pfSense on Watchguard M370
-
@nicknitro said in pfSense on Watchguard M370:
Also considering replacing the original heatsink for a Dynatron k199.
A ducted cooling solution, like the OEM setup, is better than that IMO. Expel the heat from the case rather than just blow air about inside it.
-
@stephenw10 Got the idea, thanks for pointing that suggestion. A plastic shroud could handle it.
About the CPU, well I've seen someone used a 7th gen i5, haven't seen anyone using a i7 nor i7 (k) edition, there's a big difference in the CPU wattage per model, 61w vs 91w, perhaps that could be a limiting factor.Another factor I was considering is the lack of Intel Microcode in the BIOS for that i7 7700k, the only way is testing it but i don't have any around.
-
The standard cooling solution is pretty good anyway. I think the M670 may have more fans pulling the air through.
-
@stephenw10 I think both (m370 and m670) have the same board layout and 3 exhaust fans, the difference is chipset, CPU support and the PCIe X8 expansion.
-
I love forums like this.
I've got a M370 and now I can access the BIOS and also upgraded to an I5 7500 CPU :D
-
These M370s really make excellent pfSense boxes.
A few tips from having done a couple of them…-
The best CPU to use is an Intel Core i7-7700T. It’s fast, multithreaded and only 35W TDP. (QC/8MB/8T/2.9GHz/35W)
-
These Crucial RAM modules work perfectly to give 32GB. Overkill, yes.
https://www.amazon.co.uk/gp/aw/d/B019FRBCQE -
This Kingston KC600 mSATA 256GB SSD also works perfectly. Lots of room for logs.
https://www.amazon.co.uk/gp/aw/d/B08ZNSNL1K -
Noctua NF-A4x20 PWM fans make it silent but make sure you move the blue wire over from pin 4 to pin 5, otherwise they’ll run at full blast with no PWM.
-
The PSU fan can also be replaced by a Noctua NF-A4x10 FLX. Remove the 3 pins from the fan connector, cut the yellow wire, and then solder the black and red onto the circuit board on the side where the old fan was previously connected.
You’re left with a totally silent and fast pfSense box. These Watchguards are really beautifully built.
-
-
Thank Lanner.
-
@ost0 Thank you very much for this. This has literally stopped a lot of these boxes just going to e-waste. Nice work!
-
@Squuiid some of the credit should go to WatchGuard for storing the password in plaintext in the UEFI module, and of course PfSense devs.
I would warn on the Noctua conversion that for the same PWM signal the Noctuas does have a lot less airflow than the stock fans, so temperatures might be higher, just something to keep in mind.
I've got a very similar setup, Cruical RAM, Noctua Fan conversion, though still on stock CPU. For the SSD I've got an mSATA to M.2 Adapter running an M.2 SATA SSD from an old laptop, and no issues so far!
-
Terrific Upgrades.
I'm waiting for the 7700 non T and a Dual 2.5" adapter to accommodate two 1tb SATA INTEL s4510. I'm going the virtualization way.
I think the only missing and important part for this m370s is a most recent Bios Update to comply with the CVEs and Microcodes.
Has anybody found a solution for updating a most recent BIOS? -
The fan control system is based on the CPU temperature. If you put it under enough load the fans should ramp up anyway. The Noctua fans would just have to be ramped higher to get the same air flow but the default fans never run at maximum speed so it would likely be fine. By fitting them what you're really doing is reducing the minimum airflow which is where those boxes operate most of the time in my experience. The CPU runs pretty cool but other components will likely run hotter. I've seen no issues running with the standard fans at a reduced speed.
How much quieter are the Noctua fans compared to the standard fans set to run at speed
a
for example?Steve
-
@stephenw10 I've not done a comparison for both at the same speed, but Noctua Fans with no PWM signal connected, so running at full, are quieter than the stock fans at a normal idle speed.
-
I'd guess a test at the same air flow would be needed, but I'm not sure how I'd do that! I guess setting the default fans to produce the same CPU temp at a known load would be fair.
Basically it's always been my belief that although the Noctua fans are aerodynamically better they achieve lower sound levels mostly by simply moving less air.
-
Hey Nick,
How did you go about installing exsi on a headless system?
I tried setting up a kickstarter file using this guide: https://www.virten.net/2014/12/unattended-esxi-installations-from-an-usb-flash-drive/
and setting up the serial console using parts from here: www.vmwareadmins.com/installing-esxi-serial-console-headless-video-card/
I can boot from USB but when it installs it cant seem to find any fixed disks and then installs to the USB stick, my guess is drivers but have you got any idea what I need to add to the iso at all?
-
Esxi 6.5 is the latest you can install..maybe 6.7. Definitely not 7.0 as that version does not support the sata ports.
I ran esxi 6.5 from usb. Used the msata to store iso's and sata ssd's to store the vm's
I switched to proxmox 8.0. Got a custom debian iso from https://fai-project.org/FAIme/# that gives an auto headless install with ssh. After that enable serial console and add the proxmox
https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_11_Bullseye and you are on your way. -
Ah thats where I was going wrong then! I started off with 8.0 then 7.0 but nothing below that i'll give 6.7 a go, let people know how I get on, thanks again and for the heads up for promox too.
-
@tapnet said in pfSense on Watchguard M370:
Ah thats where I was going wrong then! I started off with 8.0 then 7.0 but nothing below that i'll give 6.7 a go, let people know how I get on, thanks again and for the heads up for promox too.
Just wanted to update on this.
6.7 installs fine works really well, I would recommend using a Kickstarter file for unnattneded access.
I upgrade the CPU with a i5 7600k without needing to make any changes to bios or microcode. I am still running on the standard bios.
Now just need to configure virtual pfsense and retire my USG-3P thanks again.
-
Did you or anyone get anywhere with this? I have a female to female pcie cable and a Intel X530-DA2 card I can see the card powering on and evidence of life in unfi but its not being seen at all by esxi I tried all in the latest VIB file from vmware but its being superseeded so wont install I am going to make a 3d printed enclosure for the card so it wont just sit out the case like that :)
-
@tapnet said in pfSense on Watchguard M370:
evidence of life in unfi
What exactly are you seeing there?
-
Hi ,
I am trying to upgrade the MSATA drive in these from the 16Gb supplied to 256Gb.
I know it is overkill but it is giving me CAM errors and write delayed errors, along with operation not permitted errors ATA retry command exhausted.
This is not a new drive, I had the same errors with a second hand 128Gb one.
I have destroyed the partitions and the drive should be blank.
But I get the same error messages each time.
I booted system rescue cd over serial and examined the drive whilst in the WatchGuard. Smartmon tools find the driver healthy with no errors.
I am going to try a 2.5 120Gb SSD instead of the MSATA, but I will have to order one in.
Any advise on anything else to try? Everything installs fine on the original 16GB Transcend.