Watchguard Firebox M400/M500
-
@Mookatroid said in Watchguard Firebox M400/M500:
After ~5 months I thought it time to pursue M400v2 :)
I had ordered the necessary parts some time ago, and finally had the opportunity to complete the overhaul.Where did you source the adapter board RC-75842?
Nice upgrade!
-
@chpalmer He bought is from Lanner or so he said! :)
-
@Smoothrunnings said in Watchguard Firebox M400/M500:
@chpalmer He bought is from Lanner or so he said! :)
Thanks!
-
@Mookatroid said in Watchguard Firebox M400/M500:
After ~5 months I thought it time to pursue M400v2 :)
I had ordered the necessary parts some time ago, and finally had the opportunity to complete the overhaul.
i.e. updated BIOSv6 w/NVMe Support + transition to an NVMe SSD
I am happy to say it has all been successful !
So my M400 is now running off a 256GB PCI-E Soldi State Drive !
WooHoo !
Pic below of completed M400v2....Thanks again to zanthos for all of the custom BIOS efforts !
PS ... a quick edit to note that what the pics do not show are the rubber bumpers underneath the M.2 SSD itself that keep it all raised up for air flow, etc. The anti-static layer is more of a precaution versus anything else.
-
Why not!
-
-
I got my Firebox M400 today thanks to @Mookatroid :)
After a upgrading it a little bit, I installed an i5-4570, why? Because that's what I had on hand. And pushed the memory to 8GB. I ordered a SSD which I had @Mookatroid along with 2.4.5 base.
The one feature I didn't realize the router came with until I got it was a power button on the front. My previous router a CAR-3030 SmoothWall and before that the Firebox XTM 5 series don't have this feature, I hated having to remote my server panel to reach in with my arm to hit the switch.
Thanks,
-
what software should i use to modify the rom thoroughly ?? i want to change system name etc ... thx a lot
-
@stephenw10 said in Watchguard Firebox M400/M500:
You can dump the BIOS image from the pfSense command line using flashrom but it cannot re-write it.
Searching though this thread still but what has everyone done to flash the bios on an M400 with software?
Ive got a donor box Im playing with. :)
Ive got the latest bios code from this thread..
-
You can flash it with AMIs dos tool, afudos. Maybe their uefi tool if you hook up a monitor the internal VGA pins. I forget if I tried that...
https://forum.netgate.com/post/836153
Steve
-
Thanks Steve: From your graphic it looks like you booted somehow while pfsense was active.. Is that not the case? I assume you booted from a freedos on CF card and worked from there..??
-
Yeah I booted FreeDOS from a CF card. Looking back that is confusing. I was connecting to the M400 com port from another pfSense box that was next to it at the time, so the first line there is from an SG-5100.
Steve
-
Mine may be a losing battle till I come up with a set of pins to use on the VGA header. Com1 does not seem to work when I use your freedos image. Though I can hear the three beeps.
edit..
Writing to the ROM as I type here. Had to append an autoexec.bat file in the copy of freedos I was using..
-
I picked up a Watchguard branded SFP 1gbps multi mode from Amazon and installed it today in this M400. Running my primary LAN over fiber from the switch now. Works well for anybody considering it.
Jumbo frames (MTU 9000).
Now my desktop is all fiber to the router. :) Im as happy as a tornado in a trailer park!
Not sure it gained me anything.. Call it educational.
Steve: My rack is starting to look like that picture of all your Watchguards you shared some time back.. The next time we have to pay the power bill may be my cure.
-
@chpalmer said in Watchguard Firebox M400/M500:
The next time we have to pay the power bill may be my cure.
Yup, I know that pain.
-
Seems like the firewall GUI itself does not like jumbo frames. I can see everything else but the GUI will not load here a day later. Switching back to 1500 and all is good.
-
Hmm, curious. Any sort of TCP off-loading enabled on the NIC?
-
"Hardware TCP Segmentation Offloading" and "Hardware Large Receive Offloading" are checked.
Im not sure I totally have a grasp on what size my frames should be though. I need to do some more research.
My switch defaults to 1536. I had 9036 running on my desktop switch port for at least the last year with 9014 (one of two options) on the actual desktop interface. I came up with those numbers after some trial and error back when I first started messing with it. Just this week I tried 9000 between the switch and router. Even 9036 and 9216 on the switch side. Same results. Pings to the router ping 172.30.150.1 -f -l 9000 would fail completely while a simple ping would work.
Tells me my frame size is wrong somewhere.
-
Ah, yeah if pings are failing too, not a TCP issue. You need to have jumbo frames everywhere in the segment if you're going to have them.
Steve
-
I give up for now. Works well at 1500. :) Some day when I get bored Ill revisit it.
Thanks for the input! :)