Pfsense on WatchGuard XTM 1050 hardware
-
Well the biggest gotcha is that Watchguard could have used a BIOS that only boots signed media. Other firewall manufacturers do that. Watchguard have not in earlier boxes presumably because the additional cost and hassle of doing it wasn't justified by the security risk. I agree with that decision since if somebody has physical access to your firewall they can pretty much do whatever they want anyway. Since no-one has tried any of their more recent boxes it's impossible to say if that's still their policy. They did do something similar with their smaller ARM based units.
That aside it looks like standard X86 hardware. Though whereas the 800, 1500, 2050 and 2500 series are all recognisably Lanner built the 1050 is not. The LCD is different as is the NIC expansion slot and the HD caddy. Since Watchguard are no longer publically publishing de-manufacturing documents it's really impossible to know without looking inside it.
Edit: My bad: http://www.watchguard.com/docs/corporate/wg_xtm10De-MFR_instructions.pdf
We do know from the hardware guide that it's:
Dual 2.33 GHz Quad Core Intel Xeon
Edit:They're E5410 Xeons
1GB Flash
4 GB RAMLooks a lot more like something modified from this: http://www.portwell.com/products/detail.asp?CUSTCHAR1=NAR-7090
I'm not sure Portwell actually make that though.Steve
thank you steve….this actual unit has the bios version 1.4...so i dont know if that means anything to you, and it does come with a single 250gb drive (no OS loaded) ....
does that help any?
-
No sorry, I've never used one myself.
Steve
-
Network interfaces
• 14x GbE Copper RJ45, 1000Base-T, 100Base-TX, or 10 Base-T (10/100/1000Mbps)
• Includes 10x fixed ports, 4x on removable module
• Interfaces 12 and 13 are labeled Management EthernetFiber Option
(replaces 4 of the 14 RJ-45 ports)
• 4 GbE SFP Module replaces standard 4x Copper module
• Includes 4x 1000BaseSX Optical Transceivers
– 850 nm Vertical Cavity Surface Emitting Laser (VCSEL)
– LC-Duplex Fiber Connector10 Gb Interface Module
(replaces 4 of the 14 RJ-45 ports)
• 10 Gb Interface Module replaces standard 4x Copper module
• Includes 2x 10Base-SR 850nm Multimode SFP+ transceivers
– Each interface operates at 10Gb onlyI/O interfaces
• 2x USB
• 1x Serial RS232 RJ45I'm interested in this as well!
They are fairly "cheap" for dedicated Firewall / IDS Appliance than can possibly run pfSense.Question is now :
Are the network chips and cards recognized in FreeBSD ?
Pro's in my book :
- 10GBE Support
- Gigabit FC Ethernet support
- All ports on front of unit
- Rack Mountable
- Dual Quad Core and lots of Memory/CPU for intensive plug-ins as Squid / Snort / Antivirus
Cons:
- Power Usage but then again almost everything that's rack mounted wasn't really designed in mind for a "home" user
-
Network interfaces
• 14x GbE Copper RJ45, 1000Base-T, 100Base-TX, or 10 Base-T (10/100/1000Mbps)
• Includes 10x fixed ports, 4x on removable module
• Interfaces 12 and 13 are labeled Management EthernetFiber Option
(replaces 4 of the 14 RJ-45 ports)
• 4 GbE SFP Module replaces standard 4x Copper module
• Includes 4x 1000BaseSX Optical Transceivers
– 850 nm Vertical Cavity Surface Emitting Laser (VCSEL)
– LC-Duplex Fiber Connector10 Gb Interface Module
(replaces 4 of the 14 RJ-45 ports)
• 10 Gb Interface Module replaces standard 4x Copper module
• Includes 2x 10Base-SR 850nm Multimode SFP+ transceivers
– Each interface operates at 10Gb onlyI/O interfaces
• 2x USB
• 1x Serial RS232 RJ45I'm interested in this as well!
They are fairly "cheap" for dedicated Firewall / IDS Appliance than can possibly run pfSense.Question is now :
Are the network chips and cards recognized in FreeBSD ?
Pro's in my book :
- 10GBE Support
- Gigabit FC Ethernet support
- All ports on front of unit
- Rack Mountable
- Dual Quad Core and lots of Memory/CPU for intensive plug-ins as Squid / Snort / Antivirus
Cons:
- Power Usage but then again almost everything that's rack mounted wasn't really designed in mind for a "home" user
correct, i am currently trying to get pfsensenano installed on it, but i cant get the stupid console port to work. i have tried a plain ol' cisco rj45-to-serial connection, but i am getting nothing.
i do however get the management ports showing up as connected, but i cant figure out which IP they might be on.
i am still trying to bang this thing out. i modded all the fans (even the power unit fans) so it is muuuuch more quiet. (quiet enough to talk over at a normal voice)
i will update with what i can/cant get to work.
:D
*** update ***
got nano version to install..i will attach the output dump shortly. 13gb interfaces..much more room to play with. along with 8 cpu's. not bad for under 200$ (not including the ram upgrade to be done shortly)
*** update ***
-
It could be similar to the XTM8 that has 2 on-board serial ports but the front console port is in fact com2. This is a problem because the Nano images are hard coded to use com1 as the serial console and, on the XTM8 at least, the other serial port is not populated. However the BIOS is still accessible via the console port at 115200bps, hit 'TAB' to enter it, so you might try that to prove the cable.
Cisco often had 'odd' cables that were different to those of other manufacturers. Not sure about their RJ45 cables though.Looking at the photos in the docs the console port appears to be on the end of a header cable. Perhaps you can swap that for a standard DB9 header instead.
Steve
Edit: Took too long typing. ::) What was the trick?
-
here is the jist so far..more below
i installed the following release: pfSense-2.1.1-RELEASE-4g-i386-nanobsd.img.gz
(should i use amd64 to utilize all the ram currently installed? i am going to up the amount to at least 32gb in the near future)connecting to the console port with a normal serial->rj45 cable works. you do not have to change the speed from 9600…..
it is pretty straight forward just like installing a nano version on a watchguard firebox x700 ...the following links helped me learn a LOT about the internals and options..tks!
http://xtmbox.ru/docs/xtm_1050.pdf
http://www.watchguard.com/docs/corporate/wg_xtm10De-MFR_instructions.pdf
http://www.portwell.com/pdf/CA/NAR-7090.pdf
https://www.watchguard.com/docs/datasheet/wg_ngfw_ds.pdfhere is the bootup output dump. i have included some questions within the bootup output dump notated by <–
1 pfSense 2 pfSense F6 PXE Boot: 1 /boot/config: -h FreeBSD/x86 boot Default: 0:ad(0,a)/boot/loader boot: Consoles: serial port BIOS drive C: is disk0 BIOS 639kB/3668864kB available memory FreeBSD/x86 bootstrap loader, Revision 1.1 (root@snapshots-8_3-i386.builders.pfsense.org, Wed Sep 11 18:59:49 EDT 2013) Loading /boot/defaults/loader.conf /boot/kernel/kernel data=0x9162bc data=0x51d734+0x9e0c4 syms=[0x4+0x9aa90+0x4+0x d51ab] - Hit [Enter] to boot immediately, or any other key for command prompt. Booting [/boot/kernel/kernel]... 4718592K of memory above 4GB ignored <-- i have 8gb of ram installed, why is it ignoring the full 8gb.. non-64bit? Copyright (c) 1992-2012 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.3-RELEASE-p11 #0: Wed Sep 11 19:13:36 EDT 2013 root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc /src/sys/pfSense_wrap.8.i386 i386 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Xeon(R) CPU E5410 @ 2.33GHz (2327.52-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x10676 Family = 6 Model = 17 Stepping = 6 Features=0xbfebfbff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,c ="" mov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe="">Features2=0xce3bd <sse3,dtes64,mon,ds_cpl,vmx,est,tm2,ssse3,cx16,xtpr,pdcm,dca, ="" sse4.1="">AMD Features=0x20100000 <nx,lm>AMD Features2=0x1 <lahf>TSC: P-state invariant real memory = 8589934592 (8192 MB) avail memory = 3664801792 (3495 MB) <-- i have 8gb of ram installed, why is it ignoring the full 8gb.. non-64bit? ACPI APIC Table: <100608 APIC1630> FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs FreeBSD/SMP: 2 package(s) x 4 core(s) cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 1 cpu2 (AP): APIC ID: 2 cpu3 (AP): APIC ID: 3 cpu4 (AP): APIC ID: 4 cpu5 (AP): APIC ID: 5 cpu6 (AP): APIC ID: 6 cpu7 (AP): APIC ID: 7 ioapic0 <version 2.0="">irqs 0-23 on motherboard ioapic1 <version 2.0="">irqs 24-47 on motherboard ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /bo ot/loader.conf. module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07330f0, 0) error 1 ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /b oot/loader.conf. module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc0733190, 0) error 1 ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw /. ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc0733230, 0) error 1 wlan: mac acl policy registered cryptosoft0: <software crypto="">on motherboard padlock0: No ACE support. acpi0: <100608 XSDT1630> on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) acpi0: reservation of 0, a0000 (3) failed acpi0: reservation of 100000, dff00000 (3) failed Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0 cpu0: <acpi cpu="">on acpi0 cpu1: <acpi cpu="">on acpi0 cpu2: <acpi cpu="">on acpi0 cpu3: <acpi cpu="">on acpi0 cpu4: <acpi cpu="">on acpi0 cpu5: <acpi cpu="">on acpi0 cpu6: <acpi cpu="">on acpi0 cpu7: <acpi cpu="">on acpi0 pcib0: <acpi host-pci="" bridge="">port 0xcf8-0xcff on acpi0 pci0: <acpi pci="" bus="">on pcib0 pcib1: <acpi pci-pci="" bridge="">at device 2.0 on pci0 pci8: <acpi pci="" bus="">on pcib1 pcib2: <acpi pci-pci="" bridge="">irq 16 at device 0.0 on pci8 pci10: <acpi pci="" bus="">on pcib2 pcib3: <acpi pci-pci="" bridge="">at device 0.0 on pci10 pci13: <acpi pci="" bus="">on pcib3 em0: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xdf00-0xdf1f mem 0xfde80 000-0xfde9ffff,0xfde60000-0xfde7ffff irq 16 at device 0.0 on pci13 em0: Using an MSI interrupt em0: [FILTER] em1: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xdf80-0xdf9f mem 0xfdee0 000-0xfdefffff,0xfdec0000-0xfdedffff irq 17 at device 0.1 on pci13 em1: Using an MSI interrupt em1: [FILTER] pcib4: <acpi pci-pci="" bridge="">at device 1.0 on pci10 pci12: <acpi pci="" bus="">on pcib4 em2: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xcf00-0xcf1f mem 0xfdc80 000-0xfdc9ffff,0xfdc60000-0xfdc7ffff irq 17 at device 0.0 on pci12 em2: Using an MSI interrupt em2: [FILTER] em3: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xcf80-0xcf9f mem 0xfdce0 000-0xfdcfffff,0xfdcc0000-0xfdcdffff irq 18 at device 0.1 on pci12 em3: Using an MSI interrupt em3: [FILTER] pcib5: <acpi pci-pci="" bridge="">at device 2.0 on pci10 pci11: <acpi pci="" bus="">on pcib5 em4: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xbf00-0xbf1f mem 0xfdac0 000-0xfdadffff irq 18 at device 0.0 on pci11 em4: Using an MSI interrupt em4: [FILTER] em5: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xbf80-0xbf9f mem 0xfdae0 000-0xfdafffff irq 19 at device 0.1 on pci11 em5: Using an MSI interrupt em5: [FILTER] pcib6: <acpi pci-pci="" bridge="">at device 0.3 on pci8 pci9: <acpi pci="" bus="">on pcib6 pcib7: <acpi pci-pci="" bridge="">at device 3.0 on pci0 pci7: <acpi pci="" bus="">on pcib7 pcib8: <acpi pci-pci="" bridge="">at device 4.0 on pci0 pci6: <acpi pci="" bus="">on pcib8 em6: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xaf00-0xaf1f mem 0xfd980 000-0xfd99ffff,0xfd960000-0xfd97ffff irq 16 at device 0.0 on pci6 em6: Using an MSI interrupt em6: [FILTER] em7: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0xaf80-0xaf9f mem 0xfd9e0 000-0xfd9fffff,0xfd9c0000-0xfd9dffff irq 17 at device 0.1 on pci6 em7: Using an MSI interrupt em7: [FILTER] pcib9: <acpi pci-pci="" bridge="">at device 5.0 on pci0 pci5: <acpi pci="" bus="">on pcib9 em8: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x9f00-0x9f1f mem 0xfd780 000-0xfd79ffff,0xfd760000-0xfd77ffff irq 16 at device 0.0 on pci5 em8: Using an MSI interrupt em8: [FILTER] em9: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x9f80-0x9f9f mem 0xfd7e0 000-0xfd7fffff,0xfd7c0000-0xfd7dffff irq 17 at device 0.1 on pci5 em9: Using an MSI interrupt em9: [FILTER] pcib10: <acpi pci-pci="" bridge="">at device 6.0 on pci0 pci4: <acpi pci="" bus="">on pcib10 em10: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x8f00-0x8f1f mem 0xfd58 0000-0xfd59ffff,0xfd560000-0xfd57ffff irq 16 at device 0.0 on pci4 em10: Using an MSI interrupt em10: [FILTER] em11: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x8f80-0x8f9f mem 0xfd5e 0000-0xfd5fffff,0xfd5c0000-0xfd5dffff irq 17 at device 0.1 on pci4 em11: Using an MSI interrupt em11: [FILTER] pcib11: <acpi pci-pci="" bridge="">at device 7.0 on pci0 pci3: <acpi pci="" bus="">on pcib11 em12: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x7f00-0x7f1f mem 0xfd38 0000-0xfd39ffff,0xfd360000-0xfd37ffff irq 16 at device 0.0 on pci3 em12: Using an MSI interrupt em12: [FILTER] em13: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x7f80-0x7f9f mem 0xfd3e 0000-0xfd3fffff,0xfd3c0000-0xfd3dffff irq 17 at device 0.1 on pci3 em13: Using an MSI interrupt em13: [FILTER] pcib12: <acpi pci-pci="" bridge="">irq 16 at device 28.0 on pci0 pci2: <acpi pci="" bus="">on pcib12 pci2: <encrypt decrypt,="" network="" computer="" crypto="">at device 0.0 (no driver attached) uhci0: <intel 3100="" 631xesb="" 632xesb="" usb="" controller="" usb-1="">port 0xef00-0xef1f irq 23 at device 29.0 on pci0 uhci0: [ITHREAD] usbus0: <intel 3100="" 631xesb="" 632xesb="" usb="" controller="" usb-1="">on uhci0 uhci1: <intel 3100="" 631xesb="" 632xesb="" usb="" controller="" usb-2="">port 0xef80-0xef9f irq 19 at device 29.1 on pci0 uhci1: [ITHREAD] usbus1: <intel 3100="" 631xesb="" 632xesb="" usb="" controller="" usb-2="">on uhci1 ehci0: <intel 63xxesb="" usb="" 2.0="" controller="">mem 0xfdfffc00-0xfdffffff irq 23 at device 29.7 on pci0 ehci0: [ITHREAD] usbus2: EHCI version 1.0 usbus2: <intel 63xxesb="" usb="" 2.0="" controller="">on ehci0 pcib13: <acpi pci-pci="" bridge="">at device 30.0 on pci0 pci1: <acpi pci="" bus="">on pcib13 isab0: <pci-isa bridge="">at device 31.0 on pci0 isa0: <isa bus="">on isab0 atapci0: <intel 63xxesb2="" sata300="" controller="">port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376 at device 31.2 on pci0 ata0: <ata channel="">at channel 0 on atapci0 ata0: [ITHREAD] ata1: <ata channel="">at channel 1 on atapci0 ata1: [ITHREAD] pci0: <serial bus,="" smbus="">at device 31.3 (no driver attached) acpi_button0: <power button="">on acpi0 atrtc0: <at realtime="" clock="">port 0x70-0x71 irq 8 on acpi0 uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 uart0: [FILTER] uart0: console (9600,n,8,1) uart1: <16550 or compatible> port 0x2f8-0x2ff irq 3 on acpi0 uart1: [FILTER] ppc0: <parallel port="">port 0x378-0x37f irq 7 on acpi0 ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode ppc0: [ITHREAD] ppbus0: <parallel port="" bus="">on ppc0 ppi0: <parallel i="" o="">on ppbus0 acpi_throttle0: <acpi cpu="" throttling="">on cpu0 acpi_throttle1: <acpi cpu="" throttling="">on cpu1 acpi_throttle1: failed to attach P_CNT <-- what failed here? device_attach: acpi_throttle1 attach returned 6 acpi_throttle2: <acpi cpu="" throttling="">on cpu2 acpi_throttle2: failed to attach P_CNT <-- what failed here? device_attach: acpi_throttle2 attach returned 6 acpi_throttle3: <acpi cpu="" throttling="">on cpu3 acpi_throttle3: failed to attach P_CNT <-- what failed here? device_attach: acpi_throttle3 attach returned 6 Timecounters tick every 10.000 msec IPsec: Initialized Security Association Processing. usbus0: 12Mbps Full Speed USB v1.0 usbus1: 12Mbps Full Speed USB v1.0 ugen0.1: <intel>at usbus0 uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus0 ugen1.1: <intel>at usbus1 uhub1: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus1 usbus2: 480Mbps High Speed USB v2.0 ad0: 3823MB <transcend 20080820="">at ata0-master PIO4 ugen2.1: <intel>at usbus2 uhub2: <intel 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus2 SMP: AP CPU #6 Launched! SMP: AP CPU #1 Launched! SMP: AP CPU #5 Launched! SMP: AP CPU #2 Launched! SMP: AP CPU #3 Launched! SMP: AP CPU #7 Launched! SMP: AP CPU #4 Launched! uhub1: 2 ports with 2 removable, self powered uhub0: 2 ports with 2 removable, self powered Root mount waiting for: usbus2 Root mount waiting for: usbus2 uhub2: 4 ports with 4 removable, self powered Trying to mount root from ufs:/dev/ufs/pfsense0 WARNING: / was not properly dismounted Configuring crash dumps... Mounting filesystems... mount: /dev/ufs/pfsense0 R/W mount of / denied. Filesystem is not clean - run fsck.: Operation not permitted ** /dev/ufs/pfsense0 ** Last Mounted on / ** Root file system ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 7746 files, 630390 used, 3149638 free (1598 frags, 393505 blocks, 0.0% fragmentation) ***** FILE SYSTEM MARKED CLEAN ***** ** /dev/ufs/cf ** Last Mounted on /cf ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 28 files, 3851 used, 97204 free (36 frags, 12146 blocks, 0.0% fragmentation) ***** FILE SYSTEM MARKED CLEAN ***** Setting up memory disks... done. Disabling APM on /dev/ad0 ___ ___/ f \ / p \___/ Sense \___/ \ \___/ Welcome to pfSense 2.1-RELEASE ... Creating symlinks......done. External config loader 1.0 is now starting... ad0s3 Launching the init system... done. Initializing............................. done. Starting device manager (devd)...done. Loading configuration......done. Default interfaces not found -- Running interface assignment option. Valid interfaces are: *all interfaces are noted as 'up', but i only plugged in my wan connection into port '0' - interface em4 .. why would it show the interfaces as being 'up' without a live link?* em0 00:90:7f:80:00:78 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em1 00:90:7f:80:00:79 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em2 00:90:7f:80:00:7a (up) Intel(R) PRO/1000 Network Connection 7.3.2 em3 00:90:7f:80:00:7b (up) Intel(R) PRO/1000 Network Connection 7.3.2 em4 00:90:7f:80:00:7c (up) Intel(R) PRO/1000 Network Connection 7.3.2 em5 00:90:7f:80:00:7d (up) Intel(R) PRO/1000 Network Connection 7.3.2 em6 00:90:7f:80:00:70 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em7 00:90:7f:80:00:71 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em8 00:90:7f:80:00:72 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em9 00:90:7f:80:00:73 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em10 00:90:7f:80:00:74 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em11 00:90:7f:80:00:75 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em12 00:90:7f:80:00:76 (up) Intel(R) PRO/1000 Network Connection 7.3.2 em13 00:90:7f:80:00:77 (up) Intel(R) PRO/1000 Network Connection 7.3.2 Do you want to set up VLANs first? If you are not going to use VLANs, or only for optional interfaces, you should say no here and use the webConfigurator to configure VLANs later, em4: link state changed to UP if required. Do you want to set up VLANs now [y|n]? n *NOTE* pfSense requires *AT LEAST* 1 assigned interface(s) to function. If you do not have *AT LEAST* 1 interfaces you CANNOT continue. If you do not have at least 1 *REAL* network interface card(s) or one interface with multiple VLANs then pfSense *WILL NOT* function correctly. If you do not know the names of your interfaces, you may choose to use auto-detection. In that case, disconnect all interfaces now before hitting 'a' to initiate auto detection. Enter the WAN interface name or 'a' for auto-detection: em4</intel></intel></transcend></intel></intel></intel></intel></acpi></acpi></acpi></acpi></parallel></parallel></parallel></at></power></serial></ata></ata></intel></isa></pci-isa></acpi></acpi></intel></intel></intel></intel></intel></intel></encrypt></acpi></acpi></intel(r)></intel(r)></acpi></acpi></intel(r)></intel(r)></acpi></acpi></intel(r)></intel(r)></acpi></acpi></intel(r)></intel(r)></acpi></acpi></acpi></acpi></acpi></acpi></intel(r)></intel(r)></acpi></acpi></intel(r)></intel(r)></acpi></acpi></intel(r)></intel(r)></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></software></version></version></lahf></nx,lm></sse3,dtes64,mon,ds_cpl,vmx,est,tm2,ssse3,cx16,xtpr,pdcm,dca, ></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,c >if you notice in this picture .. the interfaces include the management ports, skips the console port, but INCLUDES the usb ports as interfaces (i think?)…which is strange.
i currently have my wan link plugged into port '0' but it is actually interface em4
if you have any other things you see from the bootup output dump…please feel free to respond..especially on the ram issue! :-\
i have an sas 250gb drive in the external drive bay, but i still havent figured out how to utilize it. also, i have replaced all the fans (even in the power supplies) to quieter ones that blow enough CFM .. now the unit is quiet enough to talk over with a normal voice with the fans at 100% with the internals just slightly hotter ..just slightly.
-
Nice. :)
real memory = 8589934592 (8192 MB)
avail memory = 3664801792 (3495 MB) <– i have 8gb of ram installed, why is it ignoring the full 8gb.. non-64bit?Exactly. Like any OS 32bit FreeBSD can only address ~4GB of RAM (3.6 in this case). It sees tha RAM is there but cannot talk to it. Use the 64bit image to address all of it. Looks like you have plenty of RAM slots too.
pci2: <encrypt decrypt,="" network="" computer="" crypto="">at device 0.0 (no driver attached)</encrypt>
This is some on-board cryptographic accelerator that doesn't appear to be supported. I expect it's a Cavium Nitrox chip of some type. Do you know what it is? If it'd removable then you should remove it (if it definitely isn't supported) as it otherwise just uses power and interrupts.
acpi_throttle0: <acpi cpu="" throttling="">on cpu0
acpi_throttle1: <acpi cpu="" throttling="">on cpu1
acpi_throttle1: failed to attach P_CNT <– what failed here?</acpi></acpi>This is interesting. What failed is the driver controlling the CPU speed trying to attach to the CPU. What's interesting is that it didn't fail on cpu0. It's likely that it's trying to control 4 cpus independently but in reality their clock speeds are locked together such that only cpu0 is variable. FreeBSD sees 8 CPUs but I there are in fact 2 physical processors, is that 2 cores on each with hyperthreading?
if you notice in this picture .. the interfaces include the management ports, skips the console port, but INCLUDES the usb ports as interfaces (i think?)…which is strange.
i currently have my wan link plugged into port '0' but it is actually interface em4
Why do you think it's using the USB ports as interfaces? I don't see that in the log. At the end of the boot it lists only the 14 em NICs as available interfaces.
The interface numbers are determined by the order in which they are detected at boot which is in turn determined by how the OS 'walks' the PCI bus(es). What's more interesting, to me at least ;), is to look at the MAC addresses assigned to the NICs by Watchguard. They are *******70 to 7d. you might exepct 70 to be the first interface but it fact it appears to be 7c. There's nit much you an do about that other than discover which is which and write it down!
Try the LCD driver when you can. If that works then we could try to get the arm/disarm LED working.
Steve
-
you are 100% correct on the 64bit version. i am a complete DOLT for missing that! i know better than that. 17+ years, and i put the wrong image on. what a DOLT! :o
you are correct with the cavium card as well…its in the box..but now taken out. i wasnt sure if it was supported or not, and i actually didnt catch that in the output. thanks!
the unit has two quad core xeon cpus (no hyperthreading on to my knowledge…i have not been able to get into the bios via the console..YET) which are 5140 models i believe. so it 'should' see four cores for each proc.
should i even worry about that failure on the cpu driver controlling the speed? i am not at the box at the moment, but i BELIEVE i did not see that after i loaded up the 64bit image. i shall let you know.i figured out the interface numbering. no biggie, but i didnt think the management ports would be included. they are though…so hey...two more 1gb ports. no complaints there!
as for the LCD driver, i havent loaded that up yet, but i will and see if i can get it to work. any suggestions on which model i should pick in the LCD driver option? the older fireboxes worked fine, but i could never get the backlight to stay on 100% of the time. i would like it to be on 100% of the time so i can just walk by it, and see it without having to push a button. just my OCD at play there.
i am slowly moving stuff over to this box, but i havent tried HA failover to one of the older fireboxes (i wish i could find another one of these for around the price i got this one at..which was under 200$...) i REALLY wish that HA could be handled at a different layer than IP. that would help people who have to rely on one dhcp ip address, but give them the option of HA failover. ....if that makes sense?
thank you for the information and answers stephenw10!
now if i could just get this damn sas drive to work … i could put varnish or sometime like that on here.
does anyone have any ideas on how to utilize the internal hdd? its just a regular sas drive with a powered back plan plugged into the mainboard. i would love to utilize the space! :-\ -
you are correct with the cavium card as well…its in the box..but now taken out. i wasnt sure if it was supported or not
You should check what card/chip it is because there may be some support an it would be useful to have if you're running any VPNs.
i have not been able to get into the bios via the console..YET
Other Watchguard models have had console redirect for bios access disabled by default and some have it enabled but all the bios options locked down. I would expect it to be at 115200bps and you usually have to hit 'TAB', not del, to enter the setup. Is it Award or AMI?
should i even worry about that failure on the cpu driver controlling the speed?
No. Especially not at this stage. If later on you are trying to use powerd and the CPUs are not switching speeds then perhaps it needs investigating. It may be disabled in the bios.
as for the LCD driver, i havent loaded that up yet, but i will and see if i can get it to work. any suggestions on which model i should pick in the LCD driver option?
Well all the previous models have repliocated the LCD in the original X-Core box, presumably to simplify the Watchguard OS, so I'd start off by trying that. The sdeclcd driver that is.
i could never get the backlight to stay on 100% of the time. i would like it to be on 100% of the time so i can just walk by it, and see it without having to push a button. just my OCD at play there.
You're in luck. Another user just recompiled the driver module with the backlight timer removed:
https://forum.pfsense.org/index.php?topic=7920.msg409215#msg409215i got this one at..which was under 200$…
:o Think you got a bargin there, I doubt you'll find another even close to that!
now if i could just get this damn sas drive to work …
I'm not really familiar with SAS drives I confess but I would expect it can be made to work. Is it connected in the dmesg output above? I would first check that the disk controller is being recongnised, it may require some additional modules loading. Check the output of pciconf -lv for unclaimed devices, labelled 'none'.
Steve
-
Load of useful info in the NAR-7090 manual, here. Including the many jumper settings.
It looks like the BIOS is AMI and is accessed at 19,200bps.Steve
-
Load of useful info in the NAR-7090 manual, here. Including the many jumper settings.
It looks like the BIOS is AMI and is accessed at 19,200bps.Steve
i can only connect to it @ 9600…
ill respond to the other answers you gave me above (i am completely up on *ix as i am on MS server software)
oh, i could have gotten TWO of these things for under 600$, but apparently the guy selling the used boxes got a buyer for one of them...and i snatched up the other one. it was on ebay for months..both of them.
i installed 2.1.2 64bit today (damn openssl), and got all my memory (im SUCH A DOLT!) but still nothing on the HDD. i do have 1.8gb free, but its just a 4gb cfcard. hense why i want to use the SAS drive. i will try to get into the bios to see if it is enabled....
powerd IS working..as this is was is shown on the dashboard.
Intel(R) Xeon(R) CPU E5410 @ 2.33GHz
Current: 1737 MHz, Max: 2316 MHz
8 CPUs: 2 package(s) x 4 core(s)thanks for all the help...more to come.
-
Cool stuff. :)
You may need to modify the BIOS to get access to it then. Obviously some risk involved with that, see the XTM8 thread.Check that all the cores are being frequency changed. Try using:
sysctl -a | grep freqIt will show a whole load of things but included in that will be current frequency for each cpu.
It looks like in the original, un-customised, Portwell box the HD caddy is SATA. Is there additional hardware in the 1050? I couldn't really see much in the de-manufacturing docs.
Steve
