RJ45 Console access



  • I have an FW-7551B-NG1 that a client had at their office. A power outage or something occurred and now it reboots about every 3 minutes. I can't connect via the WAN or LAN ports, so I need to go for console access. Unfortunately, I've never used the console port on the pfSense hardware, and have very rarely used console access on any other devices either.

    I'm looking at an RJ45 to USB cable which says it replaces RS232. Can anyone chime in on this and tell me if it'll work? Here's one example of said cable:
    https://www.amazon.com/Teepao-Replaces-Essential-Accesory-Switches/dp/B07CG6BF7F

    Thank you for any and all help you might provide. I just need to see the bios and general bootup if nothing else.



  • Make sure the connection at the RJ45 end is correct. Different brands may have different configurations. For example, Cisco is different from Adtran.



  • I will look into that. If nothing else, I can change the RJ45 end out for a new one and wire accordingly. Does anyone know where I can find the connection wiring for an RJ45 to USB console cable?



  • @smcgowan you can fine information on your firewall here link text I believe the pinout is on page 9. I have copied the information below for you to check out and
    tried to translate their unfamiliar nomenclature to something more familiar so that you can find and or make a console cable.
    I found the information in their user manual.

    RJ-45 Port

    1. LNRTSA# - RTS
    2. LNDTRA# - DTR
    3. LNSOUTA - TXD
    4. GND - GND
    5. GND - GND
    6. LNSINA - RXD
    7. LNDSRA# - DSR
    8. LNCTSA# - CTS


  • Thanks! I'll check that out now! I appreciate all the help guys!



  • I've ordered an FTDI RJ45 - USB cable and should have it in a day or so. I'll report results once I hook it up. Thanks for the link to the manufacturer's documentation, it's more in depth than the Netgate documentation and allowed me to doublecheck the wiring/pin-out.


  • Netgate Administrator

    I expect that to work fine. I have used a Cisco style cable like that with the 7551 I have here and it worked no problem.

    Steve



  • @stephenw10 Thanks for the info, that makes me feel a lot better about ordering it on a whim :). Now, if I can just get this rebooting issue figured out. (A bit hard without the ability to see the POST and/or the OS bootup).

    Thanks again everyone.



  • Here's what I just emailed to support@netgate.com after speaking with the Sales dept about an order I ended up having to place to just get this 7551 replaced for my client... Maybe you guys will spot what's going wrong.

    "Dear Netgate Support. A couple of years ago, I spec'd a 4 port FW-7551 for a client's network VPN hosting appliance and general firewall/router. All has been great with it, until last week. Then they had need to turn it off while moving it to another location, and now when they power it on, it powers up, and then appears to do nothing for roughly 3 minutes and then reboots. The LAN status lights come on when cables are connected, but I am unable to reach the system via it's default or configured IP addresses. The power status is green indicating no issues, but yet it continues to reboot.

    I purchased an RJ45 <-> USB cable from Amazon after a short discussion on the Netgate/pfSense forum. I connected the device (COM port settings show in image 1), fired up putty (serial connection settings shown in image 2), started the terminal, powered on the FW-7551, and waited to see something on the terminal screen... I got nothing... a black screen, even after the device powered off by itself and then powered back on (by itself again), just a blank terminal...
    Image 1:
    https://drive.google.com/file/d/0ByY9OFmpalfiSXpjM1RmVWtvdDlRQm02bXpQVXlWdjdwSHRN/view?usp=sharing
    Image 2:
    https://drive.google.com/file/d/0ByY9OFmpalfiMWZabkt5MEFfMUM4NWltd280bmFBeDdHVE9B/view?usp=sharing
    "


  • Rebel Alliance Netgate Administrator

    https://www.netgate.com/support/product-lifecycle.html

    There is not much we can do in support, we don't support units that are 2+ years EOL.

    The baud rates you have don't line up, one is 1152, other is 115200. You might want to double check, potentially even see if 9600 works.

    https://www.netgate.com/docs/pfsense/solutions/fw-7551/connect-to-console.html



  • Chris,
    I saw your comment about the baud rates in your email responses. Still no good. I understand about the lifecycle. I still figured I'd see what other users might have to say, since they're not hampered by Netgate's lifecycle.

    Thanks again for your responses, and have a great day :)



  • Oh, and your documentation is vague at best. It'd be great if you offered full pinout information for both ends of the cable, maybe even suggested cables to purchase (possibly even through Netgate, since some of your devices COME with the appropriate cable), etc..


  • Rebel Alliance Netgate Administrator



  • Ah, but then I get to go buy a DB9 to RJ45 conversion as well. Just suffice to say there's a little more that could be done with your documentation. Like, for instance, pointing out that you DO have that cable for sale ;-)

    Anyway, I sense a flamewar starting over something trivial. I'm running on three hour's sleep and not a happy camper, but I'm going to step away now.



  • @smcgowan said in RJ45 Console access:

    I purchased an RJ45 <-> USB cable from Amazon after a short discussion on the Netgate/pfSense forum. I connected the device (COM port settings show in image 1), fired up putty (serial connection settings shown in image 2), started the terminal, powered on the FW-7551, and waited to see something on the terminal screen... I got nothing... a black screen, even after the device powered off by itself and then powered back on (by itself again), just a blank terminal...

    Many, many years ago, I used to use something called a "breakout box", which was inserted between serial ports. With it, I could ensure the signals were on the correct pins etc. My first question is are you sure that USB adapter has the correct pin out? You may have to do some testing to determine that.



  • @JKnott, that was what I was worried about, and why it'd be nice if I knew what the correct pinout was for a USB to RJ45 rollover console cable was. Google has turned up many different offerings, and Netgate does not have (that I could find) documentation on the actual cable type I'm trying to use. Just the DB9 port diagram. Also, IIRC from my earlier dive into that manual that was linked earlier on the mfgr's site, the pinout doesn't match, but that might just be my sleep deprivation...speaking of which...

    I'm going to catch 2 hour's sleep before I have to get back to working



  • @smcgowan said in RJ45 Console access:

    @JKnott, that was what I was worried about, and why it'd be nice if I knew what the correct pinout was for a USB to RJ45 rollover console cable was.

    Here's what someone posted as the pin out for Netgear:

    1. LNRTSA# - RTS
    2. LNDTRA# - DTR
    3. LNSOUTA - TXD
    4. GND - GND
    5. GND - GND
    6. LNSINA - RXD
    7. LNDSRA# - DSR
    8. LNCTSA# - CTS

    However, the item you bought is apparently for Cisco. Here's their pinout:
    https://www.cisco.com/c/en/us/td/docs/wireless/access_point/1240/installation/guide/1240hig5/124h_e.pdf

    One difference I see it there's no provision for the handshaking signals. I don't know if that's a factor with that device, but years ago, it was common to loop back RTS - CTS and DSR - DTR. What happens if you loop back TXD - RXD? You should see the characters echo back, as you type

    Do you have any other serial devices you can test with? Use can use an RJ-45 jack as a breakout box.



  • Thanks for the further info @JKnott, you're extremely helpful! I might cut off the RJ45 end and crimp a new end with a new pinout. I'm almost sure that's the issue, unless the hardware is literally just that |=(_)(|<3|).

    I did have one other thought, maybe someone can help me with this... This particular board has a "Golden Finger" (PCI-e expansion connector) on it. Can this be utilized in some way to connect a graphics card for video output so that I can still possibly salvage this unit?



  • @smcgowan said in RJ45 Console access:

    I might cut off the RJ45 end and crimp a new end with a new pinout.

    If I'm not mistaken, the pin out listed earlier has the same TXD and RXD as the Cisco, so it should work. So, please verify what you have before you cut. If I had it here, it wouldn't take me long to check it, but it's difficult to explain the process here.


  • Netgate Administrator

    Yes that cable should work. The pinout is the same as listed for the FW-7551:
    http://www.lannerinc.com/phocadownload/user-manuals/x86-network-appliances/FW-7551_manual_v1.3_20170509.pdf

    It seems like either a bad cable or bad terminal setting somehow. Are you sure it's com5?

    The 3 minute period for the reboot seems a lot like a filesystem panic in which case it probably can be escaped or at least reinstalled with a working console.

    Do you know if it's running Nano from a CF card or full install from an SSD? Both were options when purchased.
    If it's Nano you can always reflash the last available Nano image to it without needing a console at all. Though it really should be running a full install of 2.4.4 at this point even it that's from CF.

    Steve



  • @jknott said in RJ45 Console access:

    @smcgowan said in RJ45 Console access:

    I might cut off the RJ45 end and crimp a new end with a new pinout.

    If I'm not mistaken, the pin out listed earlier has the same TXD and RXD as the Cisco, so it should work. So, please verify what you have before you cut. If I had it here, it wouldn't take me long to check it, but it's difficult to explain the process here.

    You're absolutely right, it matches the manual's console pinout (both Netgate and Lanner Inc). Here are two pictures of the RJ45 end, with the color of each wire viewable:
    0_1547771952329_cable001.jpg
    0_1547772015807_cable002.jpg

    @stephenw10 said in RJ45 Console access:

    Yes that cable should work. The pinout is the same as listed for the FW-7551:
    http://www.lannerinc.com/phocadownload/user-manuals/x86-network-appliances/FW-7551_manual_v1.3_20170509.pdf

    It seems like either a bad cable or bad terminal setting somehow. Are you sure it's com5?

    Yes. Device Manager shows COM5 as the "USB Serial Port"

    The 3 minute period for the reboot seems a lot like a filesystem panic in which case it probably can be escaped or at least reinstalled with a working console.

    Excellent! If I can eventually get into the console.

    Do you know if it's running Nano from a CF card or full install from an SSD? Both were options when purchased.
    If it's Nano you can always reflash the last available Nano image to it without needing a console at all. Though it really should be running a full install of 2.4.4 at this point even it that's from CF.

    It's a CF. I don't know what version is currently installed, because I only have to access that router every once in a great while when they contact me with an issue. Typically, the router isn't even the issue, but I always go in and check to make sure and to make them feel better.

    I'll do some digging into reflashing the device, thanks Steve :)

    Oh and Colin Wu over at Lanner Inc was very helpful. The Lannerinc.com's site has an automated chatbot that pops up to see if you have questions. I had sent this question last night: "My only question is if you have an RJ45 to USB console cable you'd recommend for this device? I currently have a client with one and it reboots after about 3 minutes so I need to access the console.". Colin was notified of a missed chat message at some point today and he sent me an email in which he told me to try the following cable: https://www.amazon.com/Console-Essential-Accesory-Ubiquity-Switches/dp/B01AFNBC3K. By all appearances, that cable matches the one I bought in terms of pinout. That is, it does on the RJ45 side. The linked product above includes pin layout for the USB side in it's product pictures on Amazon.

    Alright guys, I'm off to go eat and walk by friggin' large dogs (85lbs and 121lbs!!!).
    Have a good evening,
    Sherwood



  • If someone has the correct console cable they can do a continuity check to pinout the cable and post the pinout here. The so called cisco admin cable is a "rollover" cable. Sometime I cut the RJ45 connector off and flip the connector to make it work. Really what you want to do is make sure that the following pins go to each other.

    RXD - TXD
    RTS - CTS
    DTR - DSR
    GND - GND
    and it should be this way on both sides of the cable on the RJ45 and DB9 sides.



  • Here is the pinout for a RS-232 port for a PC

    1 CD «— Carrier Detect
    2 RXD «— Receive Data
    3 TXD —» Transmit Data
    4 DTR —» Data Terminal Ready
    5 GND System Ground
    6 DSR «— Data Set Ready
    7 RTS —» Request to Send
    8 CTS «— Clear to Send
    9 RI «— Ring Indicator



  • Your cable should look like this:

    RJ45 ------ DB9
    1 RTS -> CTS 8
    2 DTR -> DSR 6
    3 TXD -> RXD 2
    4 GND -> GND 5
    5 GND -> GND 5
    6 RXD -> TXD 3
    7 DSR -> DTR 4
    8 CTS -> RTS 7
    ***********N/A 9
    *Pin 4 on the RJ45 side is probably not used

    I do not have the cable or the firewall that you have but using a multi-meter set to the diode test (make sure it's set to audio) you can verify your pinout. This should be the cable pinout if someone can confirm. While the cisco admin cable matches the pins it doesn't have all the pins and I'm not sure which signal the box actually uses.



  • Just thought of something you might want to try to turn your flow control to off. Using putty the default is XON/XOFF



  • BTW, as I mentioned in another thread, it's DE-9, not DB-9.

    D-subminiature

    A lot of people get this wrong.



  • Thanks for the clarification/Correction.


  • Netgate Administrator

    The default flow control setting is off, yes. It looked like it was set to off in putty in the previous screenshots though.

    It is possible to disable console redirection entirely in the BIOS. If you still see nothing at all it might be worth a cmos reset to bring back the default bios values.

    Steve



  • @jknott said in RJ45 Console access:

    BTW, as I mentioned in another thread, it's DE-9, not DB-9.

    So funny, I make that mistake all the time. Even the mfgrs list this wrong on Amazon 😂



  • @stephenw10 said in RJ45 Console access:

    The default flow control setting is off, yes. It looked like it was set to off in putty in the previous screenshots though.

    I modified the various settings into various matching combinations. Still no dice.

    It is possible to disable console redirection entirely in the BIOS. If you still see nothing at all it might be worth a cmos reset to bring back the default bios values.

    What jumper needs changed to accomplish a bios reset?

    Thanks again everyone, this is helping. Soooo much more info than the manual gives


  • Netgate Administrator

    Hmm, seems like there might not be one amazingly, or at least I can't see one in the manual.

    You could just pull the battery for a few minutes instead.

    Edit: There is a jumper next to the battery labelled JBAT1 which I would guess will clear it.

    Steve



  • Thanks @stephenw10 I'll check that out.

    I just received my SG-1100 from the Netgate store. I'll be configuring it shortly but after that I'll be digging back into the FW-7551.



  • Arrg! I have no idea how I'm supposed to get my test lead into the USB end and then also hold my other test lead on the RJ45 end, all while not being completely sure if I'm making proper contact :P (I'm using the smallest test leads I've got, still huge compared to the RJ45 conductors and the USB conductors.

    I need a USB to RJ45 cable tester like I have for RJ45/RJ11, as well as a few audio cable type testers 🐷



  • @smcgowan said in RJ45 Console access:

    I need a USB to RJ45 cable tester like I have for RJ45/RJ11, as well as a few audio cable type testers

    You don't have end to end connections on that cable. There is a converter chip in that cable that converts from the USB to serial interface. I have the same thing, except the serial end is a DE-9. Beyond that, one trick is to get a jack that accepts the serial end and breaks it out to screw terminals. However, they're not that common for 8 pin connectors and getting that way for 4 & 6 pins.



  • @jknott said in RJ45 Console access:

    You don't have end to end connections on that cable. There is a converter chip in that cable that converts from the USB to serial interface. I have the same thing, except the serial end is a DE-9.

    Serial end? I'm not sure I follow. I think there's a lot of little lost in translation things going on.

    I'm using this cable:
    FTDI RJ45 - USB cable. A different cable was suggested by the manufacturers of the motherboard at the heart of the FW-7551, but the one linked in this post just now is the one I'm using. I'm having trouble figuring out how to determine if the signal at say pin 5 on the RJ45 side is making it to the appropriate pin on the USB side. I can barely fit my test leads into the USB end, let alone get it on a specific lead.
    Of course, then there's the chip issue that you brought up. If there's a chip in there that's performing the rerouting of the signals, it's probably relying on power via USB to run, which seems problematic for our little netgear console needs, would you agree?

    Beyond that, one trick is to get a jack that accepts the serial end and breaks it out to screw terminals. However, they're not that common for 8 pin connectors and getting that way for 4 & 6 pins.

    Again, I'm curious about the "serial end" moniker here. Do you mean the USB or RJ45 end? There is no DE-9 end, male or female, at any stage of this cable, or on any of my devices.

    One last thing...I'm thinking if nothing else, I've had a fake prolific chip cable delivered to me. Apparently that is an issue with some sellers. Anybody know how I might determine that without tearing apart this cable?

    Thanks again guys, I appreciate you all continuing through this little cable drama with me (pun intended har har).

    Cheers



  • @smcgowan said in RJ45 Console access:

    Serial end? I'm not sure I follow. I think there's a lot of little lost in translation things going on

    An adapter like that has two ends, the USB end, which plugs into a computer and the serial end, which plugs into the serial port of whatever it is you're trying to connect to. Many years ago, a DB-25 connector was commonly used, then DE-9. In many devices, such as routers and switches, an 8 pin RJ45 connector is now common.

    If there's a chip in there that's performing the rerouting of the signals, it's probably relying on power via USB to run, which seems problematic for our little netgear console needs, would you agree?

    It does more that just reroute signals, it converts from USB data, to RS-232, which uses different protocols, voltages, etc.. However, that device does rely on USB power. Any device with an A or C connector and some B can provide USB power. As for your equipment, if it has an RJ45 connector, then it's not expected to provide power. The power for that chip will come from the computer it's connected to.

    You can test that adapter, by connecting TXD to RXD and using something like Putty to type. If it's working, you should see the characters appear as you type. Make sure handshaking is not enabled for this test.


  • Netgate Administrator

    Yes, that exactly. You can't test continuity on that cable (except for the gnd maybe).

    The best you can do is link Rx and Tx and see if typed characters are echoed back.

    I would bet on a bad terminal setup of some kind. Maybe the wrong driver in there or not installed correctly in Windows.

    Can you test using a Live Linux distro? Or any Linux client that will have the drivers included.

    If not try re-installing the usb drivers in Windows.

    Steve



  • I prefer a USB 2 Serial adapter like this: as far as RJ45 to DE-9 I use these. I usally buy them by the 25-pack which you can find much cheaper on ebay. I also get them with the male ends as well.



  • Connecting to TXD to RXD physically on the RJ45, ah yes that makes sense!

    @mikeisfly, unfortunately I'm in a financial situation where I already bought this cable I have and my financial situation at this particular moment doesn't allow for purchasing further cables. Additionally, this is something I only have to do once every few years.

    I'll launch one of my linux CDs and see if it works there, otherwise I'll go to the TX<->RX jumper route to test. I'm pretty dang sure I have no issues with my driver, since the SG-1100 console works just fine via a different cable. The putty session is identical as well. The Profilic driver needed for the cable I'm using with the FW-7551is the latest version.

    I'll follow up after these tests.



  • @smcgowan said in RJ45 Console access:

    I'll launch one of my linux CDs and see if it works there, otherwise I'll go to the TX<->RX jumper route to test.

    Regardless of what software you use, you'll still have to connect RXD - TXD. In Linux, minicom is a commonly used app for this.


Log in to reply