Watchguard Firebox M400/M500
-
@Myst412 Did this work with Fireware OS, or did you have to flash pfsense on it?
-
Did what work exactly? Unclear what post you're asking about.
-
@thejames10 Not sure what your asking.
I can confirm 16GB flash did not work for me only tried one so i cant confirm it wasnt faulty but it was new.
An 8GB compact flash card worked fine with an opensource freebsd based distro. I assume pfsense will work.
4GB is too small one a few plugins are added.
-
@stephenw10 Sorry, new to this!
@Myst412 said in Watchguard Firebox M400/M500:
So I wanted to add 10gb networking to a couple of PCs and I thought since there's a PCIe slot on the M400, I could just throw a card on with a female to female pcie extender and presto chango, i'd be able to get 10GBe copper on my network for a fraction of a 4 port 10GBe switch.
@Myst412 said in Watchguard Firebox M400/M500:
Worked with a 450w atx just fine. Looking for a 200-300w flexatx.
Did this work with Fireware OS, or did you have to flash pfsense on it?
-
Ive picked up a Crucial MX500 SSD a while back and tried to use it on my M400 without success.. I am going to try again this next week. Any words of wisdom from anybody?
(This box is now running on a laptop drive but started life around 2.3 if I remember right. I cannot seem to build it new no matter what Ive tried in the past.)
-
I have a crucial mx500 working on my m400. I did nothing special to get it to work correctly.
-
Thanks. I forget my whole process but I believe as Im working on this that I could not make a USB stick write to the drive via the M400 at the time.
Ive just loaded the SSD via VMWare so will try it later when I can take it down.
-
I used a PC to upload the pfsense iso onto the CF card, then used that card to install onto the SSD. Are you using the correct sata port?
-
Its my production box and is on a (spinner) laptop drive now. I loaded it via USB a few years ago but after 2.5 or so I could no longer get that method to work. Ive been just upgrading ever since and really want to just refresh this thing with the new SSD.
What ever SATA port I am using is working now. I have not tried to install the drive after I wrote it tonight. Gotta wait till I can take the network down for a while.
Rack mounted PIA to move ect..
-
@chpalmer said in Watchguard Firebox M400/M500:
Its my production box and is on a (spinner) laptop drive now. I loaded it via USB a few years ago but after 2.5 or so I could no longer get that method to work. Ive been just upgrading ever since and really want to just refresh this thing with the new SSD. (old drive Seagate Certified Repaired Momentus 7200.2 80GB drive. Date: 08462)
Finally got this to work. ;)
I had to reload the drive again but this time I did it with my lab XTM5 box which I could not get to load from USB before.. (finally found the correct setting in BIOS and it finally booted from the memstick..)
This morning swapped the drive over to the M400.. (replaced my fans with the much quieter Noctua fans I bought about two years ago) reloaded the backup config.. and primary network is up before anyone in the house here is out of bed..
Getting to my dashboard was taking about 60 seconds before so something was up.. now it is instant.
-
Lurking as I get my M400 running... I'm trying to flash the BIOS but whatever I do I can't get FreeDOS to boot. I've flashed USB keys, CF cards... pretty much every device I have. The devices will boot other machines, but not the M400.
I hooked up a VGA port and it's complaining that there's no bootable Device ("Insert bootable medium"). I wanted to try the FreeDOSBIOS2.img file linked to here, but the Google Site is down and I can't access the file. Does anyone have a copy or know why I can't get FreeDOS to boot?
Thanks!
-
Should be here.
Though interestingly I failed to boot that myself on an M500 recently. Been too long since I last did it.
-
@stephenw10 Awesome, thanks - I'll see if I can get my M400 to boot from it tonight. If not, looks like I'll be trying the SPI method - if I can find my SPI programmer!
-
@gilphilbert Woohoo! I'm up and running with v6. This was the only FreeDOS version that booted. I tried my own 64G CF card but it wouldn't boot from that - only the one that came with the unit.
Interestingly, FreeDOS couldn't open the serial port so I had to use a VGA cable. The message on boot was "unable to write to COM1", so I had to use a VGA cable.
I did have a moment of panic when the box rebooted then the VGA monitor stayed dark... I thought I'd bricked it until I realized the three beeps were FreeDOS booting. Attached a serial cable and relaxed again!
-
Ah nice. So you had to use the VGA header initially? I did that with the first M400 I had but I'm sure I didn't have to do that for others.
-
@stephenw10 Yep, I can't explain why, since pfSense can open the serial port and write to it, but FreeDOS wouldn't - it just complained about not being able to write to COM1 - meaning there was no serial output.
I wonder if a Watchguard firmware update has broken this along the way, although it's odd that Linux seems to be able to open ttyS0 while FreeDOS can't open COM1.
-
I started this a couple of days ago because I thought I might need it when I couldn't get FreeDOS to boot and I thought I'd share it as it doesn't need the VGA adapter to work.
I created a custom version of Tiny Core Linux that includes afulnx - the Linux version of afudos. The environment also includes Zanthos' v6 BIOS ROM ready to flash.
https://drive.proton.me/urls/F89NEJFPN8#3A6Fs0a7VBup
To use it, write the image to a CF card or USB key. Use BalenaEtcher or other cloning software (dd works just fine from Linux) to write the image directly to the device and boot the firewall from it. My unit defaults to booting the CF card, so I had to remove it to force the machine to boot from the USB key. Serial is enabled in the image (115200) and you'll be auto-logged in as the default user. There's a readme file (
~/readme) with instructions as well as a short disclaimer (the usual, I'm not responsible for you breaking your stuff, etc.). The binary and v6 ROM are located in/opt/romand work the same way as afudos - the same commands to backup and flash. Since the binary loads kernel modules it needs to be run with sudo priviledges:cd /opt/rom sudo ./afulnx ~/backup.rom /O sudo ./afulnx m400.rom /B /P /NAssuming all goes well:
sudo rebootThe usual beeps will occur and you'll likely need to clear the CMOS with J4.
Note
Make sure you store your backup in/home/tc(~) since other directories are not persistent and your backup will be lost when you reboot! -
That worked almost perfectly, thanks!
As you noted I could not make it boot either TinyCore or OpenWRT from anything but the CF card it came with. Which is odd I don't recall having that issue.
I also noted that after updating the BIOS it then failed boot TinyCore again from the CF. Not sure why.
Also that it does not boot USB by default after updating I had to choose it from the boot device menu.
-
@stephenw10 said in Watchguard Firebox M400/M500:
That worked almost perfectly, thanks!
As you noted I could not make it boot either TinyCore or OpenWRT from anything but the CF card it came with. Which is odd I don't recall having that issue.
I also noted that after updating the BIOS it then failed boot TinyCore again from the CF. Not sure why.
Also that it does not boot USB by default after updating I had to choose it from the boot device menu.
Now that's interesting, my machine boots TC just fine after the upgrade (I did have to clear the CMOS though). I gave up entirely trying to boot FreeDOS - it's just too picky on these machines.
Building that image was far more complicated than I expected, so I'm glad someone other than just me made use of it!
-
I'm not sure if this is normal, but I'm not getting any CPU temps from the box:
# sysctl -a | grep temperature hw.acpi.thermal.tz1.temperature: 29.9C hw.acpi.thermal.tz0.temperature: 27.9C # sysctl -a | grep "dev.cpu.*.temperature" #Does anyone else see CPU temps? I installed an i3 and wanted to see what temp it was running at.
