pfSense 2.4.3 on a Zotac CI327 Nano: How To
binHEX last edited by binHEX
Like an idiot, I bought a piece of hardware before researching here to see if worked ok. lol
So, after many hours researching here, and quite a few time performing impact tests of my wall with my forehead, I was finally able to get pfSense installed and passing traffic.
I probably ended up duplicating effort needlessly, as I am just not very familiar with FreeBSD, and have never needed to modify my pfSense installation media before this. But I will record what I did. Worst case, you might end up doing some extra typing. :)
Hardware: Zotax ZBox CI327 Nano, 2GB RAM, SATA HDD
Here's a step-by-step of how I was able to get it running.
- Flash BIOS to most recent version: 2K180116
- Revert BIOS to defaults (labeled as Optimized Defaults)
- Change these BIOS settings:
Features > CPU Configuration: Active Processor Cores = Disabled Intel Virt Tech = Disabled VT-d = Disabled Features > CPU Configuration > CPU Power Management Configuration: C-States = Disabled Features > USB Configuration: XHCI Hand-off = Disabled Power: Enable ACPI Auto Configuration = Disabled Enable Hibernation = Disabled ACPI Sleep State = Suspend Disabled Deep Sleep S5 support = Disabled Boot: Boot Mode = Legacy
- Save settings and reboot
- Download the pfSense 2.4.3 memstick image
- Write the memstick image to your USB flash drive
- Put the following settings into the file /boot/loader.conf
kern.cam.boot_delay=10000 hint.hpet.0.clock=0 hw.sdhci.enable_msi=0 hint.sdhci_pci.0.disabled=1 hint.sdhci_pci.1.disabled=1 debug.acpi.disabled="hostres" kern.geom.raid.enable="0" if_re_load="YES"
- Download the latest Realtek driver for the NICs.0_1531670258067_if_re.ko.zip
- Extract the file it_re.ko from the downloaded zip file, and place it into /boot/kernel/
- Create the file /usr/local/etc/rc.d/SDfix.sh
- Put the following line into the file:
usbconfig -u 0 -a 3 power_off
- Boot into the installation media and install pfSense using whatever settings you choose
- After installation, reboot.
- Once the boot menu pops up, hit 3 to enter the shell
- Enter the command:
- Then go back into the menu and hit 1 to boot into multi-user mode
- pfSense should boot up completely, although with some weird errors
- Hit 8 to enter the shell
- Plug in the USB flash drive and mount the main partition
Use this command to find the proper device and partition
gpart show da*
(On my system, it was da1p3)
and then, I created a mountpoint /mtn/usbtemp
use this command to mount the partition
mount -t ufs /dev/da1p3 /mnt/usbtemp
- Once mounted, copy the files that you created previously, to your new pfSense system
cp /mnt/usbtemp/boot/kernel/if_re.ko /boot/kernel/ cp /mnt/usbtemp/usr/local/etc/rc.d/SDfix.sh /usr/local/rc.d/ chmod 555 /usr/local/rc.d/SDfix.sh chmod 555 /boot/kernel/if_re.ko
- Add the lines from step #7 into the existing /boot/loader.conf file, taking care not to duplicate lines.
- Exit the shell
- Shutdown the device
- Remove the USB flash drive.
The device should boot properly now and pass traffic.
I still need to perform throughput tests, and will pass my results when complete.
I hope this helps someone else out there avoid some migraines!
*EDIT: corrected the Realtek driver file name from io_re.ko to if_re.ko
You should put custom loader settings in /boot/loader.conf.local otherwise they may be overwritten.
You can probably run that usbconfig command using a shellcmd rather than a script. That too might be overwritten.
You might be able to do that with a USB quirk.
binHEX last edited by binHEX
Thanks! yeah, I tried that. I put all of those settings into the /boot/loader.conf.local file... and the system froze at the HPET point of booting up. To prevent that, you have to use the hint.hpet.0.clock=0 setting. But it was already IN the proper file. So I put it into the /boot/loader.conf file and BLAMMO! It works.
I understand that it isn't what the docs tell you to do, but... it is the only way that worked for me. Believe me, I spent hours going over the docs, trying to find out what I was doing wrong. But, it wasn't until i configured things exactly the way that I posted that the router started booting up properly.
Mine is not to question why, mine is but to figure out a way to make the bugger run. :)