Successful Install on Watchguard Firebox X700!
-
BTW whoever fixed the bootup and shutdown beeps in RC4 THANK YOU! I swear this thing would sit and beep for a minute and a half whenever I started it up.
And it seemed to boot a lot faster and is using quite a bit less memory than RC3 was!
-
Hey this is pretty cool. I just found myself a x700 box on bay for cheep and am anxious to give this a try. You start pricing out the newer alix boards, if you can find a good deal on one of these it really makes sense. These seem to have a more powerful CPU.
-
how noisy are these boxes? Anything like the nokia Ip330's? Also, I dont see your crypto card being recognized in your dmesg.
-
how noisy are these boxes? Anything like the nokia Ip330's? Also, I dont see your crypto card being recognized in your dmesg.
Yea i'd be curious to know too. From what it looks like there are only 3 fans in the back. I'm hoping its quite.
Like you, I also noticed nothing about the encryption card in his dmesg log; I'll also be looking to try to figure that piece out when I get my paws on mine.
-
Dunno if you had tried this, but I figured I'd attempt just swapping their CF card out for one with the pfSense embedded image on it. No luck that way. :( (Figured I'd mention it in case anyone else had the same thought.) Guess it's off to scrounge up a spare hard disk.
-
Dunno if you had tried this, but I figured I'd attempt just swapping their CF card out for one with the pfSense embedded image on it. No luck that way. :( (Figured I'd mention it in case anyone else had the same thought.) Guess it's off to scrounge up a spare hard disk.
I wonder if a simple IDE to CF adapter would work?
-
anyone tried a full hard drive install with a IDE adapter, instead of embedded ?
(-edited to add, this works fine)
-
On another platform, yes. The FX5620 comes with a built in IDE-CF adaptor and I plugged a microdrive in then did a full install onto that.
-
Would this work on the older WG FB II?
-
Have a look here http://www.ls-net.com/m0n0wall-watchguard/ (Hardware seems to be a bit weak though and remember you'll need 128 mb ram at least).
-
thanks jmcentire and ridnhard19 and pfsense guys…just finished installing pfsense on a watchguard and swapping it in place of my old pfsense box
works great, what a deal..
to those who were wondering about the noise, it is kinda noisy with the 3 fans in the back, compared to a silent embedded device. and be sure to use the hard drive 'cage' if you do a laptop hard drive install like I did, if you just lay the hard drive on the motherboard its likely to short something out and not boot (happened to me)
-
supposedly the mini pci VPN accelerator card is based on the SafeNet SafeXcel 1141 which according to the product brief:
http://www.safenet-inc.com/Library/3/SafeXcel-1141_ProductBrief.pdf"Full driver support is available for
development on the most common Operating
Systems, including Windows, Linux,
VxWorks, NetBSD, and FreeBSD. Additional
OS driver support can be delivered
upon request."says the 1141 is supported in FreeBSD
maybe 1.3 will recognize it ? or maybe we need a diff kernel option compiled in?
driver info-
http://www.mirbsd.org/htman/sparc/man4/safe.htm -
http://www.freebsd.org/releases/6.2R/hardware-i386.html#CRYPTO-ACCEL
It says the SafeNet 1141 is supported already, but still doesn't show up in pfSense.
BTW so far have been running two of these x700/pfsense boxes for a few months in a production environment. No problems whatsoever!
Thanks
-
just had to physically reset my firebox as all network connectivity was lost for no apparent reason :-\ although the LCD was still cycling as normal and the box seemed "alive" (blinking network lights, lcd). but pings, ssh logins, or internet traffic were all frozen
I would have checked the status or rebooted cleanly via serial console, but that brings me to my question.. I am able to see the freebsd bootup sequence for pfsense over a null modem serial connection to my firebox x500, but once bootup is complete and the "beep" sounds, the serial console seems to 'die', and is unresponsive to keyboard input, nor does it update the display on hyperterminal
also I don't see any POST bios/bootup info over the serial console (before the OS starts loading), like I do with my soekris net4501. I only get info over serial once the freebsd kernel bootstraps and it stops once pfsense finishes booting. I'm guessing I might see the BIOS POST if I installed a pci video card, but I haven't messed with that. Maybe if I did install one, I could get into bios setup and fix my serial console issue?
-
Try to check the serial port option at system>advanced and see if that makes a difference for the console. The other issue sounds like you maybe have been running out of states. If that is the case you can bump up that value too at system>advanced.
-
Try to check the serial port option at system>advanced and see if that makes a difference for the console. The other issue sounds like you maybe have been running out of states. If that is the case you can bump up that value too at system>advanced.
duh, I can't believe I missed the serial console option, thanks.
I upped the states to 50,000. I previously had it set to 30,000, although I've never seen it get near that high before. Hopefully it was just a fluke
-
well I've had to reboot my Watchguard 3 times now, I've narrowed down the problem..
in the system logs right before the "lockups", you see "re1 watchdog timeout" repeated serveral times.
from searching the forum, looks like ridnhard19 also had these problems with this firebox..
I issued "echo "hint.acpi.0.disabled=1" >> /boot/loader.conf" in the console and hopefully that will fix this -
If "re1" is one of your interfaces then you might want to use a new cable on it.
Hardware issues (like a bad cable) are much more likely to happen when a system is used over a longer time than suddenly failing for ACPI settings.Just a thought.
Edit:
@Valhalla1:… just finished installing pfsense on a watchguard ...
OK, forget about this. It seems to be a new install.
-
Valhalla1: that "re1 watchdog timeout" message you are getting, I received that also, found out it was the switch the firebox was plugged into. Changed to a different switch and haven't seen that message again, BTW current uptime counter is at 34 days on two of my pfsense/fireboxes.
-
I just did some testing with the hardware on these things, they currently have a 1.2 Ghz Celeron processor. I swapped it out with a 1.4 Ghz Pentium 3:
Copyright
1992-2007 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 6.2-RELEASE-p11 #0: Sun Feb 24 16:38:29 EST 2008
sullrich@builder6.pfsense.com:/usr/obj.pfSense/usr/src/sys/pfSense_wrap.6
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Pentium(R) III CPU family 1400MHz (1403.19-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0x6b1 Stepping = 1
Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>Works perfectly! So if you have any old p3s laying around, swap em out and get a little more performance! Also these boards do support 512 MB sticks of PC133, so as soon as I find some I will be upgrading that as well.Does anyone know a way to test the performance difference between the two such as ipsec encryption speed or anything?</fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>
