Symantec Security Gateway 5420
-
Success!
I'm glad I happened into this post yesterday. We had a Symantec Security Gateway 5420 that was donated sometime this last year. I researched it a little bit and saw there was no more support for it and I didn't really see any reason to set it up. Seeing this post, I went back to check if it was the right model number and it was! I had a few hangups but eventually got it installed. I'll post the steps I used later but for now here is a few things:
Link to english translated blog: http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fgnuler.blogspot.com%2F2008%2F08%2Freciclando-un-appliance.html&sl=es&tl=en&history_state0=
emerio, for me, I installed 1.2.3-RC3 from the CD in another machine. I had to choose the "Easy Install" in order to get to choose the Embedded Kernel. Choosing this re-directs the output to from VGA to Serial. After the setup finishes, choose reboot and then when the computer has restarted to the BIOS screen turn it off and place the drive in your 5420 box. Connect to the terminal at 9600bps with a serial cable and you should see the startup prompt.
Darkk, I haven't been able to get the LCD to work with LCDproc yet but I'm going to keep trying for a bit.
-
Sweet!! Keep us posted and I'd be curious if you were able to finally get the LCD display working.
-
Thanks for the tip focalguy, I will try that. Just need to find a machine that has IDE in it :)
-
Fantastic, worked like a charm! For any others curious, it is pretty much exactly as focalguy described. I used HyperTerminal with 9600 8-N-1. Make sure you disable ACPI and have your hard drive plugged in to Primary!! I had it plugged in to Secondary and it failed.
-
Great! That is true, I had to mess with the jumpers as well. I also got the "mountroot>" prompt. If you type "?" at the prompt it will tell you the possible partitions it sees and you can type the correct one to get it to boot. I can't find an online reference of this problem but it was in the nice new pfSense book I just purchased! After you get it to boot, you need to edit the /etc/fstab file to change the partition it looks for every time it boots.
-
One tip that I must reiterate is to disable ACPI. To do this, once you are in the Web GUI go to Diagnostic | Edit File. For Save/Load from path: enter /boot/device.hints. Hit Load.
At the bottom of the displayed file in the text area add:
hint.acpi.0.disabled="1"
Leave unmodified the other lines. Hit Save. This will allow you to boot without problem because ACPI will be disabled.
-
One odd thing I did notice was that when ACPI was not disabled and pfSense was booting (or trying to) the LCD display statistics! It gave me load information and allowed the use of the front panel. I haven't been able to get back to that point with pfSense booting but it looks promising. I have no idea where it was getting the stats from, however.
-
Yes, that is interesting. I forgot I did the same thing with disabling ACPI but maybe I didn't look at the LCD panel before I made that change. Did you notice any problems with booting without ACPI disabled? I feel like I missed the key press once before changing the device.hints file and it still booted.
I've tried LCDproc but I still can't get it working. I'd be interested if you can get that displaying correctly. Seems like it's not choosing the correct output device.
-
Without ACPI disabled the boot failed. It would hang at disk mount.
When your box is booted does it still say Symantec 1.03 OK on the LCD?
-
Ok. I found another one of these boxes in the back so I'll be setting it up again and I'll check out the ACPI thing again.
Yes, my box does say that exact message on the LCD screen from when the power is turned on.
Unplug the COM port cable that is located near the external com port connector – this seems to drive the external display in which trying to run a console can be a bit confusing at times
I'm also not sure about these instructions. I haven't noticed any difference when that cable is unplugged or plugged in.
-
LCD update…
I was able to write to the LCD display. The actual device (on my box anyways) is /dev/cuad1
From SSH I entered "echo "test" > /dev/cuad1" and it will show up on the bottom line of the LCD.
I also changed the LCDProc file /usr/local/pkg/lcdproc.inc. I made the change below.
case "com2":
$realport = "/dev/cuad1";
break;So, we just need a driver that simply echos to this device statistics that we want....
-
Unplug the COM port cable that is located near the external com port connector – this seems to drive the external display in which trying to run a console can be a bit confusing at times
I'm also not sure about these instructions. I haven't noticed any difference when that cable is unplugged or plugged in.
Hasn't caused me any trouble either.
-
Good work getting LCD working! I was actually looking at that file the other day but ran out of time before I tried any changes. Have you tried all the drivers to see if one works?
Hopefully I'll have a chance to try out the LCD tomorrow.
-
I tried a few. I was looking for a simple "driver" in lcdproc.inc but none seem to do the trick. Seems like it would be incredibly easy to write a driver for this but I am out of steam for today.
-
Any luck on the driver emerio? I haven't been able to test the LCD panel any more but I did get it to display by echoing the same command you had.
I posted some detailed instructions on my blog for this install.
Hoping to get it into the wiki eventuallyIt's now in the wiki here: http://doc.pfsense.org/index.php/Install_pfSense_on_Symantec_5420_Security_Gateway. Hope that will help someone. Only difference is a few photos on my blog.
http://blog.oliverhansen.com/index.php/2009/11/18/install-pfsense-on-symantec-5420-security-gateway/ -
Nice addition to the wiki 8) I haven't messed with the LCD since it is locked away in a room in the basement. I did hook up a pertellian x2040 USB to the box. Supposedly this uses the hd44780 which is in LCDProc. I could not get this to work, either.
-
Is anyone making use of the PCI slot?
-
Just thought I would comment on the running power usage of this. I used a kill-a-watt which reads 100 watts running usage.
-
100W? Yowza that is a lot.
I've had normal PCs (small form factor) that only ran in the mid 30s.
-
I am guessing that since we turn off ACPI in our boot up combined with any BIOS settings that would disable power management we have those results. I am not sure what is using so much juice! It is just a celeron with an HD…
