Successful Install on Watchguard Firebox X700!
-
Hi I finally got a chance to test pfsense on our firebox x500, and I'm seeing the dreaded watchdog timeout on re0. So far it doesnt appear to be affecting traffic but I haven't had it booted for that long. I thought 2.0.1 was supposed to have fixed that problem? I disabled gateway monitoring as we only have one gateway anyway but didn't help.
PS re0 is connected directly to a Cisco IAD2430 T-1 router.
-
Unfortunately there seems to be no easy explanation for this.
I have a box here that I am running purely for testing and have yet so see any timeouts. It's connected to a cheap unmanaged SMC 10/100 switch.
2.0.1 is still based on FreeBSD 8.1 and the driver hasn't changed. 2.1 is based on 8.3 so has newer drivers. However it currently has other issues with Nano mounting the filesystem. I had to go back to 2.0.1 for testing, the delay probably wouldn't be problem in a system you're not constantly fiddling with. ::)Steve
-
Since 2.0 I have less to none watchdog timeouts compared to 1.2.3. My re0 is directly connected to my (bridged) cable modem. The re1 is connected to a small and simple HP ProCurve 1400-8G Switch. Only problem is Skype: during calls (with or without video) there are watchdog timeouts on re1 (I have a Skype port forward in the ruleset). Using Skype is therefore no option. SIP based phonecalls are no problem.
-
Since the timeouts seem to be related to packet fragmentation you might try doing a packet capture to see if Skype is doing something weird.
Steve
-
Did anyone installed 2.1 on firebox x700
-
Did anyone installed 2.1 on firebox x700
Yes, I did. On a 2gb cf card. I did the firmware update. I was installing every update but looks like every 2 days there is one (or at least im checking every 2 days) I am going to test it every week. I don't want to mess up my cf card by writing it so much.
-
Just want everyone in the room to know that we (Watchguard Police) are coming to confiscate the modified Watchguard appliances.
You've violated your agreements and we know about it.
-
Just want everyone in the room to know that we (Watchguard Police) are coming to confiscate the modified Watchguard appliances.
You've violated your agreements and we know about it.
hahaha! ya ok, looking forward to it!
-
Just want everyone in the room to know that we (Watchguard Police) are coming to confiscate the modified Watchguard appliances.
You've violated your agreements and we know about it.
hahaha Post of the year maybe. :D
I didn't know the Watchguard Police worked for a heavy equipment manufacturing company.
-
Yeah… Who'd of guessed it!
Hahaha!
-
Just want everyone in the room to know that we (Watchguard Police) are coming to confiscate the modified Watchguard appliances.
You've violated your agreements and we know about it.
Actually once we have you here there's some issues we'd like to discuss..
-
Just for a second there alarms went off in my head! ::)
Steve
-
Ok, so I bought an X700 and I've been having fun messing with it. I had an older IDE hdd sitting around, and figured I would try to make use of it instead of going the CF route. I installed PFsense onto the hdd through a live cd, did the 99 install and selected embedded for console access. I had issues with the 2.x releases, so for now I put on 1.2.3 and planned on upgrading through the WebGUI to 2.1, etc. I put the hdd in, started the FB, and I get to the section where pfsense asks to mount the new hdd. Typing in "?" gives nothing to mount, auto-detection fails and will re-boot the box, and I tried a few of the options people have mentioned here (ufs:ad0s1a, etc)to no success. Am I missing something here? Thanks for any help ^^
I can post screens of the initial startup later tonight when I get home if that's necessary.
-
Hmm, I've not actually done this myself on this box but according to the very first post of this now ridiculously long thread:
@jmcentire:8. Couldn't mount drive(since installed on different machine), so it asks what you want to mount enter: ufs:ad2s1a
The internal IDE connector is the secondary and assuming your drive is configured as master (or cable select) it is assigned as ad2 by FreeBSD. Edit: I'm actually a little vague on this! ::)
Steve
-
Hmm, I've not actually done this myself on this box but according to the very first post of this now ridiculously long thread:
@jmcentire:8. Couldn't mount drive(since installed on different machine), so it asks what you want to mount enter: ufs:ad2s1a
The internal IDE connector is the secondary and assuming your drive is configured as master (or cable select) it is assigned as ad2 by FreeBSD. Edit: I'm actually a little vague on this! ::)
Steve
I thought the same thing, and actually tried quite a few combination of numbers to be safe… same result : / ad0, ad1, ad2, etc. hdd is also selected as master, and I forgot to mention I have the CF removed right now.
-
I loaded the hdd into another computer to possibly modify fstab as I had seen in another thread. Here is a pic of the output, it looks like stephenw10 and I were on the right track, no idea why it won't mount. Any other ideas?
-
The console output before the report of the mount failure might be informative. For example, there might be a report of disk errors.
-
The console output before the report of the mount failure might be informative. For example, there might be a report of disk errors.
Here is the full bootup and me entering "?", as well as "ufs:ad2s1a" Thanks!
-
The startup shows no signs of recognising your hard disk, which makes me wonder what the system was booting from.
Here's an extract from a pfSense startup showing detection of ad0 (hard disk) on disk channel ata0 on controller atapci0:
isa0: <isa bus="">on isab0
atapci0: <via 8235="" udma133="" controller="">port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xed00-0xed0f at device 17.1 on pci0
ata0: <ata channel="">at channel 0 on atapci0
ata0: [ITHREAD]
ata1: <ata channel="">at channel 1 on atapci0
ata1: [ITHREAD]
pci0: <multimedia, audio="">at device 17.5 (no driver attached)
vr0: <via 10="" vt6102="" rhine="" ii="" 100basetx="">port 0xe800-0xe8ff mem 0xef004000-0xef0040ff irq 11 at device 18.0 on pci0
vr0: Quirks: 0x0
vr0: Revision: 0x74
miibus1: <mii bus="">on vr0
ukphy0: <generic ieee="" 802.3u="" media="" interface="">PHY 1 on miibus1
ukphy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
vr0: [ITHREAD]
acpi_tz0: <thermal zone="">on acpi0
atrtc0: <at realtime="" clock="">port 0x70-0x73 irq 8 on acpi0
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
atpic: Mismatched config for IRQ4: trigger edge, polarity low
uart0: [FILTER]
uart1: <16550 or compatible> port 0x2f8-0x2ff irq 3 on acpi0
atpic: Mismatched config for IRQ3: trigger edge, polarity low
uart1: [FILTER]
pmtimer0 on isa0
sc0: <system console="">at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: <generic isa="" vga="">at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
atkbdc0: <keyboard controller="" (i8042)="">at port 0x60,0x64 on isa0
atkbd0: <at keyboard="">irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbd0: [ITHREAD]
ppc0: parallel port not found.
acpi_throttle0: <acpi cpu="" throttling="">on cpu0
Timecounter "TSC" frequency 797736152 Hz quality 800
Timecounters tick every 1.000 msec
IPsec: Initialized Security Association Processing.
usbus0: 12Mbps Full Speed USB v1.0
usbus1: 12Mbps Full Speed USB v1.0
usbus2: 12Mbps Full Speed USB v1.0
usbus3: 480Mbps High Speed USB v2.0
ad0: DMA limited to UDMA33, device found non-ATA66 cable
ad0: 955MB <transcend 20071207="">at ata0-master UDMA33
ugen0.1: <via>at usbus0
uhub0: <via 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus0
ugen1.1: <via>at usbus1
uhub1: <via 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus1
ugen2.1: <via>at usbus2
uhub2: <via 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus2
ugen3.1: <via>at usbus3
uhub3: <via 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus3
uhub0: 2 ports with 2 removable, self powered
uhub1: 2 ports with 2 removable, self powered
uhub2: 2 ports with 2 removable, self powered
uhub3: 6 ports with 6 removable, self powered
ugen3.2: <ralink>at usbus3
run0: <1.0> on usbus3
run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address c8:3a:35:c4:ee:f3
run0: firmware RT2870 loaded
Trying to mount root from ufs:/dev/ad0s1a</ralink></via></via></via></via></via></via></via></via></transcend></acpi></at></keyboard></generic></system></at></thermal></generic></mii></via></multimedia,></ata></ata></via></isa>I'm a little surprised your startup didn't report any USB devices, but maybe the BIOS disabled USB devices on the grounds they couldn't be used in that box.
There is a boot variable that can be added to /boot/loader.conf.local (or specified to the FreeBSD boot loader to pause a little before looking for the boot device. The variable is kern.cam.boot_delay and it takes a value in milliSeconds, thus kern.cam.boot_delay=10000 will pause 10 seconds.
First time you will need to specify the variable and value at boot time, then you can edit /boot/loader.conf.local so that it will be picked up automatically on subsequent boots. (Or you can boot the hard drive on another system, then edit /boot/loader.conf.local.)
At the FreeBSD boot loader startup (options 1-7 listed), type 6 to get the loader prompt, then at the prompt type the line
kern.cam.boot_delay=10000
then at the next prompt type
boot
and see if that makes a difference.
-
Hmm, yes that's a little odd, not detecting a drive.
A problem I have seen, though it may not apply here, is that sometimes when you install on an old drive the boot slice can be offset by a previous install. However you can see the two slices appear correctly as s1a and s1b on your other machine. :-\
Steve