Installing pfSense on Sophos XG 105 rev. 2



  • Got my hands on a rev. 2 XG 105 appliance and immediately thought this was the perfect little pfSense hardware. Low power consumption, 64GB sata SSD, 2GB ram was upgradable (up to 8GB?), E3826 aes-ni proc, 2 usb 2.0 ports, vga console, 4 gigabit ports(Intel i211). Started on this by factory defaulting the bios and popping in the latest version of pfSense via usb. drive booted up but as soon as I went to install it, the intaller crapped out at some line of command:

    atkbdc0: <Keyboard controller> (i8042) at port 0x60,0x64 on isa0
    atkbd0: <AT Keyboard> irq 1 onatkbdc0
    

    My first thought was to change all settings in the bios I could think of that would be affecting the bootup. I made changes to anything and everything I could find related to pcie, cpu, storage devices, ACPI, etc.... Same results every time. interupting the boot got the db> prompt, but being new to this, it wasnt any help. I could also get it to give me a fatal trap 30 by pressing ctrl+C when booting, but no significance to me and I couldn't find anything that made sense being new to BSD. The next step was to try some loader.conf modifications and I tried setting up these commands I felt that were related to my errors. Here are the commands I used:

    set hint.atkbd.0.disabled=1
    set hint atkbdc.0.disabled=1
    

    Awesome, the installer boots now, and even installs to the local drive! woohoo... wait... After pfSense starts up, no interfaces are detected. pfSense will not boot if does not detect at least one NIC. From here, I tried installing freebsd- no dice. Exact same problem. Next, I moved onto Mint, and other distros... they installed perfectly. Even with default or modified bios settings. Everything I threw at it just worked... except BSD or pfSense. I even installed Untangle... Side note- it has a nice interface, but wasn't what I was looking for(I have to admit, their install process is pretty and polished too). Back to the drawing board.. I factory reset the bios again, and reading each setting, I found the one setting that made this work. In the bios, navigate to Advanced > USB Configuration > Port 60/64 Emulation. Flip this to [Disabled.]
    0_1533091843116_XG105bios_pfSense.JPG

    After making this one change, pfSense installed perfectly and even boots up. All interfaces are up and so far everything is working. Not sure why this was such an important setting for BSD to flip out, but it does make perfect sense when you review the initial garbage that the BSD boot process spit at me before abruptly rebooting. Apparently, all operating systems except FreeBSD have a tolerance for 60h/64h emulation support... or it could just be this hardware and or this bios. Anyhow, thanks for reading this ranty, and unnecessarily long post. Hopefully this will help somebody repurpose these now aging Sophos XG 105 or even a related XG/SG box with pfSense. I especially like how these little boxes are AES-NI ready and should run 2.5 when the new BSD is released.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy