pfSense on Watchguard M370
-
I love forums like this.
I've got a M370 and now I can access the BIOS and also upgraded to an I5 7500 CPU :D
-
These M370s really make excellent pfSense boxes.
A few tips from having done a couple of them…-
The best CPU to use is an Intel Core i7-7700T. It’s fast, multithreaded and only 35W TDP. (QC/8MB/8T/2.9GHz/35W)
-
These Crucial RAM modules work perfectly to give 32GB. Overkill, yes.
https://www.amazon.co.uk/gp/aw/d/B019FRBCQE -
This Kingston KC600 mSATA 256GB SSD also works perfectly. Lots of room for logs.
https://www.amazon.co.uk/gp/aw/d/B08ZNSNL1K -
Noctua NF-A4x20 PWM fans make it silent but make sure you move the blue wire over from pin 4 to pin 5, otherwise they’ll run at full blast with no PWM.
-
The PSU fan can also be replaced by a Noctua NF-A4x10 FLX. Remove the 3 pins from the fan connector, cut the yellow wire, and then solder the black and red onto the circuit board on the side where the old fan was previously connected.
You’re left with a totally silent and fast pfSense box. These Watchguards are really beautifully built.
-
-
Thank Lanner.
-
@ost0 Thank you very much for this. This has literally stopped a lot of these boxes just going to e-waste. Nice work!
-
@Squuiid some of the credit should go to WatchGuard for storing the password in plaintext in the UEFI module, and of course PfSense devs.
I would warn on the Noctua conversion that for the same PWM signal the Noctuas does have a lot less airflow than the stock fans, so temperatures might be higher, just something to keep in mind.
I've got a very similar setup, Cruical RAM, Noctua Fan conversion, though still on stock CPU. For the SSD I've got an mSATA to M.2 Adapter running an M.2 SATA SSD from an old laptop, and no issues so far!
-
Terrific Upgrades.
I'm waiting for the 7700 non T and a Dual 2.5" adapter to accommodate two 1tb SATA INTEL s4510. I'm going the virtualization way.
I think the only missing and important part for this m370s is a most recent Bios Update to comply with the CVEs and Microcodes.
Has anybody found a solution for updating a most recent BIOS? -
The fan control system is based on the CPU temperature. If you put it under enough load the fans should ramp up anyway. The Noctua fans would just have to be ramped higher to get the same air flow but the default fans never run at maximum speed so it would likely be fine. By fitting them what you're really doing is reducing the minimum airflow which is where those boxes operate most of the time in my experience. The CPU runs pretty cool but other components will likely run hotter. I've seen no issues running with the standard fans at a reduced speed.
How much quieter are the Noctua fans compared to the standard fans set to run at speed
afor example?Steve
-
@stephenw10 I've not done a comparison for both at the same speed, but Noctua Fans with no PWM signal connected, so running at full, are quieter than the stock fans at a normal idle speed.
-
I'd guess a test at the same air flow would be needed, but I'm not sure how I'd do that! I guess setting the default fans to produce the same CPU temp at a known load would be fair.
Basically it's always been my belief that although the Noctua fans are aerodynamically better they achieve lower sound levels mostly by simply moving less air.
-
Hey Nick,
How did you go about installing exsi on a headless system?
I tried setting up a kickstarter file using this guide: https://www.virten.net/2014/12/unattended-esxi-installations-from-an-usb-flash-drive/
and setting up the serial console using parts from here: www.vmwareadmins.com/installing-esxi-serial-console-headless-video-card/
I can boot from USB but when it installs it cant seem to find any fixed disks and then installs to the USB stick, my guess is drivers but have you got any idea what I need to add to the iso at all?
-
Esxi 6.5 is the latest you can install..maybe 6.7. Definitely not 7.0 as that version does not support the sata ports.
I ran esxi 6.5 from usb. Used the msata to store iso's and sata ssd's to store the vm's
I switched to proxmox 8.0. Got a custom debian iso from https://fai-project.org/FAIme/# that gives an auto headless install with ssh. After that enable serial console and add the proxmox
https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_11_Bullseye and you are on your way. -
Ah thats where I was going wrong then! I started off with 8.0 then 7.0 but nothing below that i'll give 6.7 a go, let people know how I get on, thanks again and for the heads up for promox too.
-
@tapnet said in pfSense on Watchguard M370:
Ah thats where I was going wrong then! I started off with 8.0 then 7.0 but nothing below that i'll give 6.7 a go, let people know how I get on, thanks again and for the heads up for promox too.
Just wanted to update on this.
6.7 installs fine works really well, I would recommend using a Kickstarter file for unnattneded access.
I upgrade the CPU with a i5 7600k without needing to make any changes to bios or microcode. I am still running on the standard bios.
Now just need to configure virtual pfsense and retire my USG-3P thanks again.
-
Did you or anyone get anywhere with this? I have a female to female pcie cable and a Intel X530-DA2 card I can see the card powering on and evidence of life in unfi but its not being seen at all by esxi I tried all in the latest VIB file from vmware but its being superseeded so wont install
I am going to make a 3d printed enclosure for the card so it wont just sit out the case like that :) -
@tapnet said in pfSense on Watchguard M370:
evidence of life in unfi
What exactly are you seeing there?
-
Hi ,
I am trying to upgrade the MSATA drive in these from the 16Gb supplied to 256Gb.
I know it is overkill but it is giving me CAM errors and write delayed errors, along with operation not permitted errors ATA retry command exhausted.
This is not a new drive, I had the same errors with a second hand 128Gb one.
I have destroyed the partitions and the drive should be blank.
But I get the same error messages each time.
I booted system rescue cd over serial and examined the drive whilst in the WatchGuard. Smartmon tools find the driver healthy with no errors.
I am going to try a 2.5 120Gb SSD instead of the MSATA, but I will have to order one in.
Any advise on anything else to try? Everything installs fine on the original 16GB Transcend.
-
CAM errors like that are almost always a bad drive or drive controller. Do you have the exact error you were seeing?
-
@stephenw10 said in pfSense on Watchguard M370:
CAM errors like that are almost always a bad drive or drive controller. Do you have the exact error you were seeing?
It's during the installer stage.
Everything installs fine with the original 16gb.
Anyway of capturing the installer data or do I need to manually write it down else where?
But from what I recall you choose zfs auto and it immediately says operation not permitted.
When you try and create a ufs system the drive spews these ATA timeout cam errors.
I booted system rescue cd over serial and ran smartmon tools and they pass the drive after a health check.
I agree that errors like this are normally a bad drive, just wondering if the msata port has a max drive limit?
-
I'm not aware of a limit. 256GB isn't especially large.
Can you not copy/paste the error from the terminal during the install? Or grab a screenshot?
-
@stephenw10 said in pfSense on Watchguard M370:
I'm not aware of a limit. 256GB isn't especially large.
Can you not copy/paste the error from the terminal during the install? Or grab a screenshot?
Possibly but the screen rolls the error and returns to the installer screen.
I can definitely get the data from smartmon tools.
I have just ordered an 120gb msata and another 2.5 120gb ssd.
That will give me enough new parts to test with.
