pfSense on Watchguard M370
-
You need to set the permissions to allow it to be executable. I just used:
chmod 0755 WGXepc64
-
It's been a while since I started using this unit as my main pFSense router. It has been running undoubtedly perfect but i would like to get a little bit more of it.
I'm planning on going the Virtualization way with esxi (already tested) and more ram, more SSDs and a CPU Upgrade. Right now is running an i3 6100 but i would like to swap it for a Core i7 7700k, you know, those extra GHz and HT. Has anyone been able to get this particular CPU working in the m370? Also considering replacing the original heatsink for a Dynatron k199.Suggestions welcome.
Cheers.
-
@nicknitro said in pfSense on Watchguard M370:
Also considering replacing the original heatsink for a Dynatron k199.
A ducted cooling solution, like the OEM setup, is better than that IMO. Expel the heat from the case rather than just blow air about inside it.
-
@stephenw10 Got the idea, thanks for pointing that suggestion. A plastic shroud could handle it.
About the CPU, well I've seen someone used a 7th gen i5, haven't seen anyone using a i7 nor i7 (k) edition, there's a big difference in the CPU wattage per model, 61w vs 91w, perhaps that could be a limiting factor.Another factor I was considering is the lack of Intel Microcode in the BIOS for that i7 7700k, the only way is testing it but i don't have any around.
-
The standard cooling solution is pretty good anyway. I think the M670 may have more fans pulling the air through.
-
@stephenw10 I think both (m370 and m670) have the same board layout and 3 exhaust fans, the difference is chipset, CPU support and the PCIe X8 expansion.
-
I love forums like this.
I've got a M370 and now I can access the BIOS and also upgraded to an I5 7500 CPU :D
-
These M370s really make excellent pfSense boxes.
A few tips from having done a couple of them…-
The best CPU to use is an Intel Core i7-7700T. It’s fast, multithreaded and only 35W TDP. (QC/8MB/8T/2.9GHz/35W)
-
These Crucial RAM modules work perfectly to give 32GB. Overkill, yes.
https://www.amazon.co.uk/gp/aw/d/B019FRBCQE -
This Kingston KC600 mSATA 256GB SSD also works perfectly. Lots of room for logs.
https://www.amazon.co.uk/gp/aw/d/B08ZNSNL1K -
Noctua NF-A4x20 PWM fans make it silent but make sure you move the blue wire over from pin 4 to pin 5, otherwise they’ll run at full blast with no PWM.
-
The PSU fan can also be replaced by a Noctua NF-A4x10 FLX. Remove the 3 pins from the fan connector, cut the yellow wire, and then solder the black and red onto the circuit board on the side where the old fan was previously connected.
You’re left with a totally silent and fast pfSense box. These Watchguards are really beautifully built.
-
-
Thank Lanner.
-
@ost0 Thank you very much for this. This has literally stopped a lot of these boxes just going to e-waste. Nice work!
-
@Squuiid some of the credit should go to WatchGuard for storing the password in plaintext in the UEFI module, and of course PfSense devs.
I would warn on the Noctua conversion that for the same PWM signal the Noctuas does have a lot less airflow than the stock fans, so temperatures might be higher, just something to keep in mind.
I've got a very similar setup, Cruical RAM, Noctua Fan conversion, though still on stock CPU. For the SSD I've got an mSATA to M.2 Adapter running an M.2 SATA SSD from an old laptop, and no issues so far!
-
Terrific Upgrades.
I'm waiting for the 7700 non T and a Dual 2.5" adapter to accommodate two 1tb SATA INTEL s4510. I'm going the virtualization way.
I think the only missing and important part for this m370s is a most recent Bios Update to comply with the CVEs and Microcodes.
Has anybody found a solution for updating a most recent BIOS? -
The fan control system is based on the CPU temperature. If you put it under enough load the fans should ramp up anyway. The Noctua fans would just have to be ramped higher to get the same air flow but the default fans never run at maximum speed so it would likely be fine. By fitting them what you're really doing is reducing the minimum airflow which is where those boxes operate most of the time in my experience. The CPU runs pretty cool but other components will likely run hotter. I've seen no issues running with the standard fans at a reduced speed.
How much quieter are the Noctua fans compared to the standard fans set to run at speed
a
for example?Steve
-
@stephenw10 I've not done a comparison for both at the same speed, but Noctua Fans with no PWM signal connected, so running at full, are quieter than the stock fans at a normal idle speed.
-
I'd guess a test at the same air flow would be needed, but I'm not sure how I'd do that! I guess setting the default fans to produce the same CPU temp at a known load would be fair.
Basically it's always been my belief that although the Noctua fans are aerodynamically better they achieve lower sound levels mostly by simply moving less air.
-
Hey Nick,
How did you go about installing exsi on a headless system?
I tried setting up a kickstarter file using this guide: https://www.virten.net/2014/12/unattended-esxi-installations-from-an-usb-flash-drive/
and setting up the serial console using parts from here: www.vmwareadmins.com/installing-esxi-serial-console-headless-video-card/
I can boot from USB but when it installs it cant seem to find any fixed disks and then installs to the USB stick, my guess is drivers but have you got any idea what I need to add to the iso at all?
-
Esxi 6.5 is the latest you can install..maybe 6.7. Definitely not 7.0 as that version does not support the sata ports.
I ran esxi 6.5 from usb. Used the msata to store iso's and sata ssd's to store the vm's
I switched to proxmox 8.0. Got a custom debian iso from https://fai-project.org/FAIme/# that gives an auto headless install with ssh. After that enable serial console and add the proxmox
https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_11_Bullseye and you are on your way. -
Ah thats where I was going wrong then! I started off with 8.0 then 7.0 but nothing below that i'll give 6.7 a go, let people know how I get on, thanks again and for the heads up for promox too.
-
@tapnet said in pfSense on Watchguard M370:
Ah thats where I was going wrong then! I started off with 8.0 then 7.0 but nothing below that i'll give 6.7 a go, let people know how I get on, thanks again and for the heads up for promox too.
Just wanted to update on this.
6.7 installs fine works really well, I would recommend using a Kickstarter file for unnattneded access.
I upgrade the CPU with a i5 7600k without needing to make any changes to bios or microcode. I am still running on the standard bios.
Now just need to configure virtual pfsense and retire my USG-3P thanks again.
-
Did you or anyone get anywhere with this? I have a female to female pcie cable and a Intel X530-DA2 card I can see the card powering on and evidence of life in unfi but its not being seen at all by esxi I tried all in the latest VIB file from vmware but its being superseeded so wont install I am going to make a 3d printed enclosure for the card so it wont just sit out the case like that :)