PFSENSE on TrendMicro network virus wall 1200?
-
Hi all,
i have a TrendMicro network virus wall 1200 that i lifted the hud on and it has a PCM/POD-9578 motherboard with a CF card reader P-III 1.2ghz CPU and 256MB ram, please see http://support.advantech.com.tw/support/DownloadSearchByProduct.aspx?keyword=PCM-9579 for more specs and manuals etc.
it has 3 NICs however when i install pfsense on it non of the nics work, i have copied and pasted the system boot up process below for you.
only 1 of the nics is working FXP1 however i can not ping the address i have given it, i gave it 192.168.200.26/24 so i could thenaccess the web config and play with it, however i am unable to do this.
any ideas ?
Enter an option: 1 FreeBSD 2 FreeBSD Boot: 1 /boot.config: -h Consoles: serial port BIOS drive C: is disk0 BIOS 640kB/260032kB available memory FreeBSD/i386 bootstrap loader, Revision 1.1 (sullrich@FreeBSD_7.2_pfSense_1.2.3_snaps.pfsense.org, Mon Dec 7 21:59:24 EST 2009) Loading /boot/defaults/loader.conf /boot/kernel/kernel text=0x739788 data=0x13cf6c+0x51c80 / \ Hit [Enter] to boot immediately, or any other key for command prompt. Booting [/boot/kernel/kernel]... Copyright (c) 1992-2009 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 7.2-RELEASE-p5 #0: Mon Dec 7 22:22:52 EST 2009 sullrich@FreeBSD_7.2_pfSense_1.2.3_snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.7.i386 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Celeron(TM) CPU 1200MHz (1195.86-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x6b4 Stepping = 4 Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory = 267321344 (254 MB) avail memory = 247549952 (236 MB) wlan: mac acl policy registered cryptosoft0: <software crypto="">on motherboard padlock0: No ACE support. acpi0: <intelr awrdacpi="">on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) acpi0: reservation of 0, a0000 (3) failed acpi0: reservation of 100000, fdf0000 (3) failed Timecounter "ACPI-safe" frequency 3579545 Hz quality 850 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0 acpi_button0: <power button="">on acpi0 pcib0: <acpi host-pci="" bridge="">port 0xcf8-0xcff on acpi0 pci0: <acpi pci="" bus="">on pcib0 vgapci0: <vga-compatible display="">mem 0xe0000000-0xe3ffffff,0xe6000000-0xe607ffff irq 5 at device 2.0 on pci0 pcib1: <acpi pci-pci="" bridge="">at device 30.0 on pci0 pci1: <acpi pci="" bus="">on pcib1 fxp0: <intel 100="" 82801ba="" cam="" (ich2="" 3)="" pro="" ethernet="">port 0xc000-0xc03f mem 0xe5042000-0xe5042fff irq 10 at device 8.0 on pci1 miibus0: <mii bus="">on fxp0 inphy0: <i82562et 10="" 100="" media="" interface="">PHY 1 on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp0: Ethernet address: 00:d0:c9:95:0d:c3 fxp0: [ITHREAD] fxp1: <intel 10="" 100="" 82559er="" embedded="" ethernet="">port 0xc400-0xc43f mem 0xe5040000-0xe5040fff,0xe5000000-0xe501ffff irq 11 at device 9.0 on pci1 miibus1: <mii bus="">on fxp1 inphy1: <i82555 10="" 100="" media="" interface="">PHY 1 on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp1: Ethernet address: 00:d0:c9:95:0d:c1 fxp1: [ITHREAD] fxp2: <intel 10="" 100="" 82559er="" embedded="" ethernet="">port 0xc800-0xc83f mem 0xe5041000-0xe5041fff,0xe5020000-0xe503ffff irq 12 at device 11.0 on pci1 miibus2: <mii bus="">on fxp2 inphy2: <i82555 10="" 100="" media="" interface="">PHY 1 on miibus2 inphy2: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp2: Ethernet address: 00:d0:c9:95:0d:c2 fxp2: [ITHREAD] isab0: <pci-isa bridge="">at device 31.0 on pci0 isa0: <isa bus="">on isab0 atapci0: <intel ich2="" udma100="" controller="">port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xf000-0xf00f at device 31.1 on pci0 ata0: <ata 0="" channel="">on atapci0 ata0: [ITHREAD] ata1: <ata 1="" channel="">on atapci0 ata1: [ITHREAD] uhci0: <intel 82801ba="" bam="" (ich2)="" usb="" controller="" usb-a="">port 0xd000-0xd01f irq 11 at device 31.2 on pci0 uhci0: [GIANT-LOCKED] uhci0: [ITHREAD] usb0: <intel 82801ba="" bam="" (ich2)="" usb="" controller="" usb-a="">on uhci0 usb0: USB revision 1.0 uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usb0 uhub0: 2 ports with 2 removable, self powered pci0: <serial bus,="" smbus="">at device 31.3 (no driver attached) uhci1: <intel 82801ba="" bam="" (ich2)="" usb="" controller="" usb-b="">port 0xd800-0xd81f irq 9 at device 31.4 on pci0 uhci1: [GIANT-LOCKED] uhci1: [ITHREAD] usb1: <intel 82801ba="" bam="" (ich2)="" usb="" controller="" usb-b="">on uhci1 usb1: USB revision 1.0 uhub1: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usb1 uhub1: 2 ports with 2 removable, self powered acpi_tz0: <thermal zone="">on acpi0 speaker0: <pc speaker="">port 0x61 on acpi0 sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A, console sio0: [FILTER] sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0 sio1: type 16550A sio1: [FILTER] ppc0: <parallel port="">port 0x378-0x37f,0x778-0x77b irq 7 on acpi0 ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode ppbus0: <parallel port="" bus="">on ppc0 ppbus0: [ITHREAD] ppi0: <parallel i="" o="">on ppbus0 ppc0: [GIANT-LOCKED] ppc0: [ITHREAD] cpu0: <acpi cpu="">on acpi0 acpi_throttle0: <acpi cpu="" throttling="">on cpu0 orm0: <isa option="" rom="">at iomem 0xc0000-0xc9fff pnpid ORM0000 on isa0 Timecounter "TSC" frequency 1195861677 Hz quality 800 Timecounters tick every 10.000 msec IPsec: Initialized Security Association Processing. ad2: 488MB <sandisk sdcfb-512="" 1mb="" 0719="">at ata1-master PIO4 WARNING: Expected rawoffset 0, found 63 WARNING: Expected rawoffset 0, found 448623 Trying to mount root from ufs:/dev/ufs/pfsense0 Setting up embedded specific environment... done. ___ ___/ f \ / p \___/ Sense \___/ \ \___/ Welcome to pfSense 1.2.3-RELEASE... Mounting filesystems... done. Creating symlinks......done. Launching the init system... done. Initializing.................. done. Starting device manager (devd)...done. Loading configuration......done. Updating configuration...done. Cleaning backup cache...done. Setting up extended sysctls...done. Syncing user passwords...done. Starting Secure Shell Services...done. Setting timezone...done. Setting up microfxpcode and tx/rx o0ffloading...: link state changed to DOWN fxp1: link state changed to UP done. Configuring LAN interface...done. Configuring WAN interface...done. Configuring OPT finterfaces...xdone. p2: link state changed to DOWN Configuring CARP interfaces...done. Starting syslog...done. Starting OpenNTP time client...done. Configuring firewall......done. Starting webConfigurator...done. Starting DNS forwarder...done. Starting FTP helpers...done. Final filter pass......done. Generating RRD graphs...done. Starting CRON... done. Executing rc.d items... Starting /usr/local/etc/rc.d/*.sh...done. appending output to nohup.out Bootup complete FreeBSD/i386 (pfSense.local) (console) *** Welcome to pfSense 1.2.3-RELEASE-nanobsd on pfSense *** WAN -> fxp0 -> NONE(DHCP) LAN* -> fxp1 -> 192.168.200.26 pfSense console setup *************************** 0) Logout (SSH only) 1) Assign Interfaces 2) Set LAN IP address 3) Reset webConfigurator password 4) Reset to factory defaults 5) Reboot system 6) Halt system 7) Ping host 8) Shell 9) PFtop 10) Filter Logs 11) Restart webConfigurator 12) pfSense Developer Shell 13) Upgrade from console 14) Enable Secure Shell (sshd) Enter an option:</sandisk></isa></acpi></acpi></parallel></parallel></parallel></pc></thermal></intel></intel></intel></serial></intel></intel></intel></ata></ata></intel></isa></pci-isa></i82555></mii></intel></i82555></mii></intel></i82562et></mii></intel></acpi></acpi></vga-compatible></acpi></acpi></power></intelr></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>
-
You need a crossover cable if connecting directly to another computer?
-
You need a crossover cable if connecting directly to another computer?
i am connected to a netgear switch, and to make sure it was not the switch i have connected it to a dell switch too…. and still no look.
-
From the console, get a shell (option 8) and try to ping something on your local network. Can you ping your default gateway?
-
From the console, get a shell (option 8) and try to ping something on your local network. Can you ping your default gateway?
Nope i can not ping anything.
-
Sorry if this sounds basic, but have you tried using the other 2 NICs? Maybe you have the cable plugged into the wrong one?
-
Sorry if this sounds basic, but have you tried using the other 2 NICs? Maybe you have the cable plugged into the wrong one?
no its not a basic question but yes i have tried all of them and only one port's LEDs flash when the cable is plugged in and that port is not pingable nor can i ping anything from shell etc…
i have used PFSENSE before on a couple of watchgaurds and it worked fine on there, but on this board it does not seem to like the NICS......
-
Please post the output of the pfSense shell command ifconfig -a
When you run a ping on pfSense do the activity LEDs on the Netgear switch register anything? Does a trace (tcpdump) on the ping target show any incoming frames?
If you switch roles (so the pfSense box becomes the ping target) does a trace of pfSense show any incoming frames?
-
Please post the output of the pfSense shell command ifconfig -a
When you run a ping on pfSense do the activity LEDs on the Netgear switch register anything? Does a trace (tcpdump) on the ping target show any incoming frames?
If you switch roles (so the pfSense box becomes the ping target) does a trace of pfSense show any incoming frames?
fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=8 <vlan_mtu>ether 00:d0:c9:95:0d:c3 inet6 fe80::2d0:c9ff:fe95:dc3%fxp0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (none) status: no carrier fxp1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=9 <rxcsum,vlan_mtu>ether 00:d0:c9:95:0d:c1 inet 192.168.200.26 netmask 0xffffff00 broadcast 192.168.200.255 inet6 fe80::2d0:c9ff:fe95:dc1%fxp1 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (100baseTX <full-duplex>) status: active fxp2: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500 options=9 <rxcsum,vlan_mtu>ether 00:d0:c9:95:0d:c2 media: Ethernet autoselect (none) status: no carrier enc0: flags=0<> metric 0 mtu 1536 lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 pfsync0: flags=41 <up,running>metric 0 mtu 1460 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128 pflog0: flags=100 <promisc>metric 0 mtu 33204</promisc></up,running></up,loopback,running,multicast></rxcsum,vlan_mtu></broadcast,simplex,multicast></full-duplex></rxcsum,vlan_mtu></up,broadcast,running,simplex,multicast></vlan_mtu></up,broadcast,running,simplex,multicast>
also there is no record of pings on either machine i try and ping, and there is no trace on pfsense etc
-
ok forget that last post my wireshark program foooked up on me, please see the screen shot, it seems that the device is sending pings out and my computer is trying to reply to them but my computer can not ping nor access the web interface…. both machines say 100% of packets lost..... im confuzzeld.... i have also tried the same thing from other computers and the same thing hapens i get pings showing in wireshark but i can not ping the device ...... strange................ and the other two interfaces are still not working either. very odd.....
-
And you are sure the settings on the switch are set to auto for NIC speed???
-
And you are sure the settings on the switch are set to auto for NIC speed???
yep, i have tried this is 2 switches Netgear, Dell and the same thing happens…..
-
I don't remember the exact details but there was a bug in the fxp driver such that it erroneously marked some fxps as having some type of hardware checksum capability. I suggest you try disabling hardware checksum offload (in web GUI: System -> Advanced, scroll down to Hardware Options and check the box Disable Hardware Checksum Offloading then click the Save button and try again.
-
I don't remember the exact details but there was a bug in the fxp driver such that it erroneously marked some fxps as having some type of hardware checksum capability. I suggest you try disabling hardware checksum offload (in web GUI: System -> Advanced, scroll down to Hardware Options and check the box Disable Hardware Checksum Offloading then click the Save button and try again.
thats good advice, but how am i ment to do this when i can not access the gui ?
-
thats good advice, but how am i ment to do this when i can not access the gui ?
Sorry, senior's moment :)
At the pfSense shell prompt issue the command ifconfig fxp1 -rxcsum (assuming you are still using fxp1).
You would need ifconfig fxp1 -rxcsum -txcsum -tso to turn off all checksum capablities but the ifconfig output you displayed earlier says only rxcsum is enabled so the first command should be sufficient. -
thats good advice, but how am i ment to do this when i can not access the gui ?
Sorry, senior's moment :)
At the pfSense shell prompt issue the command ifconfig fxp1 -rxcsum (assuming you are still using fxp1).
You would need ifconfig fxp1 -rxcsum -txcsum -tso to turn off all checksum capablities but the ifconfig output you displayed earlier says only rxcsum is enabled so the first command should be sufficient.Many Thanks for this, as soon as i typed in the command i got pings….. however the other 2 interfaces are still not working ..... i only have 1 NIC working..... what else do you suggest?
-
I downloaded the manual and had a quick scan. Perhaps the jumpers for the onboard LAN controller power supply are missing or don't jumper.
It appears the PCI slot is occupied by a dual port card. I'm guessing one port on that card is fxp1. Perhaps the other port is wired with the opposite polarity and you should try a cross over cable (though the switch should automatically adjust if its reasonably modern).
Perhaps the two ports that don't currently work are terminally broken. You might be able to purchase an equivalent dual port card on eBay. The board supposedly has two USB ports. You could use one for a NIC.
A further scan of the manual suggests the onboard ethernet is supposedly a Realtek 8139. Maybe the PCI slot has a three port card and the onboard Ethernet is disabled in the BIOS.
Update: You said this was a PCM-9578 but the web link pointed to PCM-9579. Significant?
-
i have verified the network ports work with the oringial trendmicro antivirus CF card also the board is correct just its not listed on there site for some reason so i choose the nearest board on there site etc.
i will look at the power settings for the ports later as im at work at the mo..
many thanks for your help
-
At the pfSense shell prompt issue the command ifconfig fxp1 -rxcsum (assuming you are still using fxp1).
Many Thanks for this, as soon as i typed in the command i got pings….. however the other 2 interfaces are still not working ....
Dumb question: did you turn off checksum offloading for the other IFs as well? By console as you did for FXP1 or through the now available GUI?
The datasheet following your link says it only has one Realtek NIC. Where are those Intel's connected to? Onboard or PCIIs this more like the board you have: http://support.advantech.com.tw/support/DownloadSearchByProduct.aspx?keyword=PCM-9578
This would have 4 onboard NICs, though… -
i have run the command on the other interfaces and it did not work, the other nics are on the board not on a pci card, there is no pci slot on the board, there are only 3 nics as the pic i hae linked to shows.
http://www.shout.com.hk/trend/eps/Network%20VirusWall%20photo%20-%20front.jpg
the one of the far right is the only working port in PFsense, however in the trendmicro software all 3 interfaces work…..