pfSense on Watchguard M270
-
Hey, i bought a Watchgaurd M270 and installed pfsense on a new mSata drive, activated pfsense plus home.
After i stick it in the M270, it boots up but ich can not config the etherswitch.
I get this error:etherswitchcfg: Can't open control file: /dev/etherswitch0: No such file or directory
-
You need the loader hints to create the switch device. Add these lines to /boot/device.hints:
hint.mdio.0.at="ix1" hint.e6000sw.0.addr=0 hint.e6000sw.0.is6190=1 hint.e6000sw.0.port0disabled=1 hint.e6000sw.0.port9cpu=1 hint.e6000sw.0.port10cpu=1 hint.e6000sw.0.port9speed=2500 hint.e6000sw.0.port10speed=2500
Unfortunately as I said those are lost at upgrade. The file handling for the 7100 switch adds/removes those lines when needed and the m270 is not recognised. Been a while since I looked at it though. Might be different in 22.01.
Edit: Nope still removed at upgrade so you need console access to add it back.Steve
-
@stephenw10 thank you.
My Switch is now working, but is ix1 wan and lan port or is ix0 wan and ix1 lan? -
If you used the script I posted above WAN should be ix0 and connects to port 0.
LAN should be ix1 and connects to ports 1-7.Of course you can change that to be however you want. Add VLANs to get 8 separate interfaces/ports for example.
Steve
-
This post is deleted! -
This post is deleted! -
@stephenw10 Perfect. Now everything is running.
Thank you very much Steve -
Did anyone update to pfsense plus 23.x?
@stephenw10 can you help me? -
It will run 23.01 just fine but, as mentioned, the device hints required for the switch will be lost at upgrade.
You will need to add them back at the console after the reboot. That might be twice coming from 22.05.Steve
-
@stephenw10 i did this with the hints and the etherswitch config but it didnt work. The Links are up but no connection to the network
-
Also this applies as it's the same switch: https://redmine.pfsense.org/issues/13993
Unlikely you would hit it unless you have two in HA with a direct link. -
Check
etherswitchcfg
shows the correct switch config. -
@stephenw10 what show etherswichcfg show me?
-
It should show you the current config for the switch.
If it just errors then the switch hasn't been setup correctly.
If it shows something but it's incorrect then the switch setup script probably didn't get run by the shellcmd.The actual output depends how you have it setup.
-
@stephenw10 port9 and port10 is in state 1. is it correct?
-
If you're using my example script above where the WAN is port 1 and LAN is ports 2-8 then it should look like:
[23.01-RELEASE][root@m270-2.stevew.lan]/root: etherswitchcfg etherswitch0: VLAN mode: PORT port1: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (1000baseT <full-duplex>) status: active port2: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (none) status: no carrier port3: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (none) status: no carrier port4: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (none) status: no carrier port5: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (none) status: no carrier port6: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (none) status: no carrier port7: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (none) status: no carrier port8: state=8<FORWARDING> flags=0<> media: Ethernet autoselect (none) status: no carrier port9: state=8<FORWARDING> flags=1<CPUPORT> media: Ethernet 2500Base-KX <full-duplex> status: active port10: state=8<FORWARDING> flags=1<CPUPORT> media: Ethernet 2500Base-KX <full-duplex> status: active vlangroup1: port: 1 members 9 vlangroup2: port: 2 members 3,4,5,6,7,8,10 vlangroup3: port: 3 members 2,4,5,6,7,8,10 vlangroup4: port: 4 members 2,3,5,6,7,8,10 vlangroup5: port: 5 members 2,3,4,6,7,8,10 vlangroup6: port: 6 members 2,3,4,5,7,8,10 vlangroup7: port: 7 members 2,3,4,5,6,8,10 vlangroup8: port: 8 members 2,3,4,5,6,7,10 vlangroup9: port: 9 members 1 vlangroup10: port: 10 members 2,3,4,5,6,7,8
-
Ah, now I recall I had to add those ports to the script in 23.01!
#!/bin/sh # # Script to setup the switch in the M270 # # SteveW 5/6/2020 # echo "Configuring switch..." logger Configuring switch... etherswitchcfg vlangroup1 vlan 1 members 9 etherswitchcfg vlangroup2 vlan 2 members 3,4,5,6,7,8,10 etherswitchcfg vlangroup3 vlan 3 members 2,4,5,6,7,8,10 etherswitchcfg vlangroup4 vlan 4 members 2,3,5,6,7,8,10 etherswitchcfg vlangroup5 vlan 5 members 2,3,4,6,7,8,10 etherswitchcfg vlangroup6 vlan 6 members 2,3,4,5,7,8,10 etherswitchcfg vlangroup7 vlan 7 members 2,3,4,5,6,8,10 etherswitchcfg vlangroup8 vlan 8 members 2,3,4,5,6,7,10 etherswitchcfg vlangroup9 vlan 9 members 1 etherswitchcfg vlangroup10 vlan 10 members 2,3,4,5,6,7,8 etherswitchcfg port1 forwarding etherswitchcfg port2 forwarding etherswitchcfg port3 forwarding etherswitchcfg port4 forwarding etherswitchcfg port5 forwarding etherswitchcfg port6 forwarding etherswitchcfg port7 forwarding etherswitchcfg port8 forwarding etherswitchcfg port9 forwarding etherswitchcfg port10 forwarding echo "done" logger done
-
@stephenw10 this looks like my configuration.
-
@stephenw10 i just have it. I forgot to forward port 9 and 10. sorry that was my fault
-
No that wasn't required in 22.05. Something changed in the switch driver defaults. Probably the same reason for that MDI/X bug.