Watchguard Firebox M400/M500
-
@stephenw10 said in Watchguard Firebox M400:
Mmmm, there is confusion here!
The only reason you would use tip or cu in pfSense is to connect via serial as a client to some other device.You should be running those commands on your laptop if it's running Linux or FreeBSD. Or using something completely different like putty if it's running Windows.
You should see at least the output from the BIOS at the serial terminal when the m500 boots. If it's still booting pfSense you will see the complete boot log.
Try to boot the m500 into FreeDOS, you should end up at the command prompt.Steve
@zanthos said in Watchguard Firebox M400:
@isnicolascageinjail
OK probably it is simple:
As I read you have used Rufus to create a FreeDOS stick/CF.
Now you want to boot it and see the Output using a Serial console at 9600 speed.The unit itself (BIOS and POST) does output at 115200. That's why you don't see anything at all.
FreeDOS needs to switch the output from VGA to serial. Therefore you need to adjust settings.
If you download my file (see here) and extract it to your stick/CF and overwrite everything, the necessary settings are there…
Keep it connected at 9600!Good luck!
Ok so I just tried to remake the CF card using the FreeDOS image Rufas already had. I then copied all the files that Zanthos posted and overwrote the files on the CF card. But when I'm booting still I get no output. I don't even see the output from the BIOs. I'm using putty at 9600 8N1 and I've tried all the flow control settings and still nothing. I'm not sure if I just need to use a different FreeDOS image maybe?
I appreciate the help so far guys, I've been trying to figure this out for a good few hours haha.
-
@isnicolascageinjail
First check if you see the BIOS POST at 115200. It must!
If not, your cable might be at fault.
Or maybe you're useing the wrong COM port on your Laptop... -
@zanthos So yeah, if I boot to pfsense and use 115200 I can see everything just fine, but when I switch to 9600 I get nothing. I am using COM1 so I think that should be fine. I just have the CF card with FreeDOS currently plugged into the device.
-
If you leave it at 115200 and boot from the FreeDOS CF card what's the last thimg you see? Does it appear to be booting from the card at all?
Styeve
-
I get a single character that looks like static and nothing after that. The longer I leave it on the louder the fans get also. I've also tried booting the same image with a USB and it'll start flashing for a second (the lights on the USB) and it'll eventually stop like it's not being read from anymore.
It'll also shutoff instantly whereas when I'm in pfsense I'll need to hold the off switch for a few seconds to give it time to turn off.
-
@isnicolascageinjail
Maybe you need to set the CF partition Master Boot Record (MBR) to active.
It might not boot at all...
Use diskpart utility (Windows) for that. -
@zanthos Ok so I used the FreeDOS image floating around in the other watchguard tutorials (FreeDOSBios2.img) and I only moved over the m400.rom, and afudos and that seems to be working. Now I just need to figure out why I can't access the BIOs.
edit: cool, looks like I got it. Thank you so much guys!
-
Nice! Getting a bootable FreeDOS device can be a challenge I found. Especially when you want serial console.
-
Yeah, I almost started going crazy there for a second haha. I think I was mostly stuck at the "tip ucom" part, but you were able to clear that up for me and I got it. The fans thankfully no longer run at max speed.
-
Last week i also had to flash a m400 box. But my three year old son got my bios flash cf card and i could not find it. I tried many things to get a new cf card up and running with freedos without luck. I also used zanthos freedos files and there also not getting into the command promt with three beeps. Than i remember that i had done a backup of this cf card with win32diskimager. This was my luck and i get a new card that bootet freedos and i was able to flash the m400. Two day later i found the original cf card that my son put into my shoes ;)
Here is a link to my cf card backup that can be written to cf with win32diskimager:https://drive.google.com/open?id=1j297B0Yj7fq43yRadHctv1JSIP3oR36-
I also bootet with 115200 baud rate but there is no output with original bios when boot up the box. When flashed with the modified bios it is showing the boot up and you can get into the bios.
-
I was able to flash zanthos' unlocked bios and didn't know it had console redirect enabled. Since I had VGA connected before flashing the bios and no video after I cleared the CMOS, I had a moment of panic until I heard the familiar bios startup beeps.
@stephenw10 you were right, the bios is unlocked to a dangerous level
While the system is functioning post upgrade, I have a few issues that I need help with:
First, I notice the CPU temperature reported in the bios under Advanced -> H/W Monitor is much higher than pfsense dashboard. Is this expected behavior? I have smart fan control enabled, and the fan speed constantly cycles.
Secondly, the CPU seems to run at full speed most of the time even though the load is 1-3%. EIST is enabled, and only occasionally I see the CPU speed drop to 1500 MHz. Is this expected behaviour?
My eventual goal is to reduce fan noise and power consumption as far as possible.Apologies for the long winded post. I appreciate any help I can get with these issues. Thanks!
-
The temperature reported in the BIOS is probably using some sensor on the superio chip that may be set incorrectly for that CPU. The value reported by the Coretemp driver from the on die sensors look OK though.
The smart fan settings probably need tuning further if it's constantly cycling.The cpu frequency should be checked using the sysctl directly rather than the dashboard as simply displaying that can use enough CPU cycles to ramp up powerd.
Steve
-
@zanthos Hello bro, is possible have a guide and the pin sequence for spi programmer? i brick my m400 thx a lot
-
@Mookatroid is possible have a diagram pin for vga? thx a lot
-
@devid79 Here you go
@devid79 said in Watchguard Firebox M400:
@zanthos Hello bro, is possible have a guide and the pin sequence for spi programmer? i brick my m400 thx a lot
@devid79 said in Watchguard Firebox M400:
@Mookatroid is possible have a diagram pin for vga? thx a lot
-
I have a few Watchguard the Firebox M670
I install the E3-1240 l V5, 4 * 10 g CARDS.
I have been trying to remove the BIOS password, but have not been successful. -
@zanthos thx a lot bro, the procedure to flash or suggestions?
-
@devid79
Check this forum post I made(Use a CH341a programmer, a suitable software, i.e. ASProgrammer and you're ready to go.. If you need help, google for "SPI flashing" and watch a lot on youtube
) -
@zanthos order it on amazon
tomorrow comes and I flash with your bios -
@zanthos Excuse bro what the which chip should I select? thx in advantage
