pfSense on Watchguard M370
-
I tryed to install version 2.4.5-p1 on my pc with new mSata but when I move SSD to firebox M370 freeze on boot:
On my pc pfSense boot and working fine. How I can do?
-
Did you enable the serial console as I said you would need to if the install machine is not using serial?
https://docs.netgate.com/pfsense/en/latest/book/config/advanced-admin.html#serial-terminalIf not boot it on the PC and do that first.
Steve
-
@stephenw10 said in pfSense on Watchguard M370:
Did you enable the serial console
Hi, all working fine now! Thanks a lot
-
Hi all,
I have found best installation mode for pfSense on Firebox M370. You need only mSata to Sata adapter and another mSata SSD (I buyed 2 mSata SSD Trascend 64GB to keep original):
download and install balenaEtcher for Windows here:
https://www.balena.io/etcher/attach adapter mSata to pc (with SSD1 mount on)
download latest version of pfSense:
https://www.pfsense.org/download/extract image
start balenaEtcher and press flash from file
choice pfSense-CE-memstick-serial-2.4.5-RELEASE-p1-amd64.img
select target and flash SSD1 (be carefully to choice SSD!)
remove SSD1 from adapter
mount SSD1 to Firebox M370 slot
mount SSD2 to mSata to Sata adapter
connect mSata to Sata adapter to SATA1 on Firebox M370 motherboard
connect serial port to pc and start Putty
switch on Firebox M370
install pfSense
switch off Firebox M370
remove SSD2 from adapter and mount to Firebox M370 slot
switch on Firebox M370That's all!
-
@stephenw10 said in pfSense on Watchguard M370:
./WGXepc64 -l green
Hi stephenw10, I try to do ./WGXepc64 -l green and all working fine (shield led become green). How I can do it on firebox startup?
thanks
-
Yes. Use a Shellcmd: https://docs.netgate.com/pfsense/en/latest/development/executing-commands-at-boot-time.html
-
This post is deleted! -
Easier to use the Shellcmd package to avoid any xml errors. That looks correct though. (edit: gotta be inside the <system> tags)
Check the file permissions. It's probably running OK as root/admin but not the normal shellcmd user.
Steve
-
I put shell command in the wrong place... ahh! All working fine now. Thanks for everything!!!
-
@melozo hi, can you give me some links where to buy these cheap modules? Thanks
-
Yes let me know if you find that source!
They are waaaaay outside my 'experimental' price range here.
Steve
-
Hi @stephenw10
Thank you for putting so much effort and covering information about WatchGuard hardware and pfsense. I recently received XTM800 and wondered if it is possible to unlock bios for it. Before I used some
manuals for M400 and they work but didn't find info about XTM800.Thank you!
-
The BIOS on the XTM800/1500 is not locked it just doesn't have console redirect to allow using the serial console.
There are other threads better suited for questions regarding that. This one maybe.Steve
-
Hi @stephenw10 ,
I recently replaced my firewall with a WG M370 that was donated to me and I was succesfully able to flash it with pfsense 2.5.1 CE. I'd like to thank you for the work and documentation for getting pfsense working on this box. I'm still a beginner and learning.
The only issue I have right now is when trying to get your WGXepc script working. It errors out on me whenever I try to run it via ssh, and using shellcmd to schedule it doesn't seem to work either. (I also couldnt get "." to execute the script either so I had to install bash not sure if this is part of my problem either).
Does the script still work for the latest version of pfsense 2.5.1 CE? I've attached a screenshot of the error I am getting. Thanks for any insight!
-
It's not a script. That's the C code you would use to compile it. Download the compiled 64bit version (or compile it yourself) then run that:
[21.05-RELEASE][admin@m470.stevew.lan]/root: ./WGXepc64 Found Firebox M370/470/570/670. WGXepc Version 1.5 5/6/2020 stephenw10 WGXepc can accept two arguments: -f (CPU fan) will return the current and minimum fan speed or if followed by a number in hex, 00-FF, will set it. -f2 (System fan) will return the current and minimum fan speed or if followed by a number in hex, 00-FF, will set it. -l (led) will set the arm/disarm led state to the second argument: red, green, red_flash, green_flash, red_flash_fast, green_flash_fast, off -b (backlight) will set the lcd backlight to the second argument: on or off. Do not use with LCD driver. -t (temperature) shows the current CPU temperature reported by the SuperIO chip. X-e box only. Not all functions are supported by all modelsSteve
-
@stephenw10 Thanks very much! That worked for me and thanks again!
-
B bingo600 referenced this topic on
-
In case anyone is interested or would like to work with me on unlocking I believe I've managed to get a .bin backup of the bios from an M370. SPI header layout is the same as the M400 & XTM5 series but a programmer won't read the chip until the CMOS jumper is set to reset (pins 2+3). Please let me know if anyone is interested. Current screenshots of bios in BCP5:
-
Ah, that's fun! I assume it won't boot in that state?
-
Not sure yet, still working up the courage to try and change it and re-flash it. Those images are from the extracted bios. I've been going through the settings in BCP and the UBU tool and it looks like it should boot in that state. Console redirection appears to be turned off so I can't Freedos for flashing and it looks like it'll have to be via SPI. I've never flashed one via SPI before so I'm being thorough before making the attempt. If you would like I can post a link to the .bin file?
Here's some of the output from the UBU Tool in case anyone finds it helpful:
-
Sure I'll poke at it if you have a link. Maybe PM it.
It's been a while but IIRC flashrom could not read it at all.
I would have though FreeDOS would work but I'm not sure any version of AFUDOS will read that. It might require the uefi version which I've never tried via serial console...
