
ioapic0 <Version 2.0> irqs 0-23 on motherboard
random: unblocking device.
FreeBSD/SMP: 1 package(s) x 4 core(s)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
ACPI APIC Table: <ALASKA A M I>
Event timer "LAPIC" quality 600
avail memory = 6095597568 (5813 MB)
real memory = 6442450944 (6144 MB)
TSC: P-state invariant, performance statistics
VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID
XSAVE Features=0x1<XSAVEOPT>
Structured Extended Features3=0xc000000<IBPB,STIBP>
Structured Extended Features=0x27ab<FSGSBASE,TSCADJ,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,NFPUSG>
AMD Features2=0x21<LAHF,ABM>
AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM>
Features2=0x7ffafbff<SSE3,PCLMULQDQ,DTES64,MON,DS_CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND>
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Origin="GenuineIntel" Id=0x306c3 Family=0x6 Model=0x3c Stepping=3
CPU: Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz (2000.04-MHz K8-class CPU) -
Thanks.. I actually ordered three of those fans today so will try them.
I also replaced the version of WGXepc64 that I was running as it seems I was on a pre-m400 version.. So I can adjust my fans with that instead of mussing with BIOS.
-
@chpalmer said in Watchguard Firebox M400/M500:
@stephenw10 Seems to boot fine. Freakin fast compared..
But does it reboot though? There are a large number of 4th gen CPUs that just hang at reboot even with a different BIOS etc. The i3-4160 I have does not reboot for example and that makes it painful for anything!
Steve
-
But does it reboot though?
I did a reboot this morning via the GUI "reroot" reboot. Came up fine. Is there another method you want me to try? This one is my primary firewall and I have to do things after hours unless I want to join "wine hour" here.. and Im fresh out of cheese.
(for those already typing.. yes I know how to spell whine. ;) )
-
After some more testing with the new CPU.. Normal reboot does hang. Reroot reboot does not. I generally do not shut this one down ever so a non issue for me.
This box is 2.6..
-
Urgh. Disappointing. I wish I knew what caused that.
-
Anyone run into issues with putty spitting out giberish on startup?
Downloaded Memstick installer, used balena etcher (from my understanding Balena will automatically un zip the .gz file) to flash to the same exact model CF card (Except mine is 8gb and not 4gb). Popped the CF card in, powered on the M400, used COM3 port and its just spitting out random letters and characters. -
Typically that happens if the baud rate is mismatched. It's 115200bps by default.
-
@stephenw10 Yup that did it! ive been so used to cisco It never occurs to me that would ever need to change. When I get to the part where it has me select the target disk it doesn't let me select the CF card. I hit enter with the CF card highlighted and it returns the message "Not Enough Disks selected. 0 < 1 minimum" any Ideas on this?
-
You can't install onto the drive you booted from. You can install to a SATA SSD after booting from CF. Or you can boot from USB and and install to CF.
-
I never realized that my M400 (i3-4370T) has been sucking away 40W 24/7. Thinking about doing the BIOS upgrade to enable SpeedStep as my system is barely stressed (1% CPU at this moment). Just curious - for anyone who has already enabled SpeedStep, what kind of power savings have you seen?
-
Does it reboot correctly with that CPU out of interest?
The power draw can be affected by a number of things. Addtional drives. NIC that are linked. Fan speed. 40W does seem high though, how are you measuring it?
-
@stephenw10 No, the i3-4370T has the reboot hang issue. Not a big deal as instead I just do a HALT, then power off and on with the button afterwards.
I'm measuring with an Emporia outlet device. At 1% load, I'm mostly idling. If SpeedStep is significant (e.g. drops it to less than 10W) it would be a worthwhile update, but I have no idea what to expect by enabling it.
-
Enabling high C states usually has a greater affect, especially if your CPU is mostly idle.
Check the available C state and the 'lowest' value. The default Celeron and BIOS don't offer much:[2.7.0-DEVELOPMENT][admin@pfsense.fire.box]/root: sysctl dev.cpu.0 dev.cpu.0.temperature: 39.0C dev.cpu.0.coretemp.throttle_log: 0 dev.cpu.0.coretemp.tjmax: 100.0C dev.cpu.0.coretemp.resolution: 1 dev.cpu.0.coretemp.delta: 60 dev.cpu.0.cx_method: C1/hlt dev.cpu.0.cx_usage_counters: 66905813 dev.cpu.0.cx_usage: 100.00% last 620us dev.cpu.0.cx_lowest: C1 dev.cpu.0.cx_supported: C1/1/0 dev.cpu.0.%parent: acpi0 dev.cpu.0.%pnpinfo: _HID=none _UID=0 _CID=none dev.cpu.0.%location: handle=\_PR_.CPU0 dev.cpu.0.%driver: cpu dev.cpu.0.%desc: ACPI CPU
-
@stephenw10 Sounds like it may be worth a try. I may try to pick up another M400 so I'll have a backup and maybe try to "downgrade" it to a i3-4130T as well. Lower clock should use less power and I hear it doesn't have the reboot issue so a win-win. Might also upgrade that machine to pfsense 2.6 as I'm on 2.4.5 currently.
-
With an i3-4160 and unlocked BIOS to enable speedstep:
[2.7.0-DEVELOPMENT][admin@m400-2.stevew.lan]/root: sysctl dev.cpu.0 dev.cpu.0.temperature: 37.0C dev.cpu.0.coretemp.throttle_log: 0 dev.cpu.0.coretemp.tjmax: 100.0C dev.cpu.0.coretemp.resolution: 1 dev.cpu.0.coretemp.delta: 63 dev.cpu.0.cx_method: C1/hlt dev.cpu.0.cx_usage_counters: 20326 dev.cpu.0.cx_usage: 100.00% last 1186us dev.cpu.0.cx_lowest: C1 dev.cpu.0.cx_supported: C1/1/0 dev.cpu.0.freq_levels: 3600/54000 3400/49609 3200/45377 3000/41815 2900/39829 2700/36458 2500/32748 2300/29177 2100/26204 1900/22916 1700/20193 1500/17168 1400/15710 1200/13290 1000/10588 800/8400 dev.cpu.0.freq: 800 dev.cpu.0.%parent: acpi0 dev.cpu.0.%pnpinfo: _HID=none _UID=0 _CID=none dev.cpu.0.%location: handle=\_PR_.CPU0 dev.cpu.0.%driver: cpu dev.cpu.0.%desc: ACPI CPU
Kill-a-Watt style device shows it idles at ~27W
That CPU doesn't reboot though so upgrades are a PITA!
-
@stephenw10 Oh, the i3-4130T is also on the reboot naughty list? I thought someone had posted in this thread that the 4130 was OK?
-
@stephenw10 Oops, ignore my comment - just realized you were posting about the 4160 and not the 4130 re: reboots. I just bought another M400 on eBay for $50 and ordered a i3-4130T for a whopping $10! I'll probably set that up from scratch then swap firewalls keeping the current as a backup if I don't brick it doing the bios update.
-
With Xanthos fully unlocked BIOS you can enabled higher C-states:
dev.cpu.0.temperature: 35.0C dev.cpu.0.coretemp.throttle_log: 0 dev.cpu.0.coretemp.tjmax: 100.0C dev.cpu.0.coretemp.resolution: 1 dev.cpu.0.coretemp.delta: 65 dev.cpu.0.cx_method: C1/mwait/hwc C2/mwait/hwc dev.cpu.0.cx_usage_counters: 210 8837 dev.cpu.0.cx_usage: 2.32% 97.67% last 1629us dev.cpu.0.cx_lowest: C2 dev.cpu.0.cx_supported: C1/1/1 C2/2/148 dev.cpu.0.freq_levels: 3600/54000 3400/49609 3200/45377 3000/41815 2900/39829 2700/36458 2500/32748 2300/29177 2100/26204 1900/22916 1700/20193 1500/17168 1400/15710 1200/13290 1000/10588 800/8400 dev.cpu.0.freq: 800 dev.cpu.0.%parent: acpi0 dev.cpu.0.%pnpinfo: _HID=none _UID=0 _CID=none dev.cpu.0.%location: handle=\_PR_.CPU0 dev.cpu.0.%driver: cpu dev.cpu.0.%desc: ACPI CPU
Note that it spends almost the entire time in C2 if enabled. Idles at ~24W.
The CPU claims to support higher C states but pfSense doesn't see them. -
@stephenw10 Just finished downloading Xanthos' files and various instructions posted between him and yourself. Do you think disabling the i3's iGPU in Xanthos' unlocked bios will reclaim a few watts?
Too bad it wasn't possible to get the 13W Xeon to work, that would have been crazy.
-
The TDP rating of a CPU is only a guide to the cooling solution needed to run at full power. It does not tell you the minimum power consumption. Whilst the lower TDP devices usually do run at lower idle power it's often not by much. No where near what you might think if you only look at the TDP.
Using a CPU without on-board GPU can save a few Watts, I've tested that on earlier gen CPUs. I'm not sure if disabling it does much though. On more recent devices other users have demonstrated that loading a graphics driver that can put the GPU into an idle state can produce a decent saving. -
@stephenw10 BIOS update successful, but I have an embarrassing question - how do I install pfsense? ha ha
The last time I did it was when we had nano-bsd images and now we have the memstick images. I RUFUS'ed the image to CF, inserted it into the M400, booted, select install, select keyboard, then I get stuck when asked to partition the disk. ZFS takes me down some RAID path, UFS BIOS says "device busy", UFS EUFI also says "device busy". Any pointers?
Thanks!
-
@eisenb11 oh, nevermind - I just had to try a few times and it moved forward.
-
I have an M400 which I have tried to flash with Zanthos' BIOS. Have used a CH341A SPI Flash Reader and ASprogammer. When I start up the Wathguard it is on for 3-4 seconds and then it turns off again. Is there something I did wrong or has the flash itself failed? It said that everything was successful.
-
Hmm, that's not good. Could be either with those symptoms.
You might try re-flashing it. Or restoring the old file if you backed it up.
-
@stephenw10 Tried to reflash and restore back to the original BIOS without success. Have also tried another PSU, but with the same result.
-
Hmm, not sure what else to suggest. Had you swapped out any hardware before that?
-
@stephenw10 Have not replaced any hardware. It should be said that I tried a long time ago to flash the bios with software flash with Zanthos' version and that's when it failed. Finally ordered an SPI reader and thought it would work. I extracted the original BIOS from an identical M400 that I have that works. It might not work?
-
I would expect it to work. It's possible you had a hardware failure that happened to coincide with the original BIOS flash attempt of course. Seems pretty unlikely but....
-
@stephenw10 Tried to find a detailed overview of the motherboard, but can't find it anywhere. Do you know where I can possibly find it?
-
The Lanner FW-7585 manual is the closest you're likely to find. It's not exactly the same but close enough.
-
@stephenw10 Thank you very much! Will have to see if I can get the M400 to stay on.
-
@stephenw10 Hello. I tried the link you shared for the fan control software, but it's doesn't work anymore.
I went to git and downloaded the .c code, but it won't run. I assume I need to compile it which I'm unfamiliar with how to do.
When I do try to run it even as root, I get permission denied.
This is on an M400 with Stock bios.
Thanks -
Which link? I put a compiled binary up on github that should work, here.
Otherwise, yes, you'd have to compile it in FreeBSD and copy it to pfSense.
Steve
-
@stephenw10 said in Watchguard Firebox M400/M500:
Turns out it was relatively easy to add the fan control to WGXepc as it's pretty much identical to the Mx70 boxes. Though I managed to break it several times by not setting enough things and ending up with a negative temperature/speed ramp.
So find the updated code: https://github.com/stephenw10/WGXepc/blob/master/WGXepc.c
And a compiled binary here for those willing to trust it.This is the file I'm referring to.