Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upcycling older firewalls for pfsense

    Scheduled Pinned Locked Moved Hardware
    9 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JaneMoss
      last edited by

      Hello, I had been looking at building pc to into a pfSense server but then I saw quite a few people had been able to install pfSense on older 3rd party firewall systems eg watchguard.

      Is there a list or a recommendations on what can be used and has worked well in terms of 3rd party firewalls running pfSense.

      NollipfSenseN 1 Reply Last reply Reply Quote 0
      • NollipfSenseN
        NollipfSense @JaneMoss
        last edited by

        @janemoss No list available that I know of; however, any equipment after 2012 should be good.

        pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
        pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          It must be x86 and it must not be locked down to preventing booting unsigned images for example. It helps to have a real console on it of some sort.

          Steve

          J 1 Reply Last reply Reply Quote 0
          • J
            JaneMoss @stephenw10
            last edited by

            @stephenw10 @NollipfSense

            Thanks I went with a watchguard as its in my price range at the moment. I saw topics dating back about 10 years on it. Some point to a docs page/ support site here on the site but the page appears to have been removed.

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by stephenw10

              Probably this from the old wiki: https://web.archive.org/web/20171205175929/https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox

              Which device?

              Steve

              P 1 Reply Last reply Reply Quote 0
              • P
                Paulk201270 @stephenw10
                last edited by

                Hi. Just as an FYI, I have multiple XTM 5 units and love them but there appears to be some kind of an issue on 2.5.1 specific to these models that IPSEC suddenly stops responding. If anyone else out there has some experience on this and can provide feedback. 2.4.5p1 works fine on that hardware.

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  Stops connecting or stops passing traffic?

                  Do the packet counters keep rising? Outbound only perhaps?

                  Do you get any traffic across it before it fails?

                  Does restarting IPSec bring it back up?

                  Sounds similar to this: https://redmine.pfsense.org/issues/11524
                  Except it can't be that because no CPU that runs in XTM5 could hit that.

                  Steve

                  P 1 Reply Last reply Reply Quote 0
                  • P
                    Paulk201270 @stephenw10
                    last edited by

                    @stephenw10 Thanks for your response. Will have to wait till one of the active ones stops as I migrated a primary back to different hardware.

                    Hitting stop or restart on IPSEC services does absolutely nothing, aside from the last message in the log stating shutting down. I do find it weird that everything stops in the logs for several days until the machine is restarted.

                    I had upgraded the CPU to a Core-2-D (Have to remember the exact model), and did redo heatsink, thermal compound (MX-4).

                    Prior to failure it works fine - but if I am actively transferring larger data I think it just ceases at that point. I have an entry in the IPSEC section of the forum showing the logs, not sure if that helps... It does however seem weirdly attached to the XTM5 hardware as my older Lanner box does not fail.....

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by stephenw10

                      Hmm, hard to think what that might be if it's only IPSec that stops responding.

                      Do you mean there are no IPSec logs or no logs at all?

                      If are no IPSec logs (until you reboot?) that implies the ipsec daemon stopped responding perhaps. I would look at the output od ps -auxwwd for ipsec, charon and strongswan lines.

                      I haven't seen that on the one I have here though it doesn't get the use it once did.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.