Watchguard XTM 5 Series
-
Do you have 'Hardware TCP Segmentation Offloading' disabled in System > Advanced > Networking?
It should be disabled by default.
Steve
Yes it is disabled. The config is default except for installation of LCDproc.
Stellan
Ok so it's a bit late 2 months after your post.
I had the same problem, that my box would stop working after a couple of weeks. I found that uninstalling the LCDproc actually solved this.
I'd try to run it without the LCDproc installed. -
Maybe I missed it somewhere in the thread, but i can't seem to find an answer for this.
I says that pfsense 2.4 is not supported as embedded distribution, but is it safe to upgrade from 2..3.4 to 2.4.0 using the update function? -
Maybe I missed it somewhere in the thread, but i can't seem to find an answer for this.
I says that pfsense 2.4 is not supported as embedded distribution, but is it safe to upgrade from 2..3.4 to 2.4.0 using the update function?You can't update from embedded 2.3.4 to full version of pfSense 2.4.x,
but you can install 2.4.x from USB flashdrive to the CF card and after install, enabling the RAM disks under Avanced,
for extending the life span of your CF card.
Installing from USB flashdrive is also only supported when you prior flashed a unlocked BIOS to your XTM5 box.Grtz
DeLorean -
Maybe I missed it somewhere in the thread, but i can't seem to find an answer for this.
I says that pfsense 2.4 is not supported as embedded distribution, but is it safe to upgrade from 2..3.4 to 2.4.0 using the update function?You can't update from embedded 2.3.4 to full version of pfSense 2.4.x,
but you can install 2.4.x from USB flashdrive to the CF card and after install, enabling the RAM disks under Avanced,
for extending the life span of your CF card.
Installing from USB flashdrive is also only supported when you prior flashed a unlocked BIOS to your XTM5 box.Grtz
DeLoreanCan it be done without flashing the bios? I haven't tried that before.
Eg. burn the memstick installer image on a CF card and plug it in to the XTM, and then install it directly to an SSD?Otherwise:
Are you aware of a good step by step tutorial to flash the bios, including a link to a bios image? -
Can it be done without flashing the bios? I haven't tried that before.
Eg. burn the memstick installer image on a CF card and plug it in to the XTM, and then install it directly to an SSD?Yes, that's possible that way.
When pfSense is installed, choose reboot, and shutdown the box after the beep.
Remove then the CF card and boot the box, it will then boot from the SSD.Grtz
DeLorean -
Flashing the BIOS and booting from USB is probably not much more difficult though and much more flexible in the future. Of course there is always some risk with flashing….
Steve
-
I just installed PFsense to an ssd, system rebooted, and I have no wan access. I tried direct from modem (cable), and from router port. No dice. I previously had tried an install to a CF card, and also had the issue of no wan…is there a basic tutorial on how to get wan access?
-
You have to set up your interfaces via a console first.
If you set up a WAN and a LAN then you WAN will not pass traffic inbound by default.
-
So I have to reinstall, or can this be done via web interface? I guess I don't quite understand: I have to set them up via console, yet if i set them up, it won't work? can someone point to a resource I can use? I am seeing somewhat differing accounts as to what one does in this situation…
-
So I have to reinstall, or can this be done via web interface?
What have you done so far? My crystal ball is broken..
Step by step please.
You have to have console access in order to set up the interfaces. Have you done that? It wont do it by itself.
-
Haha. yes, i understand. I left everything default, as I though I would be able to set things up in the web interface. I can login to the gui, but will need to change the network pool, as I was originally thinking of running the xtm between my asus router and my system.
The Asus router is set for 192.168.1.x , so either I set the xtm to a different pool, or the router (my wife was home today, so playing with the router was not on the table). I actually would rather set the Asus up as an access point for my wife's wireless needs, and use the xtm in a routing capacity, so cable modem to xtm, and my ethernet needs and my wife's wireless needs off of the xtm (Asus router set solely as a wireless access point). My Windows ten install sees the xtm, gets a default 192.168.1.100 ip, default gateway of 192.168.1.1, but no wan access. I went ahead and gave the firewall a rule of all traffic is allowed, just to see what's what. not sure how to proceed. Thank you for responding. -
I was able to get the lan side ports up and running, but status states that DHCP is down for wan, and I am unable to get it (DHCP) going…
-
Open the serial console and choose option 2 -> Set interfaces IP
Choose EM1 and use 192.168.2.1
In the next step type 24 en press Enter
Enter
Enter
On the question if you want to use DHCP , choose Y and press enter
Choose the first IP of your desired IP pool like 192.168.2.2
and the last IP like 192.168.2.254
On the question if you want to proceed with HTTP choose No.Reboot your firewall and everything shall be fine now.
Grtz
DeLorean -
Thanks, that is what i did earlier today. After attempting to install OPNsense (didn't find an option for CF to sata install unless outside of unit), I went through the motions of setup via seriral, then tried another reinstall of PFsense, as I had noticed that I had previously left the wan at em0…set it to fxp0, assigned the rest of the lan ports, and in the webgui, set up pass rules per port and google dns...all good. I will now start to research firewall rule options, but at the moment I am pleased that it is up and running. Thanks for your response!
-
Keep in mind that the fxp0 port is only a 100Mbps port.
If your internet connection is not above the 100Mbps speed, it doesn't matter.
By default, pfSense assign the WAN to EM0 and the LAN to EM1.
There are no extra firewall rules needed to pass through internet.
By default you have already access to the internet.Grts
DeLorean -
I still couldn't get the other ports (sans em0) through without setting more protocol than tcp allowed. After allowing 'any', the ports received dns, and everything worked. I will go back and whittle it down a bit, but want to first make sure my wife is issue free with her wireless needs. Thanks again.
-
Hi, just got my hands on a XTM515. Bios not flashed.
ARM/DISARM works
but my Display doesn´t show e.g. Hostname. so i tried every setting under LCDproc. The only setting that works is traffic of interface. Did i get a faulty display?
Driver is Watchguard Firebox
Displaysize is 2 rows 20 colums -
If it shows anything then the display is probably fine. If you kill the lcdproc service in Status > Services do you see the goodbye message from the daemon?
If so it's the client not passing the various displays to the daemon correctly. Check the client settings in the package.
Steve
-
Hi, just got my hands on a XTM515. Bios not flashed.
ARM/DISARM works
but my Display doesn´t show e.g. Hostname. so i tried every setting under LCDproc. The only setting that works is traffic of interface. Did i get a faulty display?
Driver is Watchguard Firebox
Displaysize is 2 rows 20 columsWhat version of pfSense do you use ?
I have seen this behaviour once with the embedded version 2.3.5 , while version 2.3.4 runs fine.Grtz
DeLorean -
If it shows anything then the display is probably fine. If you kill the lcdproc service in Status > Services do you see the goodbye message from the daemon?
If so it's the client not passing the various displays to the daemon correctly. Check the client settings in the package.
Steve
Hi Steve,
thanks for your reply. Yes, if i stop the service it says "Thanks for using"
what should i check in the client settings?
crash9877