Watchguard XTM 5 Series

mcdonnjd

@stephenw10:

Nope. Just tried several images on several CF cards. I'm sure it worked fine when I first tried it. Hmm… :-\

Steve

I've never tried using DOS (FreeDOS or otherwise) over a serial console, so I'm not even sure where to start in trying to get it to work. My searches on Google aren't giving much insight either. This is pretty standard x86 hardware, so it should work just fine, at least for the purposes of flashing the BIOS in DOS, but I've not had luck either, though I'm not sure I'm doing it right. Maybe I should try with a hard drive instead of CF card and see if I have better luck. If I format the drive to boot FreeDOS, I should be able to copy the files from the image over and have it work just fine. Assuming the box will boot it.

Is my Cisco console cable going to work for this or will I need some sort of other null modem cable? Your image IIRC beeps when it finishes booting to the command prompt, so at the least, I should be able to get to that. If I can, I can probably script the autoexec to launch the utility to backup the BIOS and then reprogram the BIOS without having to actually have a working console. A bit risky doing low level stuff like that without any visual confirmation of what's going on, especially since it seems mine is different in that it won't flash from flashrom. Maybe I'll just have it backup the BIOS and then take a look at that BIOS file to see if it's different in any other ways. If I can get a backup of my BIOS, would you be willing to take a look at the resulting file? From what it looks like, it should be identical, but better safe than sorry. Or if you could point me to where to get the files for modifying it myself, I could take a look myself. Been a long time since I've tinkered with something like this. Was able to hot flash a BIOS chip last time I messed around with a BIOS so if I got it wrong, I could easily reprogram the BIOS back to default using another BIOS chip to boot it up. Wish I had the option on this board, would be a bit more comfortable.

stephenw10

So the thing to know about the FreeDOS serial console is that it can only use hardware flow-control, it needs the additional wiring in the serial cable to work. In the X-e firebox that was true of the BIOS serial re-direct code but that was an older Award BIOS.
https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Not_All_Null_Modem_Cables_are_Created_Equal.21
It's possible the RJ45 console cable doesn't support hardware flow control which would explain why we aren't seeing anything. One possibility in that case would be to use the internal serial header for com2 with 9-pin socket and known cable.

Running it blind is a possibility. A user in the X-e thread did that when they could find a cable that worked. I think they edited the autoexec.bat file to put in more beeps to know what stage it's at.

Steve

mcdonnjd

@stephenw10:

So the thing to know about the FreeDOS serial console is that it can only use hardware flow-control, it needs the additional wiring in the serial cable to work. In the X-e firebox that was true of the BIOS serial re-direct code but that was an older Award BIOS.
https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Not_All_Null_Modem_Cables_are_Created_Equal.21
It's possible the RJ45 console cable doesn't support hardware flow control which would explain why we aren't seeing anything. One possibility in that case would be to use the internal serial header for com2 with 9-pin socket and known cable.

Running it blind is a possibility. A user in the X-e thread did that when they could find a cable that worked. I think they edited the autoexec.bat file to put in more beeps to know what stage it's at.

Steve

I got a little further with this. While I was unable to get it to boot off the CF card, with the hard drive, I get to the point where the Watchguard will beep when it switches to the console. However, it doesn't get any further than that. I'm messing around with some RJ45 to serial adaptors, but I think I'm going to need to wire a special Cat5 connector for it to work. I forgot about the internal COM2 port… I think I might try that instead as I should have a serial port connected to a pin block laying around here somewhere. Think it would be easier than trying to figure out how the RJ45 port is wired to figure out what to connect to it.

EDIT>>
What settings in PuTTY are the required settings for hardware flow control? I can hook it up to an XP machine if needed and use hyperterm with it's hardware setting, but I prefer PuTTY/KiTTY over hyperterm if possible. XON/XOFF, RTS/CTS, and DSR/DTR are the flow control options, and XON/XOFF I believe is software and not hardware, so RTS/CTS or DSR/DTR are my options and I can try with both, but if you can let me know which is correct, it'll speed up the process. :)

EDIT2>>
OK, I'm assuming J13 is the serial port, however, for whatever reason, HP used 16 pin header blocks for their serial port B on the desktops I have in storage, so that's obviously not going to fit the 10 pin header block on this board. Unless that's USB and I might be able to get some sort of USB->serial adapter working in FreeDOS. (I do have USB ports on PCB designed to be used straight off of headers for internal USB connections.) Or if any of the pins not in blocks are for serial, I could try this as only 9 of these pins are actually connected, hopefully all in a row. (I tried looking for a manual or diagram for this motherboard and wasn't able to find one, so I'm not sure what any of the pinouts are for.)

stephenw10

That's a good question. I'm using Putty in Xubuntu but when I was first investigating the XTM5 I was using WinXP. The Linux version doesn't appear to offer DSR/DTR so maybe I used that.  :-\

The manual for the FW-7581 also lists the com2 header J13, see pic.

Steve

mcdonnjd

@stephenw10:

That's a good question. I'm using Putty in Xubuntu but when I was first investigating the XTM5 I was using WinXP. The Linux version doesn't appear to offer DSR/DTR so maybe I used that.  :-\

The manual for the FW-7581 also lists the com2 header J13, see pic.

Steve

Where are you finding the manual at? I tried searching their site but was only finding brochures and a data sheet that didn't include motherboard layout or anything.

I'm going to dig through my stuff in the basement for a serial port with cable. Maybe take the one off my PIX hack job running pfSense on an upgraded P4, but I think that motherboard was from one of those HP machines as well. I have a feeling though, that if I have one still, which I most likely don't anymore, it'll be at my parents' house. Most of my old stuff that I had at their house has been tossed over time though.

I'll let you know what I find, though I'm wondering if it would just be easier to automatically do it via the autoexec.

chpalmer

@John:

Is my Cisco console cable going to work for this?

I used mine without issue.  And pretty much left Putty as is with the exception that I set it for 115200 for the baud rate.

mcdonnjd

@chpalmer:

@John:

Is my Cisco console cable going to work for this?

I used mine without issue.  And pretty much left Putty as is with the exception that I set it for 115200 for the baud rate.

You used a Cisco console cable with hardware flow control in FreeDOS with the XTM5?

stephenw10

For a short time Lanner had a forum up that was frequented by staff with access to all manner of useful stuff. You could ask them and, mostly, they would put it up for you. I got a few manuals and bios updates that way. It's gone now.  :'(
I thought I had the proper FW-7580 manual but I can't find it now. The problem with working at several computers!  ::)
I'll put it up somewhere an send you a link.

Steve

ScottMcNaught

Hey guys,

I have some exciting news!  After some research, I tried an experiment.

I have successfully achieved a Watchguard XTM 505 running a Quad Core Xeon L5420 CPU on pfSense!

The LGA 771 to 775 pin mod works!  See: http://www.delidded.com/lga-771-to-775-adapter/

I bought this: http://www.ebay.com/itm/291073902038

You need to be very careful putting the sticker onto the CPU, and then ultra careful cutting the tabs off the motherboard.  I did this with a Stanley knife.

Cheers,

Scott McNaught
http://www.synergy8.com/

stephenw10

Ooo, ambitious!  :D
Nice work. 50W TDP, do you have any actaul power consumption figues?

Steve

mcdonnjd

@stephenw10:

For a short time Lanner had a forum up that was frequented by staff with access to all manner of useful stuff. You could ask them and, mostly, they would put it up for you. I got a few manuals and bios updates that way. It's gone now.  :'(
I thought I had the proper FW-7580 manual but I can't find it now. The problem with working at several computers!  ::)
I'll put it up somewhere an send you a link.

Steve

That would be handy. Now you can't even find anything about the FW-7580 at all other than it's a discontinued product. I wonder if contacting them directly might get you a copy of the FW-7580 manual.

In other news, I had a major find today. Decided to check an old storage room that used to be for the computer club, which was disbanded years before I started working here, but we used it for storage of old junk for a long while until we were asked to clean it out so they could store some tables and desks and books in there. I was certain we cleaned it all out, but on the shelf was a couple of boxes, mostly random junk like some ISA video cards, some PCI ethernet cards, a bunch of ribbon cables, some hard drive mounting brackets for who knows what model of PC and other odds and ends. And the big score of the bunch, a serial port on a ribbon cable to a proper 10 pin header. I'm tempted to cut out a hole in the back of the XTM and permanently mount it there, but I see no real need to do that as this will probably be the only time I'll need to use it. I also found a slot cover with a DB9 and a DB25 connectors on ribbon cables which I'm stashing in my desk drawer for a rainy day. (Which today is, but I'll stash it for a different rainy day. lol) And I also grabbed a slot cover with a LPT and PS2 port with cables and headers, though I'll probably never use that one.

And while setting up a laptop on our backup internet connection, I came across a null modem cable coiled up in the bottom of the cabinet, so I don't even need to mess around with the Cat5 to serial adapters to figure out how to make a Cat5 cable to get it to act as a null modem cable.

So I'm now in FreeDOS on COM2.

C:\BIOS>biosid
        ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
        ³       BIOSID v1.1 - BIOS Identification Utility       ³
        ³       Copyright (c) 1998 Unicore Software, Inc.       ³
        ³       Tel : 1-800-800-BIOS                            ³
        ³       http: //www.unicore.com/                        ³
        ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
BIOS DATE  : 02/03/10BIOS TYPE  : American Megatrends, IncBIOS ID    : 64-0100-0
09999-00101111-020310CHIPSET ID : Eaglelake

        Press Any key to exit!

Unfortunately, I didn't add the AMI utilities to the hard drive yet, so that's as far as I've gotten, but now I know I'm good to get into this. Just need to pull a copy of the old BIOS off and verify it matches your original so I know I can flash your modified one without having to tinker around with my image myself, though I do love some good tinkering and I probably will get around to it at some point just because. I think you posted earlier in this thread which version of the utilities to use to modify without corrupting the BIOS.

Anyway, I've got some work to do. :)

EDIT>>

C:\BIOS>afudos og-bios.rom /o
 +---------------------------------------------------------------------------+
 |                     AMI Firmware Update Utility  v4.40                    |
 |      Copyright (C)2011 American Megatrends Inc. All Rights Reserved.      |
 +---------------------------------------------------------------------------+
- Saving current BIOS into file: og-bios.rom
- Reading flash ......... done
- Program ended normally.

C:\BIOS>dir
 Volume in drive C has no label
 Volume Serial Number is 294C-120C

 Directory of C:\BIOS

.                    

<dir>  05-20-14 10:47a
..                   

<dir>  05-20-14 10:47a
AFUDOS   EXE       154,432  07-17-12 10:44a
BIOSID   COM         1,080  04-29-98 11:14a
BIOSID   TXT           661  05-04-98  4:30p
BIOSID2  TXT           645  12-08-10  3:10p
BIOSID3  TXT           637  12-08-10  7:49a
OG-BIOS  ROM     1,048,576  05-21-14 11:26a
XTM5_83  ROM     1,048,576  05-14-14  4:11p

C:\BIOS>afudos og-bios.rom /d
 +---------------------------------------------------------------------------+
 |                     AMI Firmware Update Utility  v4.40                    |
 |      Copyright (C)2011 American Megatrends Inc. All Rights Reserved.      |
 +---------------------------------------------------------------------------+
- Bootblock checksum .... ok
- Module checksums ...... ok
- ROM File Size checking ........ ok
- ROM ID checking ............... ok
- ROM File verification status .. ok
- Program ended normally.

EDIT2>>
Here's the [OG-BIOS.ROM](http://www.gorgarath.com/random/OG-BIOS.ROM) file. Can you verify that it matches your original BIOS so I know if I can just flash the modified BIOS you've provided?

EDIT3>>
I didn't find version 3.5.1, but did find 3.4.6 of the program who's name is escaping me at the moment as I'm on my phone now, and opened up your modified BIOS image and the image I pulled off the XTM and looked through the generated reports for each. While I don't know what to look for specifically, everything seemed pretty much the same, so I went ahead and flashed your modified BIOS and am able to access everything in the BIOS now. I haven't had a chance to see if flashrom will access the BIOS now or not as I haven't had a chance to turn it on after putting it all back together. I'll probably get to that later tonight.</dir>

</dir>

stephenw10

Ah, that's cool.  :) Sorry for the delay replying.
You must use 3.51.
3.46 might corrupt the bios and there is no way to tell until the box doesn't boot.

The bios you backed up up is not the same as my original backup:

steve@steve-Satellite-Pro-A300:~/Desktop$ md5sum OG-BIOS.ROM 
6ce4e0811a16a61f98e051caee7d3bbb  OG-BIOS.ROM
steve@steve-Satellite-Pro-A300:~/Desktop$ md5sum xtm5.rom 
6fd0df1ef90335d5a4af2e9bea1a6958  xtm5.rom

However I don't think that's necessarily a problem. When I have backed up the BIOS rom before and compared it they have always been different. I believe that the downloaded ROM file must contain some dynamic data which changes every time making comparison like that impossible.

Steve

Edit: typos

mcdonnjd

@stephenw10:

Ah, that's cool.  :) Sorry for the delay replying.

No worries. :)

@stephenw10:

You must use 3.51.
3.46 might corrupt the bios and there is no way to tell until the box doesn't boot.

I used backup copies of the files and only read the files and didn't do any modifications or re-save. Would you happen to know where a copy of 3.51 could be acquired from? I've had no luck finding anything newer than 3.46 and older than something like 7 or something.

@stephenw10:

The bios you backup up is not the same as my original backup:

steve@steve-Satellite-Pro-A300:~/Desktop$ md5sum OG-BIOS.ROM 
6ce4e0811a16a61f98e051caee7d3bbb  OG-BIOS.ROM
steve@steve-Satellite-Pro-A300:~/Desktop$ md5sum xtm5.rom 
6fd0df1ef90335d5a4af2e9bea1a6958  xtm5.rom

However I don't think that's necessarily a problem. When I have backuo the BIOS rom before and compared it they have always been different. I believe that the downloaded ROM file must contain some dynamic data which changes every time making comparison like that impossible.

I believe you're right in the dynamic data. IIRC, when I was comparing the reports, there was some stuff in there like date and time. In any case, your modified BIOS installed with no issues (and since I was using the DOS utility, I didn't have any issues with having to remove the battery or anything since I just used the clear CMOS option when flashing) and was able to get back into the BIOS and boot the FreeDOS image on the hard drive. I've been slacking and haven't yet tried the pfSense install on the CF card yet, but I don't see any problems with that.

I'd like to do a few extra modifications to the BIOS from what I could see in the 3.46 available settings, plus re-order that menu system so save and exit is on the end… I'm a bit OCD like that I suppose. (Actually, I know I have a lot of issues, but that's a whole other 30 volume encyclopedia set, maybe more by now... lol)

On a side note, have you had any luck with recompiling WGXepc on 64bit yet? Not demanding or anything, just idly curious. I'll try and remember which board I saw you posting questions about doing so and check that thread for an update, but just thought I'd inquire here while I'm here.

Thanks for all your help so far. And all your time spent with your seemingly 8 million different watchguard devices. :)

stephenw10

I found it here. First hit on Google.  ;)

Steve

mcdonnjd

@stephenw10:

I found it here. First hit on Google.  ;)

Steve

I think I found that one too, but when I went to the link it gave, it wanted me to download a downloader program, which I am not going to try to actually use because who knows what that actually does. However, this time, I cancelled the downloader and started typing this up with the other page still opened and it popped up with the AMIBCP download after a minute. So apparently, I was just too impatient before.

Thanks again!

stephenw10

Yes, the world of bios modification is somewhat like wading through a cess pool at times.  ;)
Obviously anything you've downloaded from some anonymous upload site (after you've closed the pop-ups) linked to from a forum by some guy in Beijing must be treated with some suspicion!

Steve

stephenw10

Right, after Ermal's helpful nudge in the right direction (and mostly because it was just a cut and paste job from lcdproc!) here is a WGXepc compiled for 64bit. Works fine on my XTM5. I still have to compile it for 32bit to make sure it's good there too.
https://sites.google.com/site/pfsensefirebox/home/WGXepc64
When I tried to fetch it directly to my XTM5 box I got a certificate error, which was slightly alarming, so you may have to sftp it across. Don't forget to set the permissions.

Give it a try anyone running amd64.

Steve

chpalmer

@stephenw10:

Right, after Ermal's helpful nudge in the right direction (and mostly because it was just a cut and paste job from lcdproc!) here is a WGXepc compiled for 64bit. Works fine on my XTM5. I still have to compile it for 32bit to make sure it's good there too.
https://sites.google.com/site/pfsensefirebox/home/WGXepc64
When I tried to fetch it directly to my XTM5 box I got a certificate error, which was slightly alarming, so you may have to sftp it across. Don't forget to set the permissions.

Give it a try anyone running amd64.

Steve

I got the certificate error as well.  I moved a copy to my webserver and fetched it from there.

Just added the shell command package and doing a re-boot now. Finally a green light on this thing.  ;D

Thank You Sir!

mcdonnjd

@stephenw10:

Right, after Ermal's helpful nudge in the right direction (and mostly because it was just a cut and paste job from lcdproc!) here is a WGXepc compiled for 64bit. Works fine on my XTM5. I still have to compile it for 32bit to make sure it's good there too.
https://sites.google.com/site/pfsensefirebox/home/WGXepc64
When I tried to fetch it directly to my XTM5 box I got a certificate error, which was slightly alarming, so you may have to sftp it across. Don't forget to set the permissions.

Give it a try anyone running amd64.

Steve

I was getting that error before when trying to pull the BIOS to my watchguard.

mcdonnjd

Interesting… I was able to edit my original BIOS to enable the extra menus, but everything was still read only, not sure what I missed. So I figured I'd just take a shortcut and edit your modified ROM and started by re-ordering the menus so they matched the original BIOS and had the Exit menu on the end. However, now when trying to access the BIOS, it just gives me a blank screen with 'WAIT' in the middle of it.

The box will still boot up and everything seems to be working correctly with the exception of not being able to get into the BIOS. Kinda scratching my head on this one. Think I'll try going back to my original BIOS and try enabling the menus and getting them to not be read only.

At least this is kinda fun and I've got some time to kill before we move to the new house where I'll be putting this into operation.