Watchguard Firebox M400/M500

jriofrio

@stephenw10 ...... Beautiful :) thank you. How they said, a picture is worth a thousand words.
A last inquiry if I may.... How you manage the keyboard/mouse input?
I'm very appreciative for your help.
Best regards.

stephenw10

Use a USB keyboard. But you still shouldn't need to use it at all. The serial console is sufficient.

gilphilbert

As @stephenw10 said, there's no need for the VGA cable. You can watch the BIOS POST, update the BIOS and boot an OS all with the serial cable!

jriofrio

@gilphilbert:
Hello gentlemen.... I have an inquiry that for sure you know the answer.
I have been running pfsense in a PC, I installed an IBM card with 4 Ethernet ports, plus one that the PC already had. Pfsense treats the PC port as the WAN interface and the others 4 as LAN interface, each LAN port is an independent LAN. The IBM card works as a 4 port router.
Now, my question: the WatchGuard M400 has a WAN interface and LAN ports too. In pfsense Do these LAN ports are treated independently or as one switch group that will share and IP.
Let me know please...
Thank you for your time and support.
Good day

korenchkin

@jriofrio they are separate networks,if you want them 'switched',use bridge,but it uses cpu cycles...so if you have powerful cpu,go ahead,but i suggest cheap switch for this (unles you have for example something like cheap home router or some mikrotik,where they use cpu---switchchip---severalethernets - then your packets can go either over switchchip,or pass through to cpu and back)

chpalmer

@jriofrio said in Watchguard Firebox M400/M500:

@gilphilbert:

Now, my question: the WatchGuard M400 has a WAN interface and LAN ports too.

pfSense treats them as they are designed.

They are actually 9 separate interfaces that can be used for any network task you assign them to..

I have 3 WANs set up and 4 different LANs running on a box that was a "display" unit at a Watchguard "dealer".. been going for over 5 years strong at this point.

jriofrio

@chpalmer .... Great to hear it. I see by your post you have done some improvement to the box.
Did you update the BIOS? How it went!
I mean did you encounter any difficulties updating the BIOS..... Do you have any advice for the process!
Thank you for your comment....

jriofrio

@korenchkin ... Thank you for your clarification, is good to know. I didn't know all the Ethernet ports were independent.... Yeah, I do have a few wireless home router s that I can use.
Hasta la vista :)... Good day

chpalmer

@jriofrio said in Watchguard Firebox M400/M500:

@chpalmer ....
Did you update the BIOS? How it went!
I mean did you encounter any difficulties updating the BIOS..... Do you have any advice for the process!
Thank you for your comment....

No worries! ;) I did update the BIOS but it has been years. I did it with a package on pfsense itself if I remember correctly.. I have never had any kind of VGA connector on any of these (except the one box with a VGA connector) just use the serial port.

jriofrio

Hello,... I have a question if I may:
Today I got a M400 box, before I start doing any modifications I wanted to see if I could get some info by logging into the box through the serial connection or by the web browser. I wasn't able to access it by the browser connecting to the port #1 . I was expecting my computer will get an IP in the network 10.0.1.xxx but it didn't happen. So I set it up manually with IP 10.0.1.99 once done I used the browser to point to 10.0.1.1:8080 no joy.
I used the serial connection which worked well, what I got, I was not expecting. Choosing any of the options I was asked to login so I used admin as user name and [admin edit] as the password, I got wrong login.
I am curious cause I thought I could get into the BIOS and see the hardware info without opening the box. Any suggestions in how I could get into the BIOS?.... I am including a pic I took.

jriofrio

stephenw10

If you want to login to the WG OS you can probably use admin/readwrite. But that's only if it's been reset.

The BIOS password (which I removed) only applies for the BIOS not at grub or at the booted WG-OS. To access the BIOS hit 'TAB' at the serial console after powering on when you see:

Version 2.15.1236. Copyright (C) 2012 American Megatrends, Inc.                 
WG-M400 Ver.AR6 11/16/2019                                                      
Press <DEL> or <ESC> to enter setup.                                            
Tab key on remote keyboard to enter setup menu, and key 'o' for popup menu.

Though that's from an updated box.

jriofrio

@stephenw10 .... Thank you... I will try that. I will update the results....

jriofrio

Alright, all what I intend didn't work.... It was mostly to satisfy my curiosity..
I need your help to clarify something for me updating the BIOS. Your instructions for updating the BIOS I would like to follow, just need a little clarification.

stephenw10

Those are not my instructions. When I did it I used FreeDOS and afudos.

1. Yes there is a space there.

2. I assume that's in OpenWRT where in squashfs only the users home directory is backed up. ~ is a shortcut to /home/user for any user.

But you don't have to upgrade the BIOS at all. You can just boot pfSense and use it.

stephenw10

Oh right it's TinyCore, hence the /tc link!

I'd forgotten that entirely but I used it for an M500. You can just copy/paste the commands there into the serial console.

jriofrio

@stephenw10 .... Hello, I am lost now..... I have tried every suggestion in this forum in order to gain access to the box and tried to install opnsense. I have tried the USB flash drive and CF flash card with Freedos, msdos, tiny Linux to no avail, this box just boots with the original CF flash card that came with it, I did reset the box too but besides to just login there is no much to it.
I removed the CF card to see if I could see the BIOS message but nothing. The serial connection only shows output when I boot with the original CF card.
Any suggestions in how I could get into the BIOS?
Thanks for your attention and support...
Bye now

korenchkin

@jriofrio if i get it right,your serial only works after bios(no bios output),and bios is set to boot only from cf (strange,on my board,not m400,it booted from usb when i removed cf)...also,cf is connected through asmedia to sata port (if i remember correctly,not important...
so your only chance is to boot from cf,that means cf reader,either make image of whole card and double verify,or use another cf (if you are waiting on reader,you can buy another reader too anyway) and treat cf as usb(from the info in posts up),and flash bios this way

edit:i missed you trying cf already,maybe you will have to reflash bios using ch341a flasher (with soic8/sop8 clip),that way you can backup and play with it however you want and you can always flash again,no worry of corrupted bios

edit2:it looks like your serial comes up after boot (not during,you don't see boot log,right?),maybe(just a tiny maybe),just to be sure,you have 115200 baud and no flow control?
we all had serial ready during bios,so you can maybe do blind flash-i.e. make autoexec.bat with commands....

stephenw10

Yeah if you see no output from the BIOS you might also have a 3 wire console cable and it requires the hardware flowcontrol wires. FreeDOS also requires that but I wouldn't expect TinyCore to.

jriofrio

@korenchkin ... Answering your comment, yes, I don't see any bios output it comes with that screen shot I posted before. Yes, I do have the 115200 baud rate.
I'm inclining to go the direct connection to flush a new bios. I have to get one kit first.
I don't understand the last part where you mention to use an Autoexe.bat.
I have tried hitting the Tab key as soon as power the box on, stil don't do anything.