Successful Install on Watchguard Firebox X700!
-
FWIW - A bit off topic but it relates to Watchguard platform…
Yesterday I installed Squid, Squid Proxy and am running transparent, setup Squid, setup Country Block, and finally guest wireless services with the portal working. I have 512mem, PIII and this x700 will be for a small office of only 10 to 15 connections so I have plenty of overhead. Today I sandwiched the x700 on my home network and started backing up one of my production websites and downloaded 2.1 gig without a hitch all the time still using the interface and web access working on another site that I was uploading some files to. The x700 took it all in stride and without a hick-up - The box is transparent and causes no lag or delay... Waiting on my next box to arrive that I bought on eBay...
My customer on this first one x700 is still out of town but I will be delivering this sometime in the next 2 weeks. I found a couple good primers that I posted on my nettechonlinedotnet website that link to discussions on DNS blacklist, Squid and Squid Proxy and some other primers. All basic stuff but if anyone is interested it will help you get a foot hold on some of the capabilities of PFS.
-
Yep, battery replaced with one from known working box. Still only boots without battery.
But did you actually measure it? I should be above 3V. Half flat batteries can cause strange behaviour.
Like you say it hangs when trying to read the real time clock from the board, which is powered by the battery. Strange that applying the cmos reset jumper allows it to continue.Is the EPROM the IC almost centre in the brown receptacle? Cause I swapped those between boxes too ;)
You mean this:
That's the bios eeprom which holds the bios code. It's unlikely the serial number would be stored there as there are many ways of accessing that chip. Interesting that swapping it made no difference though.Steve
-
Didnt test it, but both batteries function ok in my workin unit.
I agree very strange that applying the reset jumper when life forces past the RTC point. I'm also hung on the fact that any countdowns don work. Fried RTC?
I thought it might be BIOS EEPROM at first, but changed my mind when I saw an IC with Award label in it, below and about 7.00 from the one pictured.
-
Stuart…
I agree with Steve...
But did you actually measure it? I should be above 3V. Half flat batteries can cause strange behaviour.
Like you say it hangs when trying to read the real time clock from the board, which is powered by the battery. Strange that applying the cmos reset jumper allows it to continue.You said you have another working unit - perhaps use the CMOS battery on that unit in the unit in question to see if you can breathe some life into it?
H.
-
-
I agree very strange that applying the reset jumper when life forces past the RTC point. I'm also hung on the fact that any countdowns don work. Fried RTC?
Yes that would explain it. Hard to change that. If you could look at the bios you could see. That would involve a PCI graphics card. If the RTC is dead the bios may not load since it too will try to read it.
@StuartW:I thought it might be BIOS EEPROM at first, but changed my mind when I saw an IC with Award label in it, below and about 7.00 from the one pictured.
You mean this:
I believe that if you remove the label on that chip you'll find it's the SuperIO chip. I haven't looked on the X-core though.Steve
-
I been working on my x-box 500. I install a full copy on a IDE 160 GB hard drive. Then I powered the Firebox x500 off. I then connected the IDE hard drive and powered it by a external source. I got a boot menu on the LCD but was unable to boot from the IDE drive.
I really would like to add the internal HD to my Firebox-X. What steps am I missing?
The other issue that I am having is with bridging function. It worked in 1.2.3 that I had installed, I am having a issue with it in @.0 and I think it is the way I am configuring the port.
RC -
Fastcon…
Run the harddrive on a laptop and make sure the 2.0 is booting correctly. I had one 2.5 harddrive that the /mbr was not being recognized correctly with PFSense 2.0rc1 and it would not boot correctly. The drive would work with 1.2.3 correctly and when I used that drive inside the Watchguard and tried to do a web update to 2.0rc1 the box would look like it was updating and then would not find the update after the first reboot. The /mbr was reporting incorrectly on 2.0. Why it would work on 1.2.3 version and not 2 I never figured out...Good luck...
H.
-
The other issue that I am having is with bridging function. It worked in 1.2.3 that I had installed, I am having a issue with it in @.0 and I think it is the way I am configuring the port.
RCYes there was definately a change in the way bridges are configured in 2.0.
Try reading through the sticky in the 2.0 forum hereSteve
-
Got my second x700…
The first one gets delivered this weekend...
Built out the newest x700 using 2gbCF and it loaded fine...
Got control using web-gui.The nanoimage I used is: pfSense-2.0-RC1-2g-i386-20110226-1633-nanobsd.img.gz - Is this the correct one to use?
I see no menu using serial like everyone else using the CF?? I know this was an issue on some of these later 2.0rc1 builds -
On my other x700 I used the CD Live install with uniprocessor and HD and have the menu...??
And, I do not even see the serial option in the menu with the CF load - strange??
I can manage everything from the web but was wondering if anyone had any success or updates about the serial menu not showing....?Thx...
H.
-
I been working on my x-box 500. I install a full copy on a IDE 160 GB hard drive. Then I powered the Firebox x500 off. I then connected the IDE hard drive and powered it by a external source. I got a boot menu on the LCD but was unable to boot from the IDE drive.
I really would like to add the internal HD to my Firebox-X. What steps am I missing?
The other issue that I am having is with bridging function. It worked in 1.2.3 that I had installed, I am having a issue with it in @.0 and I think it is the way I am configuring the port.
RCFastcon
Were you able to bridge the ports?H.
-
Working on it today, just bought a CF micro HD (2.5 GB) Planning to use this. I put a bid in on a watchguard 8000. Hope I win it, that will give me three GB ports and 7 10/100 ports. I hope I win, that will be cool to migrate to PfSense.
RC -
I put a bid in on a watchguard 8000
You'll like that if you win it. X-Peak FTW! ;D
It's loud though.Steve
-
I just wanted to say thanks to everyone for their work in this thread. I successfully converted an x700 to pfSense using the 2.0 RC version embedded on a 4GB CF card.
The only real problem I had was probably more of a pfSense problem in general. Prior to this install, my office was using a Watchguard x20e as the central firewall (static IP), with five older x5 and x15 firewalls in employee home offices (dynamic IP). This VPN configuration has worked pretty flawlessly for the past 4-5 years, and to Watchguard's credit despite the bad rap they get around here, with very little downtime over that span. When I recently acquired an x700, I discovered this thread and decided to give pfSense a try. My original thinking was to replace the x20e with the pfSense-enabled x700, but that plan failed miserably as I couldn't configure a single tunnel to work properly even after watching the mobile VPN video on pfSense's website, so the office went back to the old x20e because we couldn't afford the downtime. I set up my new pfSense-enabled Watchguard in my home, with VPN to the office's static IP, and that configuration has been very stable in the week that I've had it up.
While I really like pfSense, with its wealth of configuration options - it's definitely a big leap forward versus the old Watchguard mini-appliances that were my only prior experience. However, the inability to more easily ipSec to remote dynamic IP is pretty disappointing considering that it's a pretty common configuration for VPN firewalls and many other firewalls have been offering that functionality for 5-10 years even in consumer grade products. Hopefully, the developers will implement that in a not-too-distant future version.
-
Hi Guys, I have a X1250e and opened it up. I had a thought; could one of these be used to put in a cold swap 2.5" hard drive?
It fits into a PCI slot and allows you to put a laptop HD in.I've put in a PCI NIC I had lying around and it seems like it would fit almsot perfectly! You'd just have to drill a couple of small holes into the mounting bracket so it can be screwed into the Firebox itself.
-
That would work but it's not going to be hot swappable though.
The 1250e has a space for a hard drive caddy already, no?
Steve
Edit: This really belongs in the X-e thread here:
http://forum.pfsense.org/index.php/topic,20095.0.html -
Sorry, didn't mean hot swap, even cold swap would be fine. There's a space for some sort of caddy thoughI don't think a 3.5" HD would fit (and even if it did, where do I get the caddy??), an a 2.5" on its own would just be loose in the case.
By the way, how would you connect a SATA 2.5" laptop to the motherboard, what kind of adapter would be needed?
-
This caddy fits almost perfectly. It fits a 2.5" pata laptop drive.
You would need some sort of adapter to fit a sata drive and it then wouldn't fit in the caddy. They seem to be easily and cheaply availbale though.
It's a shame Watchguard didn't use sata as it's built into the chipset on that board but not implemented.Steve
-
Hi Guys, I have a X1250e and opened it up. I had a thought; could one of these be used to put in a cold swap 2.5" hard drive?
It fits into a PCI slot and allows you to put a laptop HD in.
I've put in a PCI NIC I had lying around and it seems like it would fit almsot perfectly! You'd just have to drill a couple of small holes into the mounting bracket so it can be screwed into the Firebox itself.
Aziz - I was looking at this too…
Been trying to do what you are and you can purchase a 44pin to sata.
My only concern is there is micro-sata and reg-sata and I think this holder is the regular sata.
At least - when I looked at the specs on their website I was trying to see this in the technical data but it was not obvious. The 44pin to sata adapters are out there, you would just need one to fit the height requirement and remove the existing hotswap adapter. I am thinking that the front could be modded to slide in and yes - NO hot swap - but a managable way cold swap.I found another good solution. We are starting to use M-25 INTEL SSD's at work and the INTEL SSD drives arrive with a 2.5 to 3.5 mounting plate that fits right into the existing drive trays on the Watchguards... It slides right in - still have to pull the cover to attach the ribbon cable.
OCZ has one on http://www.amazon.co.uk/OCZ-Mounting-Bracket-Solid-Drives/dp/B002I8MUU0/ref=pd_cp_computers_1 that is similar to the INTEL drive tray and these fit the slot - at least the INTEL drive tray that comes with tne m25SSD does. Works well enough on the x700 but not as slick as the one you found here… And it looks like you have the X-box like Steve... -
As recommended by others in this thread, I put in some 40mm Scythe Mini Kaze fans in the case and a Papst 60mm over the CPU. The problem was that I wasn't really happy with the ventilation on the CPU fan, as the top cover of the x700 sat too flush against the top of the fan. So I decided it was time to do some case modding. First, I used an angle grinder to cut out an area in the top cover just bigger than the CPU fan, then I covered it with a simple case fan screen salvaged from an old Lian Li case. See pics below for final version.
I don't have a temperature meter, so I don't know what effect this had on the overall case cooling, but assume it's pretty good since the hot air off the CPU is being directly expelled from the case.
