Issue installing pfSense on Firebox x500 Core
-
Now I'm stumped. Everything in that bootup looks fine, and it even makes its little noise. There has to be a console menu, or a login prompt if the console menu password protection has been enabled!!!
Apart from flashing the CF card again and starting over, I am out of useful ideas.
Over to a more experienced Firebox guru… -
If I have to wipe and reflash this CF it isn't a huge deal, but if this is fixable I'd rather travel that route so I don't have to open this box up again(and risk the same problem occurring). 8)
ETA: Went ahead and wiped the CF card and I'm currently writing a fresh 2gb 32bit nanobsd image to it. Will report back with results.
-
Same issue with fresh install. After the initial interface config console stops outputting at "Bootup Complete."
Here is the entire output…
1 pfSense 2 pfSense F6 PXE Boot: 1 /boot/config: -h Consoles: serial port BIOS drive C: is disk0 BIOS 639kB/261120kB available memory FreeBSD/x86 bootstrap loader, Revision 1.1 (root@snapshots-8_3-i386.builders.pfsense.org, Wed Sep 11 18:59:49 EDT 2013) Loading /boot/defaults/loader.conf /boot/kernel/kernel data=0x9162bc data=0x51d734+0x9e0c4 syms=[0x4+0x9aa90+0x4+0xd51ab] - Hit [Enter] to boot immediately, or any other key for command prompt. Booting [/boot/kernel/kernel]... Copyright (c) 1992-2012 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.3-RELEASE-p11 #0: Wed Sep 11 19:13:36 EDT 2013 root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Celeron(TM) CPU 1200MHz (1202.73-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x6b4 Family = 6 Model = b Stepping = 4 Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory = 268435456 (256 MB) avail memory = 239235072 (228 MB) ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07330f0, 0) error 1 ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc0733190, 0) error 1 ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc0733230, 0) error 1 wlan: mac acl policy registered ACPI Error: A valid RSDP was not found (20101013/tbxfroot-309) ACPI: Table initialisation failed: AE_NOT_FOUND ACPI: Try disabling either ACPI or apic support. cryptosoft0: <software crypto="">on motherboard padlock0: No ACE support. pcib0: <intel 82815="" (i815="" gmch)="" host="" to="" hub="" bridge="">pcibus 0 on motherboard pir0: <pci 11="" interrupt="" routing="" table:="" entries="">on motherboard $PIR: Using invalid BIOS IRQ 9 from 2.13.INTA for link 0x63 pci0: <pci bus="">on pcib0 pcib1: <pci-pci bridge="">at device 1.0 on pci0 pci1: <pci bus="">on pcib1 pcib2: <pcibios pci-pci="" bridge="">at device 30.0 on pci0 pci2: <pci bus="">on pcib2 re0: <realtek 10="" 8139c+="" 100basetx="">port 0xd500-0xd5ff mem 0xefefa000-0xefefa1ff irq 10 at device 9.0 on pci2 re0: Chip rev. 0x74800000 re0: MAC rev. 0x00000000 miibus0: <mii bus="">on re0 rlphy0: <realtek internal="" media="" interface="">PHY 0 on miibus0 rlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow re0: [FILTER] re1: <realtek 10="" 8139c+="" 100basetx="">port 0xd600-0xd6ff mem 0xefefb000-0xefefb1ff irq 5 at device 10.0 on pci2 re1: Chip rev. 0x74800000 re1: MAC rev. 0x00000000 miibus1: <mii bus="">on re1 rlphy1: <realtek internal="" media="" interface="">PHY 0 on miibus1 rlphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow re1: [FILTER] re2: <realtek 10="" 8139c+="" 100basetx="">port 0xd900-0xd9ff mem 0xefefc000-0xefefc1ff irq 11 at device 11.0 on pci2 re2: Chip rev. 0x74800000 re2: MAC rev. 0x00000000 miibus2: <mii bus="">on re2 rlphy2: <realtek internal="" media="" interface="">PHY 0 on miibus2 rlphy2: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow re2: [FILTER] re3: <realtek 10="" 8139c+="" 100basetx="">port 0xda00-0xdaff mem 0xefefd000-0xefefd1ff irq 12 at device 12.0 on pci2 re3: Chip rev. 0x74800000 re3: MAC rev. 0x00000000 miibus3: <mii bus="">on re3 rlphy3: <realtek internal="" media="" interface="">PHY 0 on miibus3 rlphy3: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow re3: [FILTER] re4: <realtek 10="" 8139c+="" 100basetx="">port 0xdd00-0xddff mem 0xefefe000-0xefefe1ff irq 9 at device 13.0 on pci2 re4: Chip rev. 0x74800000 re4: MAC rev. 0x00000000 miibus4: <mii bus="">on re4 rlphy4: <realtek internal="" media="" interface="">PHY 0 on miibus4 rlphy4: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow re4: [FILTER] re5: <realtek 10="" 8139c+="" 100basetx="">port 0xde00-0xdeff mem 0xefeff000-0xefeff1ff irq 6 at device 14.0 on pci2 re5: Chip rev. 0x74800000 re5: MAC rev. 0x00000000 miibus5: <mii bus="">on re5 rlphy5: <realtek internal="" media="" interface="">PHY 0 on miibus5 rlphy5: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow re5: [FILTER] isab0: <pci-isa bridge="">at device 31.0 on pci0 isa0: <isa bus="">on isab0 atapci0: <intel ich2="" udma100="" controller="">port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xff00-0xff0f at device 31.1 on pci0 ata0: <ata channel="">at channel 0 on atapci0 ata0: [ITHREAD] ata1: <ata channel="">at channel 1 on atapci0 ata1: [ITHREAD] cpu0 on motherboard unknown: <pnp0c01>can't assign resources (memory) atrtc0: <at realtime="" clock="">at port 0x70-0x71 irq 8 pnpid PNP0b00 on isa0 uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 pnpid PNP0501 on isa0 uart0: [FILTER] uart0: console (9600,n,8,1) ppc0: <ecp parallel="" printer="" port="">at port 0x378-0x37f,0x778-0x77a irq 7 drq 3 pnpid PNP0401 on isa0 ppc0: Generic chipset (ECP/PS2/NIBBLE) in COMPATIBLE mode ppc0: FIFO with 16/16/16 bytes threshold ppc0: [ITHREAD] ppbus0: <parallel port="" bus="">on ppc0 ppi0: <parallel i="" o="">on ppbus0 orm0: <isa option="" rom="">at iomem 0xe0000-0xe0fff pnpid ORM0000 on isa0 unknown: <pnp0c01>can't assign resources (memory) RTC BIOS diagnostic error 20 <config_unit>Timecounter "TSC" frequency 1202732765 Hz quality 800 Timecounters tick every 10.000 msec IPsec: Initialized Security Association Processing. ad0: 3811MB <cf card="" ver7.01k="">at ata0-master PIO4 Trying to mount root from ufs:/dev/ufs/pfsense0 Configuring crash dumps... Mounting filesystems... Setting up memory disks... done. ___ ___/ f \ / p \___/ Sense \___/ \ \___/ Welcome to pfSense 2.1-RELEASE ... Creating symlinks......done. >>> Under 512 megabytes of ram detected. Not enabling APC. External config loader 1.0 is now starting... ad0s3 Launching the init system... done. Initializing............................. done. Starting device manager (devd)...done. Loading configuration......done. Default interfaces not found -- Running interface assignment option. re0: link state changed to DOWN re1: link state changed to DOWN re2: link state changed to DOWN re3: link state changed to DOWN re4: link state changed to DOWN re5: link state changed to DOWN re0: link state changed to UP Valid interfaces are: re0 00:90:7f:2f:f3:5f (up) RealTek 8139C+ 10/100BaseTX re1 00:90:7f:2f:f3:60 (up) RealTek 8139C+ 10/100BaseTX re2 00:90:7f:2f:f3:61 (up) RealTek 8139C+ 10/100BaseTX re3 00:90:7f:2f:f3:62 (up) RealTek 8139C+ 10/100BaseTX re4 00:90:7f:2f:f3:63 (up) RealTek 8139C+ 10/100BaseTX re5 00:90:7f:2f:f3:64 (up) RealTek 8139C+ 10/100BaseTX Do you want to set up VLANs first? If you are not going to use VLANs, or only for optional interfaces, you should say no here and use the webConfigurator to configure VLANs later, if required. Do you want to set up VLANs now [y|n]? n *NOTE* pfSense requires *AT LEAST* 1 assigned interface(s) to function. If you do not have *AT LEAST* 1 interfaces you CANNOT continue. If you do not have at least 1 *REAL* network interface card(s) or one interface with multiple VLANs then pfSense *WILL NOT* function correctly. If you do not know the names of your interfaces, you may choose to use auto-detection. In that case, disconnect all interfaces now before hitting 'a' to initiate auto detection. Enter the WAN interface name or 'a' for auto-detection: re0 Enter the LAN interface name or 'a' for auto-detection NOTE: this enables full Firewalling/NAT mode. (or nothing if finished): re1 Enter the Optional 1 interface name or 'a' for auto-detection (or nothing if finished): The interfaces will be assigned as follows: WAN -> re0 LAN -> re1 Do you want to proceed [y|n]?y Writing configuration...done. Updating configuration...done. Cleaning backup cache...done. Setting up extended sysctls...done. Setting timezone...done. Configuring loopback interface...done. Starting syslog...done. Starting Secure Shell Services...done. Setting up polling defaults...done. Setting up interfaces microcode...done. Configuring loopback interface...done. Creating wireless clone interfaces...done. Configuring LAGG interfaces...done. Configuring VLAN interfaces...done. Configuring QinQ interfaces...done. Configuring WAN interface...done. Configuring LAN interface...done. Syncing OpenVPN settings...done. Configuring firewall......done. Starting PFLOG...done. Setting up gateway monitors...done. Synchronizing user settings...done. Starting webConfigurator...done. Configuring CRON...done. Starting DNS forwarder...done. Starting NTP time client...done. Starting DHCP service...done. Starting DHCPv6 service...done. Configuring firewall......done. Generating RRD graphs...done. Starting syslog...done. Starting CRON... done. Bootup complete</cf></config_unit></pnp0c01></isa></parallel></parallel></ecp></at></pnp0c01></ata></ata></intel></isa></pci-isa></realtek></mii></realtek></realtek></mii></realtek></realtek></mii></realtek></realtek></mii></realtek></realtek></mii></realtek></realtek></mii></realtek></pci></pcibios></pci></pci-pci></pci></pci></intel></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>
-
Yes you're seeing the serial quirk which still exists in 2.1 :(. No idea why it does it or why changing the baud rate cures it.
If you've set a LAN interface, which you have, you should be able to connect to the webgui on that interface at 192.168.1.1. It should also be running DHCP to give any client connected to LAN an address in that subnet by default. Possible reasons you can't see the webgui might be:
The re1 NIC in that box is broken.
You have the WAN interface connected to another router this is using the same subnet.
You are connecting directly to the NIC and aren't using a cross-over cable. They do not support auto MDIX so if your client doesn't either you need a cross-over cable or switch in between.Steve
-
The re1 NIC in that box is broken.
You have the WAN interface connected to another router this is using the same subnet.
You are connecting directly to the NIC and aren't using a cross-over cable. They do not support auto MDIX so if your client doesn't either you need a cross-over cable or switch in between.First install I set it as WAN = re0 and LAN = re5. Second go around I set LAN = re1.
I have my WAN interface connected to the PC port of my Zultys ZIP 33i VoIP phone. I know this works because I used this as my WAN source for the x700e I did 2 weeks ago and it worked fine. I have my very own IP range available to me if I ever want to use this phone/device as a WAN for work purposes. I'm at the office, not at home. The IP range handed out by the phone is not the same subnet so no issues there.
The NIC is in my workstation. It's just your basic 10/100 PCI NIC and it is the secondary in this rig. I use it for test bench purposes, like when I need to configure a router or WAP, and it is definitely working properly. No crossover cable should be necessary. I'm just not getting any connection between that NIC and this x500.
Is it possible that this x500 is bad in some way?
-
Hmm, OK.
Well it could have all dead NICs but I doubt it. Are you seeing link leds?
I notice in your log that the box sees re0 as UP but none of the others, is re0 the only connected NIC at that point?Steve
-
re0 is set as the WAN port and is connected to that phone that I use as a WAN source. I get a link light there and that's why it's showing as up.
re1 is set as LAN and connected to the secondary NIC in my workstation, re2-5 aren't configured. I get no link lights on any of these ports and my workstation isn't showing a connection on that NIC.
-
Both are 10/100 NICs and you're not using a cross-over cable?
Try using a cross-over cable or put a switch in between. You definitely won't get to the webgui until you have link lights. ;)Steve
-
Since when is a crossover cable needed for this? I'm basically doing exactly what I did on the x700e except that one had a few extra steps to get pfSense running on it.
Plugging my workstation in to the switch(Netgear GS108) shows an active connection. Connecting the switch to re1(LAN) and I not get activity lights and I did see the console menu. Rebooted and lost it, back to Bootup Complete. During the time I could see the console menu I could no access the webGUI on my workstation.
-
Ok I'm now in the webGUI and was able to change the serial connection to fix that and start working on all my other config settings.
I enabled re5, the last port, which my friend wants to connect his rig to to control this box/admin pfsense/etc. I'm not sure how to move webGUI access from re1 to re5. Am I missing something here?
ETA: Everything is working now. Will report back if I have any other issues.
Thanks guys!
-
Since when is a crossover cable needed for this? I'm basically doing exactly what I did on the x700e
Since always. ;)
To connect two Ethernet clients directly you need to cross the Tx and Rx pairs. This has always been the case for 10/100 Ethernet. When you connect to a switch the connectors are wired appropriately so you can use standard (non crossed) cables but they usually also provide a straight through connector so that two switches can be connected directly. More recently ethernet equipment has had auto-MDIX capability where it can sense which type of cable/connector is in use and configure itself appropriately. All Gigabit Ethernet is auto-MDIX so you may never have come across this problem unless you've been doing it for years or are working with older equipment. The X750e (I assume you typo'd X700e) is all Gigabit NICs so you can connect to it directly. See:
http://en.wikipedia.org/wiki/Medium_Dependent_InterfaceI'm not sure how to move webGUI access from re1 to re5. Am I missing something here?
Not sure if you fixed this or not.
The webgui listens on all ports so the only thing that governs access to it are the firewall rules on that interface. The LAN interface has a default rule allowing access to the webgui on port 80 or 443, dpending if you chose SSL or not. So to get access on re5 you can either add a rule to that interface allowing traffic on port 80 or you could reassign LAN to be re5. If you reassign LAN you'll likely be disconnected until you move the client to re5.Watch for watchdog timeouts on the re interfaces in the logs.
Steve