Symantec Security Gateway 5420
-
Thanks for sharing Gryphon. I'm glad you got it working! That's interesting about the ACPI. I admit I didn't test too much with that after I got it working.
How did you get LCDproc to work? What driver/settings did you use? I never was able to get it to display anything.
As for looking for files, why not just enable SSH and use that to get into the box instead of the console?
-
so does anyone know how much power this uses with acpi turned on? The 100 watts stated on page 2 is with acpi turned off i believe.
-
Happy to report another successful conversion - although I have been unable to get the LCD to quit proclaiming "Symantec OK" in some cheeky challenge. I had a Symantec 1660 which I was hoping to use due to its smaller form factor and gigabit Ethernet but it was DOA and I couldn't figure out how to revive it. I guess 100MB should be okay for now on a home cable modem.
I've disabled ACPI for now but if enough folks think it would be okay to re-enable that would be great. Having to manually turn off the machine when HALT is called is a little annoying.
Does anybody know if the CF card slot is live on this motherboard and could be used for a diskless boot?
Overall though, I'm very happy with my new to me 1U firewall box in place of the rescued Dell Optiplex desktop tower.
-
Whoa! Good to see this thread is still kickin after my hiatus. I stopped working with this unit because my power supply failed (or so I think). I threw in a P4 CPU which may have caused the PS to prematurely fail… Anyways, I was never able to get the CF to boot. I was using a 133x RiDATA card if that makes a difference. Once I replace the PS I plan to reload the OS. I'll take another power read with ACPI on. Not sure if these old CPUs have any power saving features however.
-
Without ACPI disabled the boot failed. It would hang at disk mount.
When your box is booted does it still say Symantec 1.03 OK on the LCD?
Sorry hadn't been around a while - but getting back into my "forum trolling" :)
Yea, my original post was more of a "yes it can be done" post, not so much a "Here is how to do it" so kudos for the wiki how to focalguy, appreciate the ping back. Glad to see some folks using the Symantec device - it does have some power left in her!
Yes it does display Symantec 1.03 OK still on the LCD. Still working on getting that up and running. And yes, I probably should have mentioned that I first did the "install" on another rig to get the source on the HD. I was too giddy that I got it working I didn't really do a great job on the OP.
:)
Dayblade
-
Just got my 5420, got everything running. I think I have the deal with ACPI and the LCD figured out:
When booting with ACPI enabled the LCD is COM 1 (/dev/cuad0) and the embedded kernel outputs console to COM 1 automatically, and your console port is COM 2 (/dev/cuad1).
When booting with ACPI disabled the console port is now COM 1 (/dev/cuad0) and the LCD is now COM 2 (/dev/cuad1).
So with ACPI disabled I was able to use lcdproc with the EyeboxOne driver to get the lcd working…mostly...it displays everything but sometimes the text gets jumbled together. I'm gonna keep working on it and I'll let you know my progress.
In the meantime does anyone know how to force the embedded kernel to output console to COM 2 instead of COM 1?
-
The lcterm driver works better except only the bottom line of the display works, recorded a video for you(cell phone so quality sucks):
Here are the instructions if you want to get to this point:
1. Disable ACPI (see earlier post)
2. Install lcdproc package
3. Edit "/usr/local/pkg/lcdproc.inc" (you can use the edit file option under diagnostics in the web ui)
Find this section:/* lcdproc default driver definitions */
switch($lcdproc_config[driver]) {Then add the following right below that(between the switch statement and the first case statment):
case "lcterm":
$config_text .= "[{$lcdproc_config['driver']}]\n";
$config_text .= "Device=/dev/cuad1\n";
break;
4. Services -> LCDproc - Check Enable, and choose "lcterm" for the driver(port and display size won't make a difference). Save. Then go to the screens tab and enable the information you want. Save.
5. Reboot! -
Just tried 2GB of mem…worked just fine:
Copyright (c) 1992-2009 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 7.2-RELEASE-p5 #0: Sun Dec 6 23:05:10 EST 2009
sullrich@FreeBSD_7.2_pfSense_1.2.3_snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.7.i386
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 2.00GHz (1992.62-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf29 Stepping = 9
Features=0xbfebf9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe>Features2=0x4400 <cnxt-id,xtpr>real memory = 2139029504 (2039 MB)
avail memory = 2083807232 (1987 MB)</cnxt-id,xtpr></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe> -
If you want to use a pci video card, hook up a usb keyboard and do the following:
1. Right after turning on power, press delete several times(to get into the bios)
2. wait a minute or two(for it to get into the bios)
3. press the down arrow once
4. enter
5. down arrow 5 times
6. right arrow once
7. F10
8. enterNow it should reboot and use the pci video card. FYI - my backup battery was dead so when i turned the main power off I lost my bios changes.
-
Hey jmcentire, thanks for all the tips! I will definitely try to get some time to try the LCDproc later this week. Would be really nice to have that working.
-
If you want ACPI enabled and console redirected to the console port you have to disable the serial port for the lcd, plug in a usb keyboard and do the following:
1. Right after turning on power, press delete several times(to get into the bios)
2. wait a minute or two(for it to get into the bios)
3. press the down arrow 6 times, to get to the peripherals menu
4. enter
5. down arrow 2 times, to get to Serial Port 1
6. enter
7. up arrow 2 times, to select Disabled
8. enter
9. F10, to bring up exit menu
10. enter, to save and exitOnly downside is you won't be able to use the LCD on the front.
-
FYI - if your bios changes are not sticking, change the bios backup battery. I now have 15 of these 5420s and so far 4 have needed new batteries.
-
So are these pretty reliable? No issues with lockups when connecting via the web interface (ala Watchguard)?
I'm thinking about picking some up for use in remote offices that have 10 users or so connected to our main office via wireless bridges… -
Yea, great reliability for me. I have a second just in case but this one has been running with no problems for probably close to a year now. About 20 remote sites connected via IPSec and 4 via OpenVPN so it gets plenty of use.
-
So far so good, I have 8 in production use and a couple test boxes. All have been running with no problems.
-
Yup still running here!
I have 3 of them, all with 2gb of RAM.(2) are running Symantec Endpoint Protection Manager ( ;D) on Win Server 2008.
(1) is a VM host for development.Bradford Giosa
-
I feel silly posting this, but I having a tough time with the serial port connection. Do I have to do anything special to get a serial connection going? I have tried Hyperterm and Putty with a DB9 cable with no success.
-
Fantastic, worked like a charm! For any others curious, it is pretty much exactly as focalguy described. I used HyperTerminal with 9600 8-N-1. Make sure you disable ACPI and have your hard drive plugged in to Primary!! I had it plugged in to Secondary and it failed.
The settings listed there should work. You need to follow the instructions though and do an embedded install so that output goes to the serial port and not VGA.
-
hi guys!!
I'm trying to put him on 2.0 Beta 5 and I think I have something wrong because it does not start :-), I can put your device.hints?
%cat /boot/device.hints
many thanks
-
$ cat /boot/device.hints # $FreeBSD: src/sys/i386/conf/GENERIC.hints,v 1.16.8.1 2009/04/15 03:14:26 kensmith Exp $ hint.fdc.0.at="isa" hint.fdc.0.port="0x3F0" hint.fdc.0.irq="6" hint.fdc.0.drq="2" hint.fd.0.at="fdc0" hint.fd.0.drive="0" hint.fd.1.at="fdc0" hint.fd.1.drive="1" hint.ata.0.at="isa" hint.ata.0.port="0x1F0" hint.ata.0.irq="14" hint.ata.1.at="isa" hint.ata.1.port="0x170" hint.ata.1.irq="15" hint.adv.0.at="isa" hint.adv.0.disabled="1" hint.bt.0.at="isa" hint.bt.0.disabled="1" hint.aha.0.at="isa" hint.aha.0.disabled="1" hint.aic.0.at="isa" hint.aic.0.disabled="1" hint.atkbdc.0.at="isa" hint.atkbdc.0.port="0x060" hint.atkbd.0.at="atkbdc" hint.atkbd.0.irq="1" hint.psm.0.at="atkbdc" hint.psm.0.irq="12" hint.vga.0.at="isa" hint.sc.0.at="isa" hint.sc.0.flags="0x100" hint.vt.0.at="isa" hint.vt.0.disabled="1" hint.apm.0.disabled="1" hint.apm.0.flags="0x20" hint.sio.0.at="isa" hint.sio.0.port="0x3F8" hint.sio.0.flags="0x10" hint.sio.0.irq="4" hint.sio.1.at="isa" hint.sio.1.port="0x2F8" hint.sio.1.irq="3" hint.sio.2.at="isa" hint.sio.2.disabled="1" hint.sio.2.port="0x3E8" hint.sio.2.irq="5" hint.sio.3.at="isa" hint.sio.3.disabled="1" hint.sio.3.port="0x2E8" hint.sio.3.irq="9" hint.ppc.0.at="isa" hint.ppc.0.irq="7" hint.ed.0.at="isa" hint.ed.0.disabled="1" hint.ed.0.port="0x280" hint.ed.0.irq="10" hint.ed.0.maddr="0xd8000" hint.cs.0.at="isa" hint.cs.0.disabled="1" hint.cs.0.port="0x300" hint.sn.0.at="isa" hint.sn.0.disabled="1" hint.sn.0.port="0x300" hint.sn.0.irq="10" hint.ie.0.at="isa" hint.ie.0.disabled="1" hint.ie.0.port="0x300" hint.ie.0.irq="10" hint.ie.0.maddr="0xd0000" hint.fe.0.at="isa" hint.fe.0.disabled="1" hint.fe.0.port="0x300" hint.le.0.at="isa" hint.le.0.disabled="1" hint.le.0.port="0x280" hint.le.0.irq="10" hint.le.0.drq="0"