Pfsense on a new HP Microserver GEN10



  • Good day

    I really hope some one can help me. I bought a new HP Microserver Gen10. I am trying to load Pfsense on this server. I created a USB and the server boots from the USB with no problem. I get the PF Sense initial menu. The it runs through and stops at the lines:

    Pcib0: _OSC Returned Error 0x10
    Pci0: <acpi pci="" bus="">on Pcib0

    And then it just stays there? I tried many things that I can google. I updated the Firmware / BIOS of the server to latest. This did not help.

    I wanted to try and change the SATA mode but I cannot find anywhere to change it.

    Anyone managed to get it loaded on a GEN10?

    Regards</acpi>


  • Rebel Alliance Global Moderator

    That box is not well suited for a bare metal firewall… Why not put your a hypervisor on it, and then run pfsense as a VM?  Say esxi its FREE.. Then you could run some other VMs on it and take advantage of the 4 bays for drives, use it say as NAS as well, etc.

    Did you add some nic cards to it.. I believe it only comes with 1 built in nic..

    Did you get it free or something.. That for sure would not be a good choice of running pfsense baremetal on.. Show it more expensive than say a sg-3100 from netgate.



  • Hi

    Thank you John.

    I did not really know that its not a good option. The only reason the hardware is reasonably priced. But I will def look into the netgate thank you.

    My next step was exactly as you say to load ESXi and run a VM.

    Don't really want to use it as something else other than a Firewall. So yes the additional drive bays is a waste.

    Thank you for your help. I appreciate it. I was just hoping someone might have gotten past this issue.

    Regards


  • Rebel Alliance Global Moderator

    Its prob very unlikely that anyone would try and install pfsense or even freebsd directly to such a machine.. That sort of hardware is gear for low end ma and pa shops that have a billy bob for their IT support and this server they install windows server on and run the little shop.

    I have old gen I run as my esxi box because I got it really cheap, it has 4 bays and made a nice little esxi host for my lab with running as a nas as well.. I still use it - but I added a dual nic and a single nic.. And ran my pfsense as vm, along with plex and linux vms, etc.. It still runs a few vms I use locally, etc.

    Its not a bad little server for the price - but its not a good choice for a box to be your firewall.


  • Netgate Administrator

    This fix will probably work:
    http://www.virten.net/2017/10/fix-for-freenas-on-hpe-microserver-gen10-x3216-stuck-console-issue/

    Interrupt the boot process to reach the boot loader prompt as described in many of the sections here:
    https://doc.pfsense.org/index.php/Boot_Troubleshooting

    Then enter:

    
    set hw.pci.realloc_bars=1
    boot
    
    

    If that boots and successfully add it to /boot/loader.conf.local

    Steve



  • HP (a.k.a. Compaq) boxes are weird.


  • Netgate Administrator

    In this case is looks like some issue with the graphics hardware in that APU and FreeBSD 11. Though HP may have injected additional weirdness.  ;)

    Steve



  • Hi. Thank you for all your input.

    As I mentioned earlier, I am not a hardware expert but I still do think this microserver is not a bad option (apart from the issue I have) the pricing of this server is very low. I am in South Africa. So firstly I don't even think there are distributors of the netgate appliances in SA.

    Secondly if I look at the pricing of the netgate sg-3100 it is $349. So with th4 ZAR TO USD exchange rate that is about R4500 then I will have to pay shipping and import duties which wil make the total cost +- R6000

    I got the microserver brand new with 2 x drives for R4999 . So that was my deciding factor. The client we are implementing this firewall are 14 users. So the hardware will be sufficient.

    Sammy you are correct. The Gen10 is fitted with an AMD cpu and not intel like the Gen8. And I think the graphics is causing the issue yes.

    Nonetheless, I am going the ESXi option and run the FW as a vm. I gave John's suggestion some thought and if I add another 2 drives and maybe add 2 NICs also then I have available capacity for i.e. a NAS vm. Or even a windows VM that can be used as a jump box.

    Cheers!


  • Rebel Alliance Global Moderator

    I show like 5 in SA
    https://www.netgate.com/partners/locator.html#south-africa

    Once you get atleast another nic you should be fine.. I personally would make sure you get atleast a dual so you can break out the vmkern from your other networks, put it on its own vswitch even if on the same actual layer 2 network as your lan, etc.

    I would bump your ram up as well on the microserver.  I have an OLD N40L and it still can run windows VMs - even windows 10 runs on it.. I wouldn't call it FAST ;)  But it works and can use it for testing, etc.  Got some windows 2012r2 that run on it without issue..

    Mine is not long for this world though.. Its really showing its age, time to retire it for something with more umph..

    Hmmm.. Most of those sites don't load.. But one shows sg3100 at R6790
    https://getred.co.za/products/sg-3100-pfsense-firewall-appliance

    That does seem high…

    https://justechnologies.co.za/wp/

    cert expired back in Feb... Not sure trust a tech company that can not even keep their websites ssl site current ;)



  • Thank you John for your input. I did go and google.a bit for a supplier in SA. Like you said most of the websites I found did not load and I contacted one and their phone number is out of service..

    And yes I think with import duties and the ZAR USD exchange rate the appliance is going to be more expensive.

    I just cannot get the ACPI problem sorted. I tried all the suggestions with no luck. The server comes with 2 x NIC's. I am planning on installing a 3rd NIc to use as you mentioned for the VM host network. And the other 2 dedicated to the FW vm for WAN and LAN .

    Server came with 8GB memory. So yes if I want to also load a windows 10 vm I will probably add more memory.



  • Hi ,

    I am currently running Pfsense 2.4.2 on the HP microserver Gen10 as a vm (ESXI)
    it comes with two nics onboard and i added 1x2 port intel card (cheap on ebay) ,

    the reason i used the GEN10 is its cheaper (£180, mine was £130 with cashback from HP) than most of the PFSENSE Chinese boxes which support AEN-IS hardware cryptographic accelerator £ 200+  (future proof for pfsense 2.5).

    this is my main firewall at home (adding snort/suricata IDS etc.) i can add any spare disk in the extra bays for logs etc without compromising performance

    i think its the best of both i also have sophos, nas4free and zentyal (Directory services)

    I think its the best bang for your buck PFSENSE platform for home/ Small business or PCLab





  • Rebel Alliance Global Moderator

    Yeah I ran like that for years on way older hardware..



  • Hi,

    Just saw this thread workaround, looks like its a known FreeBSD issue:

    https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221350

    I tried it in pfsense startup option 3

    Set hw.pci.realloc_bars=1
    boot

    gets you past the boot screen error , hav not got the time to do a full setup as i am running Pfsense as a VM on my GEN10 as my home firewall/router,  my son and wife want the internet back now.

    will try a full install on friday when they are asleep  :)



  • @krom12:

    Hi,

    Just saw this thread workaround, looks like its a known FreeBSD issue:

    https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221350

    I tried it in pfsense startup option 3

    Set hw.pci.realloc_bars=1
    boot

    gets you past the boot screen error , hav not got the time to do a full setup as i am running Pfsense as a VM on my GEN10 as my home firewall/router,  my son and wife want the internet back now.

    will try a full install on friday when they are asleep  :)

    Thank you very much you saved me a lot of time and frustration :-)



  • has someone an idea wether the Gen10 has more horsepower than the SG 3100?