Successful Install on Watchguard Firebox X700!

stephenw10

This post and those following it explain what's happening:
http://forum.pfsense.org/index.php/topic,7458.msg84688/topicseen.html#msg84688

Assuming you installed pfsense to the HD by booting from a cd in a laptop.
If you select full install then the serial console isn't enabled by default so you can't see any errors.
You need to boot up the HD in the laptop and then, in the webgui, enable the serial console.

Steve

BigF

Hi Folks,

I thought I'd share my stress and success on getting pfsense running on an old Watchguard X700.
The box is using a 8GB CF card which has replaced the original 64Mb Watchguard CF Card.  (That's got monowall on it now, but don't tell anyone on this forum!)

Install was pretty straight forward - thanks to a Doug Mitchell - http://dougmitchell.us/?p=401

However where I had an absolutely nightmare was trying to create VPN's.  I have three VPN's - one to work (Watchguard x750e firewall), one to home test network (Watchguard X5) and one for my wife (Draytek Vigor 2820 Firewall).  Yes she gets her own network!

Although I got the VPN's up and running and all firewalls confirmed that the VPN's were indeed there, no end of playing around with firewall rules, examination of logs could produce any clue as to what the issue was.

Finally I had a thought; the Watchguard X firewalls have a VPN Accelerator…..I wonder....

Removed one VPN accelerator card (AV-SFB160) and switched back on.  VPN's started pinging straight away.

Other mods; cut a hole above the CPU and put a 92mm fan above.  The original CPU blower along with the three fans by the memory are just way too noisy!

Now everything is working a treat.
Lovin' pfsense - well done to everybody involved in such a great product.

All the best,

BigF

stephenw10

Another convert!  ;D

Shame you couldn't get the Safenet card working as really boosts the VPN throughput (allegedly).
What type of vpns are you using? Which Pfsense version are you using?
Using IPSEC the Safenet card should be used automatically but OpenVPN or pptp you need to enable it.
You have to be using an encyption that is supported by it also.

Steve

Edit: Scrub that! I see your box didn't have the Safenet SafeXcel 1141. Odd.  ???

valnar

What kind of hardware is in these things?  CPU, memory, NIC model, etc?

stephenw10

See first posts in this thread for more detail but as standard….
1.2GHz Celeron (P3 core), 256MB, 6X Realtek NICs, Compact flash slot, mini-PCI slot (usually with SafeXcel 1141!).
All of that is upgradable, except the NICs unfortunately.  :(

Steve

Edit: Did I imagine it or has this thread been merged?

jdetmold

Same problem as some other people
i have successfully imaged 2.0 beta 5 from jan 15th to a 4gig cf card and have my x700 booting from it
i can then set my wan and lan ports alright
then the console continues to "Bootup complete"
then stops nothing more happens… i have tried connecting my laptop to port 1 (that i set as lan) and nothing

any ideas?

imaging with 1.2.3 works fine for me as well

i can update from the web gui and then use teh 2.0 web gui but the console still stops at "Bootup Complete"

Brak

@jdetmold:

Same problem as some other people
i have successfully imaged 2.0 beta 5 from jan 15th to a 4gig cf card and have my x700 booting from it
i can then set my wan and lan ports alright
then the console continues to "Bootup complete"
then stops nothing more happens… i have tried connecting my laptop to port 1 (that i set as lan) and nothing

any ideas?

imaging with 1.2.3 works fine for me as well

i can update from the web gui and then use teh 2.0 web gui but the console still stops at "Bootup Complete"

Same issue still.

I also noticed that if I did activate the Serial console from inside the webGUI, the firebox is essentially bricked on the next boot. webGUI won't work, and console still doesn't.

jdetmold

is console not already activated on embedded?
or are you running full from a hdd?

stephenw10

With that and your LCD script problem it could be a problem with the lastest snapshot.
I'm running a Jan 13th beta5 in my x750e without problems.

Steve

jdetmold

thanks! i'll give that a try!

jdetmold

jan 13th will also not go past "Bootup Complete" havent tested lcd yet

jdetmold

tested rw on jan 13th build with the same result

[2.0-BETA5][root@pfSense.localdomain]/var/tmp(6): tar -xvf lcdd3.tar
x ./install-embed.lcdd.sh
x ./lcdd/
x ./lcdd/drivers/
x ./lcdd/LCDd.conf
x ./lcdd/lcdd.sh
x ./lcdd/lcdproc
x ./lcdd/LCDd
x ./lcdd/drivers/curses.so
x ./lcdd/drivers/sdeclcd.so
x ./lcdd2.tar
[2.0-BETA5][root@pfSense.localdomain]/var/tmp(7): ./install-embed.lcdd.sh
[2.0-BETA5][root@pfSense.localdomain]/var/tmp(8): cd /lib
[2.0-BETA5][root@pfSense.localdomain]/lib(9): /etc/rc.conf_mount_rw
[2.0-BETA5][root@pfSense.localdomain]/lib(10): ln -s libc.so.7 libc.so.6
ln: libc.so.6: Read-only file system

jdetmold

not sure where the change is but i was not able to change to rw on 17 or 13 went back to dec 3rd and that seems to work fine although still stops at "Bootup complete"

hope this changes back before the real release :)

jdetmold

just tried testing the throughput with ftp.

stephenw10

Well this is strange.  ???
I just tested on Jan 13th Beta5 and the simlinks are created just fine, no errors.
What type of install are you using? I'm assuming, perhaps wrongly, that you are using a nanobsd image on a CF card.
However it should still work on a full HD install you just don't need to remount the filesystem.

91Mb/s looks good though.  ;D

Steve

Edit: However what is a bit odd is that I can still create simlinks even after remounting read only.

jdetmold

Yes I'm using a 4g nanobsd image on cf card.
I should also mention for the dec 3rd build I also did an update from 1.2.3.

And I'm not sure if it's happened to anyone else but some rrd graphs don't work.

Are you able to write to the file system before making it rw? (is the rw command working but not ro?)

jdetmold

just a thought… i did the 3rd build as an update and it allowed me to set rw, has anyone had it work on a fresh build? I will try it latter if i get a change but if most people are doing updates could the update be leaving access to rw? and fresh install not?

also could this be the case with the "Reboot complete" issue?

stephenw10

I'm running both Dec 18th Beta4 and Jan 13th Beta5.
I am using a 1GB image on a 4GB card though. Mostly because it's takes so long to write the card in my reader but there could be a difference. Image corrupted somehow? Some 4GB cards aren't actually big enough for the 4GB image.

Steve

jdetmold

easy enough to test i'll try the 1 gig

tehtrk

@intera5:

@Brak:

@intera5:

I bought today an X700 firebox, flashed latest nightly on a 4GB CF, and inserted on Firebox.

Firebox booted correctly into pfSense, followed the setup and assigned two NICs, and then continue booting until "Bootup complete" message, and beeper play pfSense ring. And nothing …. serial terminal don't respond, no welcome string, no main menu, no Control+C response, nothing ....

Only way is switching off the Firefox.

What I'm doing wrong ?

Edit: I already tried with differents nightlies, with equal results. Tried different NIC configurations, with LAN cables pluged and unplugged ... Nothing. Already tried the "hint.acpi.0.disabled=1". Nothing.

(sorry for my bad english)

Thanks!

I have the same issue, but even tho the console was useless the webgui was up on the LAN port.

I have since taken a break from working on the Firebox, waiting on my 512 RAM, 1.4Gz Celeron and 4GB microdrive to arrive.

But, it's the first run. I have no chance to assign an IP address to the LAN port. So, how can I access the webgui without an IP address ?

Edit: pfSense 1.2.3 works perfectly. So, problem is with 2.0-BETA5.

Thanks.

Were there ANY bios changes?

Also, if it helps, I had to chose "revert to factory settings" in the pfSense console menu. I then restored certain parts of my config. A fresh install might be worth trying if this is not one.