Successful Install on Watchguard Firebox X700!
-
-
cuau0 will almost certainly be the front console port which you won't be able to use if you're running nano. Does it list cuau1?
Have you tried the tinydns package? Or Unbound?
Steve
I only see cuau0. I will have to open the box and see what connectors are on motherboard in case it has 2nd serial port. Some Watchguard's have 2 serial ports where one is the front console port and other is typically not used, but available.
TinyDNS and Unbound, I cant figure out how to setup the pfSense as Slave. BIND on pfSense is more user friendly and more advanced, but running into those weird crypto errors. My Windows Server 2003 is my the master DNS.
-
cuau0 will almost certainly be the front console port which you won't be able to use if you're running nano. Does it list cuau1?
Have you tried the tinydns package? Or Unbound?
Steve
I only see cuau0. I will have to open the box and see what connectors are on motherboard in case it has 2nd serial port. Some Watchguard's have 2 serial ports where one is the front console port and other is typically not used, but available.
TinyDNS and Unbound, I cant figure out how to setup the pfSense as Slave. BIND on pfSense is more user friendly and more advanced, but running into those weird crypto errors. My Windows Server 2003 is my the master DNS.
I just opened up my Watchguard X700. I see COMA1 which is the console port near front of motherboard. I also see a COMB1 right next to that will require DB9 Serial Add-A-Port Adapter though.
Example (Watchguard XTM 5 Series): https://forum.pfsense.org/index.php?topic=43574.msg430594#msg430594
-
It will also need to be enabled if it's not showing up. Probably in the bios.
Steve
-
Hey all.
Picked up a Firebox x500 at Salvation Army for $10 last week. I know it's old hardware, but that red paint job… : )
Was able to install pfSense on a 2gb CF card and set everything up: re0 as WAN, re1-4 bridged to make LAN, and re5 as GUEST (plugs to spare unsecured WiFi router). Thanks for all the posts helping me along so far!
I've found my box at least to be really sensitive to shutdowns at the wrong time: had to reimage the CF card (or at least the NanoBSD slice) a couple times because of power getting pulled. I don't know if this is related to my card, box, or the design of the x500 in general. Something to be aware of, anyway.
lcdproc-dev failed to unpack properly after about 10 mins of activity, with an LZMA error. Don't know what that was all about. Haven't tried again.
Oh, also: how do I get into the BIOS?
-
Hmm, I've pulled the plug on my box many times without ever having a problem. Sounds like you may have an issue. Check that the filesystem is mounted read-only (shown on the dashboard).
There is no way of accessing the BIOS over serial on these boxes. You need to use a PCI graphics card and a keyboard header. You shouldn't need to access it though.
I know it's old hardware, but that red paint job… : )
Yep. ;D
-
I have problem.
I make update pfSense in my Firefox X700 from 2.1 to 2.2 and… my LCD not work. :(Beginning package installation for LCDproc-dev .
Downloading package configuration file… done.
Saving updated package information... done.
Downloading LCDproc-dev and its dependencies...
Checking for package installation...
Downloading https://files.pfsense.org/packages/10/All/lcdproc-0.5.6-i386.pbi ... (extracting)
ERROR: No digital signature! If you are SURE you trust this PBI, re-install with --no-checksig option.
of lcdproc-0.5.6-i386 failed!Installation aborted.Removing package...
Starting package deletion for lcdproc-0.5.6-i386...done.
Removing LCDproc-dev components...
Tabs items... done.
Menu items... done.
Services... done.
Loading package instructions...
Include file lcdproc.inc could not be found for inclusion.
Removing package instructions...done.
Auxiliary files... done.
Package XML... done.
Configuration... done.
done.
Failed to install package.Installation halted.
Any sugestion ?
-
You need to allow unsigned packages in System > Advanced, Miscellaneous tab. The dev package is unsigned, and probably should be. It's got issues in 2.2 though they can be worked around:
https://forum.pfsense.org/index.php?topic=7920.msg479877#msg479877Steve
-
Don't know if anyone has gotten a "ata0: DMA limited to UDMA33, controller found non-ATA66 cable" when installing 2.2 on the X1000.
-
That's to be expected, the connection is not UDMA-66 capable. Is it preventing it from booting? You might need to disable DMA, read this:
https://forum.pfsense.org/index.php?topic=20095.msg480824#msg480824Steve
-
That's to be expected, the connection is not UDMA-66 capable. Is it preventing it from booting? You might need to disable DMA, read this:
https://forum.pfsense.org/index.php?topic=20095.msg480824#msg480824Steve
Yes, it's preventing me from booting. So I just have to edit the file in the "Diagnostics - Edit File" in the /boot/loader.conf file, then update? Just want to make sure….
-
You need to use the file:
/boot/loader.conf.localThe standard loader.conf file isn't copied across when you do a firmware update and can be overwritten.
However that log line about the cable is normal because it isn't an 80pin cable/connection. What do your boot logs actually show before it fails to boot?
Steve
-
Any hint to make a clean install on a HD? I installed it on a new HD but the system isn't showing any output on the serial console. I tried two HDs, always the same.
Booting from a CF card is working with output to putty.Is there is another way like the X750e boxes for starting?
I used the box with the 2.1 version without any problems. The console always showed up.
The display light is going out while starting…. very strange.Matthias
-
Hmm, that's tricky. You're using the same HD so it's unlikely to be a BIOS detection issue. You'd need to use a PCI graphics card to determine that though.
How did you install to the drive? There's no HD activity LED on the X700 so it may be booting to something and failing at, say, the mountroot> Have you enabled serial output?
It seems likely to be a bootloader problem. Have you tried upgrading from a 2.1.X install?Steve
-
Hi,
just installed a fresh 2.1.5 with the same result. No output from the serial console. What do you mean with enable serial output? When booting from the watch guard CF card serial output works.
It is the same HD like before (with 2.1). I install in a virtual machine then going to the firebox.Matthias
-
OK, found the problem. Either it was a USB adaptor for installing the HD or the virtual machine software.
I switched to real hardware, now it works!
-
Ok, cool.
The standard full install to a hard drive doesn't use the serial console by default. You have to either select the embedded kernel by default or enable the serial console in the advanced option in the webgui to see it. You do see something though on the serial port though even without enabling it.Steve
-
+1 on the red paint job :)
So whats the status on the old watchdog timeouts issue with the realtek nics, has anyone noticed improvement on 2.2 with it's upgrade to freeBSD 10? I have one sitting in a closet offline bc of that issue. -
Ok, cool.
The standard full install to a hard drive doesn't use the serial console by default.I used the embedded version, so serial port just works. Sorry for the missunderstanding.
Matthias
-
You need to use the file:
/boot/loader.conf.localThe standard loader.conf file isn't copied across when you do a firmware update and can be overwritten.
However that log line about the cable is normal because it isn't an 80pin cable/connection. What do your boot logs actually show before it fails to boot?
Steve
I get the following: "DMA limited to UDMA33 controller found non-DMA66 cable"
Is there anyway to make this go away directly in the console? This never gets to the point that I can actually to the interface configuration!