Watchguard XTM 5 Series
-
I use a Cisco cable here just fine.
Can you provide me more details.. If you have an example of one on Ebay, please provide me a link to the Ebay auction. I don't have any serial ports on my laptop, so would I need a serial or RJ45 to USB cable as well. Please advise.
-
Yes you will need a USB-Serial port adapter. Alternatively you can get an all in one device like this:
http://www.ebay.co.uk/itm/251718442782
I've not used that specifically myself but I would imagine it will work fine with the XTM5.Steve
-
On the gen 1 XTM5 is really pretty straight forward:
Download an appropriate pfSense NanoBSD image such as this: http://files.uk.pfsense.org/mirror/downloads/pfSense-2.1.5-RELEASE-1g-amd64-nanobsd.img.gz
Write the image to a CF card (of 1GB or bigger). Use physdiskwrite directly or extract the image from the gzip file and use Win32diskimager.
Insert the CF card in the XTM5 and boot. :DYou will need to have the console cable connected and a terminal running at 9600bps so that you can do the initial interface assignment before connecting to the webgui.
You may have read about the unlocked BIOS in this thread but that's for the gen1 box, DO NOT try to flash that. ;)
You may also choose to go straight to a 2.2beta image, the RC is imminent at this point.
The only thing we have to go on in terms of hardware is the official hardware guide. It states 'Intel dual core CPU'. The gen1 box had a single core Celeron so that's definitely different. The PSU look slightly different but could just be a change of manufacturer. Other than that it looks identical externally.
Steve
I want to make sure I download the right pfsense image file for the Watchguard XTM 525 model. Can someone please confirm (see below)….
Which Image Do I Need?
Computer Architecture: AMD64 (64-bit)
Platform: Embedded (NanoBSD) typically with CF
Console: Serial
CF card size: 1 GB
-
Yep, that should get you the same file I linked to above.
You can use 32bit of course if you want. We don't know what CPU your box will have but I'm assuming it's 64bit capable. ;)The docs wiki page has recently been greatly improved for writing images I've just noticed:
https://doc.pfsense.org/index.php/Writing_Disk_ImagesSteve
-
Yep, that should get you the same file I linked to above.
You can use 32bit of course if you want. We don't know what CPU your box will have but I'm assuming it's 64bit capable. ;)The docs wiki page has recently been greatly improved for writing images I've just noticed:
https://doc.pfsense.org/index.php/Writing_Disk_ImagesSteve
It may be the Celeron E3400…
I want to make sure I understand the installation process so I will post a few questions in 20 minutes. I want to install pfsense on a hard drive. I have a spare 250GB Seagate SATA III drive that I plan to install in the Watchguard box. Do I need a drive caddy? As far a terminal, I assume I will need something like HyperTerminal for the initial setup. If yes, do you know the baud rate, parity, etc. settings?
1. Will I need to flash the BIOS to install pfsense on a hard drive in the Watchguard box?
2. How do you bring up the BIOS in the Watchguard machine? -
Ah, things are more complex installing to harddisk. On another box you would boot from a USB stick and install to the HD but the XTM5 (gen1 at least) is locked down so you can't. You would have to install to the HD in another machine and move the drive across into the XTM5. There is no option to install to a HD from the NanoBSD image.
Without looking inside the box I have no idea what hardware you might need. In the gen1 there are mounting points for a drive holder of some kind but it's not included and there is a spare SATA power connector.
I always use putty as a serial terminal. The board rate is 9600 in 2.1.X. If you switch to 2.2 it is changed to 115,200 which is much nicer. You can set a higher speed in 2.1.5 in the webgui.Steve
-
Ah, you edited while I was typing. ;)
The bios in the gen2 box may be more or less locked down. No way to know until you try it.
The BIOS appears on the serail console by default at 115200 on the gen1. You can enter the setup by pressing 'TAB' (not del) but the only thing you can change is the time and date.There's a strong possiblity that the only thing that changed between gen1 and gen2 was the CPU in which case everything is much easier. :)
Steve
-
Ah, things are more complex installing to harddisk. On another box you would boot from a USB stick and install to the HD but the XTM5 (gen1 at least) is locked down so you can't. You would have to install to the HD in another machine and move the drive across into the XTM5. There is no option to install to a HD from the NanoBSD image.
Without looking inside the box I have no idea what hardware you might need. In the gen1 there are mounting points for a drive holder of some kind but it's not included and there is a spare SATA power connector.
I always use putty as a serial terminal. The board rate is 9600 in 2.1.X. If you switch to 2.2 it is changed to 115,200 which is much nicer. You can set a higher speed in 2.1.5 in the webgui.Steve
According to the installation document in the URL below, there is an option 99 to install on a hard drive..
https://doc.pfsense.org/index.php/Installing_pfSense#Embedded
Additionally, I have a 2GB CF card. So do I need to select the 2GB CF pfsense image file?
-
You can write the NanoBSD image to a hard drive and it will run from there no problem.
What you can't do is boot from the CF card with a Nano image on it and then install to a HD from there.You can use the 1GB image on a 2GB CF card. And in fact I'd recommend that you do. It's writes much faster to the card but more importantly CF cards that claim to be 2GB are often actually smaller than that causing the 2GB image not to fit.
Steve
-
Ah, you edited while I was typing. ;)
The bios in the gen2 box may be more or less locked down. No way to know until you try it.
The BIOS appears on the serail console by default at 115200 on the gen1. You can enter the setup by pressing 'TAB' (not del) but the only thing you can change is the time and date.There's a strong possiblity that the only thing that changed between gen1 and gen2 was the CPU in which case everything is much easier. :)
Steve
Please fill in the terminal emulation settings below for the BIOS screen and pfsense installation:
To access the Watchguard BIOS Screen:
Speed (baud): 115200
Data Bits: ?
Stop Bits: ?
Parity: ?
Flow Control: ?pfsense Installation (v 2.1.5):
Speed (baud): 9600
Data Bits: ?
Stop Bits: ?
Parity: ?
Flow Control: ? -
You can write the NanoBSD image to a hard drive and it will run from there no problem.
What you can't do is boot from the CF card with a Nano image on it and then install to a HD from there.You can use the 1GB image on a 2GB CF card. And in fact I'd recommend that you do. It's writes much faster to the card but more importantly CF cards that claim to be 2GB are often actually smaller than that causing the 2GB image not to fit.
Steve
I am trying to understand your comment about "What you can't do is boot from the CF card with a Nano image on it and then install to a HD from there." In the section of the installation guide called "Installing pfSense to Hard Disk", it looks like you can install pfsense on a hard drive after booting from the CF card with a Nano image on it.
Additionally, if the BIOS is locked, I will be forced to run from the CF card.
-
You can write the NanoBSD image to a hard drive and it will run from there no problem.
What you can't do is boot from the CF card with a Nano image on it and then install to a HD from there.You can use the 1GB image on a 2GB CF card. And in fact I'd recommend that you do. It's writes much faster to the card but more importantly CF cards that claim to be 2GB are often actually smaller than that causing the 2GB image not to fit.
Steve
I am trying to understand your comment about "What you can't do is boot from the CF card with a Nano image on it and then install to a HD from there." In the section of the installation guide called "Installing pfSense to Hard Disk", it looks like you can install pfsense on a hard drive after booting from the CF card with a Nano image on it.
Additionally, if the BIOS is locked, I will be forced to run from the CF card.
I found a thread with questions about unlocking the BIOS and running from a hard drive with the XTM 505 model.
https://forum.pfsense.org/index.php?topic=83670.msg458501#msg458501
-
The settings are '8N1' which is pretty standard. However they're ordered differently in putty. See screenshot attached.
The CF card appears to the BIOS as the first hard drive so I believe it will boot from a real HD if that's the only one. They are IDE and SATA though.
You only get the option to install if you've booted from a CD or a memstick image. If you look at the screenshots shown in that part of the doc they are taken from 1.0Beta in 2006!
If you want to do it all on the box you might be able to flash the CF card with the 'memstick-serial' image and boot that. You would then have an install option. However be prepared for trouble if you try that because it will expect to be attached via USB not IDE.Try running Nano from a CF card for starters. Check the hardware is good. Move on from there.
Steve
-
The settings are '8N1' which is pretty standard. However they're ordered differently in putty. See screenshot attached.
The CF card appears to the BIOS as the first hard drive so I believe it will boot from a real HD if that's the only one. They are IDE and SATA though.
You only get the option to install if you've booted from a CD or a memstick image. If you look at the screenshots shown in that part of the doc they are taken from 1.0Beta in 2006!
If you want to do it all on the box you might be able to flash the CF card with the 'memstick-serial' image and boot that. You would then have an install option. However be prepared for trouble if you try that because it will expect to be attached via USB not IDE.Try running Nano from a CF card for starters. Check the hardware is good. Move on from there.
Steve
I am trying to understand how this person in the thread below got pfsense installed on a hard drive that is in a XTM 505 model.
https://forum.pfsense.org/index.php?topic=83670.msg458501#msg458501
-
Re question 2:
Yes it booted off the SATA HDD no BIOD modding required. I simply installed pfSense using an old laptop and selected standard kernel as the last option.He put his target hard drive into and old laptop and then booted the laptop from a pfSense CD. Then installed to the hard drive choosing the standard kernel so that it could boot on the laptop presumably.
If you do that then you must boot and setup pfSense sufficiently that you can access the webgui in order to enable the serial console. Alternatively when you are running the install choose the 'embedded' kernel and it will default to the serial console. That means it won't boot on the laptop but will when you move it back to the XTM5.
If you use a 2.2Beta image instead the 64bit version has both vga and serial consoles by default so there's no worries there. ;)Steve
-
Re question 2:
Yes it booted off the SATA HDD no BIOD modding required. I simply installed pfSense using an old laptop and selected standard kernel as the last option.He put his target hard drive into and old laptop and then booted the laptop from a pfSense CD. Then installed to the hard drive choosing the standard kernel so that it could boot on the laptop presumably.
If you do that then you must boot and setup pfSense sufficiently that you can access the webgui in order to enable the serial console. Alternatively when you are running the install choose the 'embedded' kernel and it will default to the serial console. That means it won't boot on the laptop but will when you move it back to the XTM5.
If you use a 2.2Beta image instead the 64bit version has both vga and serial consoles by default so there's no worries there. ;)Steve
Is the 2.2 Beta image safe to use? It's only for home use..
I am trying to understand your previous post. So there are 2 options to install on a hard drive:
1. He put his target hard drive into and old laptop and then booted the laptop from a pfSense CD. Then installed to the hard drive choosing the standard kernel so that it could boot on the laptop presumably.
2. Alternatively when you are running the install choose the 'embedded' kernel and it will default to the serial console. That means it won't boot on the laptop but will when you move it back to the XTM5.So what image file would I use for Option #1 and #2?
-
Is the 2.2 Beta image safe to use?
Ive got it running in production at one of my satellite offices, a customers (due to reasons) and on my testbox without any issues. Besides looks to go RC next snapshot when they start up again. :)
-
Yep, I'm running 2.2 on my XTM5, no problems.
Sorry I was unclear about those options. It's the same file, both are from the ISO CD image.
When you install you get given a choice of which kernel you'd like to use. The only difference between them is that the 'standard' kernel uses the monitor and keyboard for its console and the 'embedded' kernel uses the serial port.Choosing the embedded kernel seems like the right choice there, because the XTM5 has a serial console port, but that does mean that you can't boot the laptop into pfSense from the HD to test it, not necessarily a problem.
If you choose the standard kernel you can still enable a serial console afterwards using an option in the gui.
I have used both before, though not in the XTM5, and they work equally well.
Steve
-
Yep, I'm running 2.2 on my XTM5, no problems.
Sorry I was unclear about those options. It's the same file, both are from the ISO CD image.
When you install you get given a choice of which kernel you'd like to use. The only difference between them is that the 'standard' kernel uses the monitor and keyboard for its console and the 'embedded' kernel uses the serial port.Choosing the embedded kernel seems like the right choice there, because the XTM5 has a serial console port, but that does mean that you can't boot the laptop into pfSense from the HD to test it, not necessarily a problem.
If you choose the standard kernel you can still enable a serial console afterwards using an option in the gui.
I have used both before, though not in the XTM5, and they work equally well.
Steve
During the initial installation, pfsense will ask me for the LAN and WAN interface name based on the current hardware that I am running the installation on. Will those interface names be different in the local PC/laptop versus the XTM5 device therefore preventing me from using the initial setup configuration in the XTM 5 machine? Please advise.
-
Yep, I'm running 2.2 on my XTM5, no problems.
Sorry I was unclear about those options. It's the same file, both are from the ISO CD image.
When you install you get given a choice of which kernel you'd like to use. The only difference between them is that the 'standard' kernel uses the monitor and keyboard for its console and the 'embedded' kernel uses the serial port.Choosing the embedded kernel seems like the right choice there, because the XTM5 has a serial console port, but that does mean that you can't boot the laptop into pfSense from the HD to test it, not necessarily a problem.
If you choose the standard kernel you can still enable a serial console afterwards using an option in the gui.
I have used both before, though not in the XTM5, and they work equally well.
Steve
During the initial installation, pfsense will ask me for the LAN and WAN interface name based on the current hardware that I am running the installation on. Will those interface names be different in the local PC/laptop versus the XTM5 device therefore preventing me from using the initial setup configuration in the XTM 5 machine? Please advise.
OK… During the pfsense installation process using my laptop to install the software on a hard drive that will eventually be installed in the XTM5 machine, I assume I need to stop at the reboot screen so I don't get to the screen for the setup of the WAN and LAN interface. When my XTM5 box arrives, I will install the hard drive in the XTM5 machine, boot from the hard drive and I should now see the reboot screen. I will reboot and now I should be able to setup the WAN and LAN interface on the XTM5 machine. Is that the proper procedure?