No Serial Console Menu

  • I can see the serial console verbose at boot, but once it reaches "Bootup complete" there is no menu to reset firewall or do any other kind of configuration if needed. Tried changing speeds, settings, etc, no improvements.

    2.0-RC1 (i386)
    built on Wed Mar 23 01:24:24 EDT 2011

  • I've had this problem for a long time. Never found a solution but have asked on here in the past… It happened to 1 of the 11 pfSense firewalls I admin.

  • It used to work with version 1.2 and early versions of 2.0, I've tried reinstalling clean and nothing. This is the only backdoor in the event of failure or misconfiguration to do a factory reset if needed.

  • Hi,

    I ahve a Firebox X500 running latest build of 2.0

    The box boots up and works fine.

    The console give me info only during the boot process.
    At the end I get the message "boot complete" and after that nothing.

    If you ssh in to the box and log in, you get the console menu– but you never get it on the COM console,
    and the COM console does not respond to keyboard input of any kind....but
    that's the only thing that doesn't work.

    Is there a solution to resolv this problem?

  • Nobody? I would like to have serial console access too after pfsense in booted up.

  • Rebel Alliance Developer Netgate

    Are you on full installs with the serial console box checked under options?

    When I enable it, I get the menu on both serial and the console, though the boot messages from pfSense only go to the serial (FreeBSD boot messages go to both).

  • yes, full install and checkbox checked, but serial console is just … dead.
    During boot it work, but not after.

  • Rebel Alliance Developer Netgate

    Any change if you disable the serial console, reboot, then enable it, and reboot again?

    It all "just works" for me, at a glance, I don't see how that would work for some parts and not others.

  • @

    On the full installs I've tested I need to change dailup to cons25 in /etc/ttys

  • Rebel Alliance Developer Netgate

    I suppose whether or not these were fresh installs or upgrades from 1.2.3 might make a difference.

    I never had to do anything manually on this VM, it's always Just Worked(TM).

  • Well, this is a clean install and upgraded to latest snapshot. I tried disable serial console, reboot, enable serial console, reboot, but still nothing. After the message "Bootup Complete" it's dead silence, no console menu is shown.

  • Rebel Alliance Developer Netgate

    what does your /etc/ttys file look like on the line for ttyu0

  • console    "/usr/libexec/getty Pc"        cons25  on  secure

    #ttyv0      "/usr/libexec/getty Pc"        cons25  on secure

  • Rebel Alliance Developer Netgate

    neither of which is ttyu0…  :)

  • so i have to change it to ttyu0 and uncomment that line ?

  • Rebel Alliance Developer Netgate

    No, you need both of those lines, but there should be a whole set of ttyu <x>lines in there too.

    I have this under the ttyv <x>part:

    # Serial terminals
    # The 'dialup' keyword identifies dialin lines to login, fingerd etc.
    ttyu0   "/usr/libexec/getty bootupcli"  cons25  off     secure
    ttyu1   "/usr/libexec/getty std.9600"   dialup  off secure
    ttyu2   "/usr/libexec/getty std.9600"   dialup  off secure
    ttyu3   "/usr/libexec/getty std.9600"   dialup  off secure

  • I added those and still nothing  :-\

  • Hi all pfsensors,
    I'm facing the same issue as you on my pfsense.
    My pfsense box which is a watchguard Firebox X700 is actually running the embedded pfsense v1.2.3.
    With this release of pfsense, serial console is working perfectly.

    I would like to migrate to pfsense 2.0 RC1 and the serial console menu is not displayed.
    In the Web GUI, the serial interface is checked but nothing after "Bootup Complete" message.

    I'm running the Embedded kernel version in order to redirect the console output on serial interface and the ttys config file is all commented after install.
    So I modified the file to make the following line active (removed the sharp at the beginning of the line):
    ttyu0  "/usr/libexec/getty PC"  cons25  on    secure

    Unfortunately, serial console still doesn't display the menu  :'(

    SSH menu is working well but in case of mistake in configuration, the serial link is the best way to get back control on the system so I would like this link to work.

    If anybody has an idea to make it work, it would be nice.

    Thanks for your help.

  • Bump!

  • I have the same problem on my Firebox X700 and pfSense 2.0 RC3. I am unable to activate the serial console through webinterface or by using ssh and editing /etc/ttys.

    Boot messages are shown on serial console so cabling and everything else should be ok.


  • Netgate Administrator

    Is your box an upgrade or fresh install of 2.0?
    I don't really see why that make any difference but it seems to.


  • Its a fresh install of 2.0 RC3 on a 60Gigabyte Harddisk. The harddisk was moved to Firebox after initial installation and /etc/fstab had to be modified to allow normal boot without user interaction. Seems to be a well known and necessary procedure for Firebox.

    At first I tried the "enable serial console" option in the webinterface and rebootet. But except from the usual boot messages there was no reaction at the serial console. Afterwards I tried to modify /etc/ttys without any success.

  • I was also facing this issue on my Firebox X500. I simply solved this by invoking /etc/rc.initial by adding it to /etc/rc just before exit 0 at the end. Seems to be working just fine, except if I hit enter or ctrl-C in the menu. Then the behaviour isn't perhaps what it should be: /etc/rc get run again and at least web configurator dies.

  • Netgate Administrator

    Hmm, interesting. This issue is going to become a problem for all X-core users when 2.0 is released.


    Edit: Is anyone in this thread not using a Watchguard Firebox?
    Seems very strange. It would appear that it's not a case of the console being sent somewhere other than the serial port but rather the script that displays the menu and subsequent actions is not being called.
    Presumably something hardware related is stalling the script before it can run. Where is rc.initial called from?

  • Ok,

    Using the info found in here, and an old x500 laying around my house, I have come up with this "Band Aid" solution….

    ssh into your pfSense equipped firebox, get to a command prompt, and issue the following commands -

    mount -u -w /
    cd /usr/local/share/misc
    pkg_add -r wget
    pkg_add -r nano
    nano -w /etc/rc

    (At this point you will be in the nano text editor.....)

    Add the following lines just BEFORE exit 0 at the end of the file -

    --- COPY BELOW ---

    Firebox serial console "Band-Aid" Loop Fix


    --- END COPY ---

    Hit Ctrl-X, y to save, and you're done.....

    reboot your firebox, and VIOLA!! you now should have a functional serial console menu, complete with trapping CTRL-C, Enter, etc....


    Andrew Miffleton
    Voice Network Technician
    DFW Business Telephones, Inc.
    1260 Shiloh Rd.
    Plano, Texas 75074
    (972)424-4242 x455

  • Netgate Administrator

    Nice.  :)
    After looking through the many startup scripts I'm still none the wiser about where or how the rc.initial script is intended to run. Neither can I see what makes the X-core so 'special'. The serial console works just fine on other Watchguard hardware.

    You can use fetch instead of wget and ee instead of nano, both are included in pfSense.

    This is a good workaround though, thanks.


  • @dfwbt:


    Using the info found in here, and an old x500 laying around my house, I have come up with this "Band Aid" solution….



    Great! Thanks a lot!

Log in to reply