Install PFSense on a Sophos SG appliance

stephenw10

Reuse beats Recycling IMO.

mickesanda

@stephenw10 I created LCDd.conf under root.
This is the content:
[server]
DriverPath=/usr/local/lib/lcdproc/
Driver=hd44780
Bind=127.0.0.1
Port=13666
ReportLevel=3
ReportToSyslog=yes
User=nobody
Foreground=no
ServerScreen=no
GoodBye="Thanks for using"
GoodBye=" pfSense "
WaitTime=5
ToggleRotateKey=Enter
PrevScreenKey=Left
NextScreenKey=Right
ScrollUpKey=Up
ScrollDownKey=Down
[menu]
MenuKey=Escape
EnterKey=Enter
UpKey=Up
DownKey=Down
[hd44780]
driverpath=/usr/local/lib/lcdproc/
ConnectionType=ezio
Device=/dev/cuau1
Keypad=yes
Size=16x2
KeyMatrix_4_1=Enter
KeyMatrix_4_2=Up
KeyMatrix_4_3=Down
KeyMatrix_4_4=Escape

I also added 2 shellcmd with this content:
1: /usr/bin/nice-20/usr/local/sbin/LCDd -r 0 -c /root/LCDd.conf > /dev/null &
2: /usr/bin/nice-20/usr/local/bin/lcdproc C T U &

Not sure about the punctuation though, can you please check if there is a space too many or something similar?

I get sh: /usr/bin/nice-20/usr/local/sbin/LCDd -r 0 -c /root/LCDd.conf not found
and one more similar line

stephenw10

Yes. 'nice' is a separate command so the shellcmds should be:
/usr/bin/nice -20 /usr/local/sbin/LCDd -r 0 -c /root/LCDd.conf > /dev/null &
/usr/bin/nice -20 /usr/local/bin/lcdproc C T U &

Steve

mickesanda

@stephenw10
I still get:
sh: /usr/bin/nice-20 not found twice

The "Enable LCDproc package at start" is unchecked.
I used the "Edit file" option found under diagnostic to create the LCDd.conf under the catalog root.

stephenw10

Hmm, this is the actual code from the config.xml file from that box:

		<shellcmd>/usr/bin/nice -20 /usr/local/sbin/LCDd -r 0 -c /root/LCDd.conf &gt; /dev/null &amp;</shellcmd>
		<shellcmd>/usr/bin/nice -20 /usr/local/bin/lcdproc C T U &amp;</shellcmd>

Ah! The space between nice and -20 is not clear.

Steve

mickesanda

@stephenw10
Progress is being made :-) For a short while I saw readable text, Hd44780 and Thank you for using pfSense and a serial number.
But as soon as the boot sequence was finished everything is garbled again.
Starting package LCDproc...done. That works now.
Starting package Shellcmd...done

stephenw10

Sounds like the lcdproc package is still starting stuff separately. Make sure you have disabled the server and set the com port to 'none' and have unselected any screens in the gui.

Steve

mickesanda

@stephenw10
Happy dance :-)

Thank you Steve, I knew that choosing pfSense was the best way to go because of the support and community.

stephenw10

Nice!
Though when you see that it means the LCDd daemon is running but no clients are connecting to it.
With the second shellcmd you should see the three output screens for CPU usage, Time and Uptime.

Do the buttons work?

Steve

mickesanda

@stephenw10
Hmm..., no the buttons don't work:
The shellcommands are as follows:

1. /usr/bin/nice -20 /usr/local/sbin/LCDd -r 0 -c /root/LCDd.conf > /dev/null &
2. /usr/bin/nice -20 /usr/local/bin/lcdproc C T U &

stephenw10

Hmm, potentially some timing issue. Try running the client command from the command line, see if it attaches to the server then.
Check the system logs after booting you may well see the server and/or client being started/stopped several times.

Steve

randy_srs

is there a step by step howto install on a sophos SG appliance and what about the UTM appliances ?

mickesanda

@randy_srs Hi Randy, I cannot say for other Sophos appliances, but for SG330, I created a bootable USB stick with Rufus and the installation is very easy.
I could only auto identify one ethernet card. The rest were found automatically when the installation was finished. Other than the issue with the display, everything went smoothly.
/Mike

randy_srs

@mickesanda thanks for the info . i figured . i think there is a workaround for the LCD display . ill have to play around with them

pw

@mickesanda

Thx Mike, without messing in .conf file, all from GUI, was able to manage this on SG 450 platorm :)

Cheers

barrio603

I have SG 125 - SG 230 installed with PFSense and they work fine. The cost for a unit off ebay is way cheaper then buying a dual port and the only thing you need to concern about is the internal SSD, but that is a quick swap for a new one.

dkzsys

This post is deleted!

dabbler455

Has anyone tried to use the sfp port on an xg-135 rev3 with a gpon optic for an incoming fiber connection?

SGMPhil

pfSense works great on the SG-310 that I have. LCD works great with this configuration:

geoslake

Hi guys, and thanks for the above tips.
So ive installed latest Pfsense (community 2.7.2) on an SG115rev3. All went fine except Ethernet ports (ETH 0 to 3) are listed in random order each time the appliance reboots, which of course makes the device unusable with Pfsense.
Do any of you ever have encountered such a weird behaviour ?

Thanks & cheers