Watchguard Firebox M400/M500
-
I got my Firebox M400 today thanks to @Mookatroid :)
After a upgrading it a little bit, I installed an i5-4570, why? Because that's what I had on hand. And pushed the memory to 8GB. I ordered a SSD which I had @Mookatroid along with 2.4.5 base.
The one feature I didn't realize the router came with until I got it was a power button on the front. My previous router a CAR-3030 SmoothWall and before that the Firebox XTM 5 series don't have this feature, I hated having to remote my server panel to reach in with my arm to hit the switch.
Thanks,
-
what software should i use to modify the rom thoroughly ?? i want to change system name etc ... thx a lot
-
@stephenw10 said in Watchguard Firebox M400/M500:
You can dump the BIOS image from the pfSense command line using flashrom but it cannot re-write it.
Searching though this thread still but what has everyone done to flash the bios on an M400 with software?
Ive got a donor box Im playing with. :)
Ive got the latest bios code from this thread..
-
You can flash it with AMIs dos tool, afudos. Maybe their uefi tool if you hook up a monitor the internal VGA pins. I forget if I tried that...
https://forum.netgate.com/post/836153
Steve
-
Thanks Steve: From your graphic it looks like you booted somehow while pfsense was active.. Is that not the case? I assume you booted from a freedos on CF card and worked from there..??
-
Yeah I booted FreeDOS from a CF card. Looking back that is confusing. I was connecting to the M400 com port from another pfSense box that was next to it at the time, so the first line there is from an SG-5100.
Steve
-
Mine may be a losing battle till I come up with a set of pins to use on the VGA header. Com1 does not seem to work when I use your freedos image. Though I can hear the three beeps.
edit..
Writing to the ROM as I type here. Had to append an autoexec.bat file in the copy of freedos I was using..
-
I picked up a Watchguard branded SFP 1gbps multi mode from Amazon and installed it today in this M400. Running my primary LAN over fiber from the switch now. Works well for anybody considering it.
Jumbo frames (MTU 9000).
Now my desktop is all fiber to the router. :) Im as happy as a tornado in a trailer park!
Not sure it gained me anything.. Call it educational.
Steve: My rack is starting to look like that picture of all your Watchguards you shared some time back.. The next time we have to pay the power bill may be my cure.
-
@chpalmer said in Watchguard Firebox M400/M500:
The next time we have to pay the power bill may be my cure.
Yup, I know that pain.
-
Seems like the firewall GUI itself does not like jumbo frames. I can see everything else but the GUI will not load here a day later. Switching back to 1500 and all is good.
-
Hmm, curious. Any sort of TCP off-loading enabled on the NIC?
-
"Hardware TCP Segmentation Offloading" and "Hardware Large Receive Offloading" are checked.
Im not sure I totally have a grasp on what size my frames should be though. I need to do some more research.
My switch defaults to 1536. I had 9036 running on my desktop switch port for at least the last year with 9014 (one of two options) on the actual desktop interface. I came up with those numbers after some trial and error back when I first started messing with it. Just this week I tried 9000 between the switch and router. Even 9036 and 9216 on the switch side. Same results. Pings to the router ping 172.30.150.1 -f -l 9000 would fail completely while a simple ping would work.
Tells me my frame size is wrong somewhere.
-
Ah, yeah if pings are failing too, not a TCP issue. You need to have jumbo frames everywhere in the segment if you're going to have them.
Steve
-
I give up for now. Works well at 1500. :) Some day when I get bored Ill revisit it.
Thanks for the input! :)
-
For anybody looking..
https://www.amazon.com/Extension-Female-Signal-Exchange-Flexible/dp/B086W3JK1X/ref=sr_1_689?dchild=1&keywords=PCI-E%2BPCI%2BExpress%2BFemale%2Bto%2BFemale&qid=1590442937&s=electronics&sr=1-689&th=1
There is more than one type on Amazon.
Lanner tells me that the adapter shown earlier is out of production.
-
I've got an m400 with HDD (msata adapter on the way), i3 4130t, bios flashed via spi, and the latest pfsense working. However, my fans running like a banshee are driving me mad. I've tried making a vga by crudely splicing a usb3 internal plug into a vga, but i get no output from bios or when fully booted. What am I missing? Is there a way to set auto fan speed without vga?
-
BIOS is password protected on the base product, you'd need to flash a bios listed above or modify the existing bios to have different values. you can backup and edit the existing bios with afudos.
There's a bios settings editor with info above, you can flash the bios with the new settings.
You'll need VGA though.
I bought one of these for a more perm solution (though you could hogepoge vga together and then enable RS232 and forget about it. You will have to re-pin it to this mobo.
https://www.ebay.com/itm/130824913486
-
@mdneilson
If you have flashed my latest BIOS, there are two things to mention regarding VGA output:- VGA output is disabled in BIOS to allocate all RAM to the system.
You can manually re-enable it.
To do that, you need to access the BIOS using the Serial console. - Make sure your CPU contains an IGP (integrated graphics processor).
Otherwise it will not work no matter any BIOS setting you have.
If you just want to access the unlocked BIOS to configure the fans, you can do that using the serial console.
- VGA output is disabled in BIOS to allocate all RAM to the system.
-
@mdneilson I suggest that you install Shellcmd
and activate it through the gui, then install (WGXepc) for the Watchguard m400-m500
These suggestions should get you pointed in the right direction. I don't have one up and running at the moment. However WGXepc has a shell fan speed control command I believe. stephenw10 has been an awesome contributor to me and the community. -
Yeah, you should just be able to use the serial console to setup the fan if you flashed the BIOS, depending on which image you used. But if you used the image I edited originally it should already have the fans set to something reasonable.
It's probably trivial to add the M400 fan control to WGXepc. I never got around to it because I had already set it in the BIOS.
Steve
