Watchguard XTM 5 Series
-
All installed and happy! Took some work to get it to boot anything for some reason, though. I did confirm that the stock BIOS will recognize a USB flash drive, and removing the CF appears to position the USB as bootable… but no matter what I did to either the CF or the USB I couldn't seem to get it to boot either of them. It would just stop after the BIOS output with no errors or movement.
I ultimately ended up plugging in a USB to SATA cable to the hard drive (which was a little tight since I didn't want to remove the HDD from the Watchguard) and booted the same USB stick on a laptop. While it did boot, I ended up reflashing the USB once more with the non-serial version so that I could actually run the installer, then installed to the drive in the Watchguard.
It didn't have a problem booting from the HDD installation, luckily, so I set up a barebones config from the command line so that I'd have a network connection, grabbed the updated BIOS image and flashed it, racked the box, and then restored my modified config file and switched my connections over.
So, to sum up some lessons learned:
- Upgrading to a Core2Quad 8200S and 8GB of RAM (two 4GB DDR2 800mhz low density sticks) worked perfectly without any other changes or tweaks necessary.
- The stock BIOS did recognize both the HDD and USB just by plugging them in and booting.
- Removing the CF card will cause the BIOS to set either the USB or HDD as bootable. Whether or not it will actually boot from them is another story…. ;-)
- Flashing the BIOS worked perfectly. However, flashrom now requires you to specify the programmer to be used for flashing, so the command line becomes:
flashrom -w xtm5_83.rom --programmer internal
- At least in my case, the CMOS did need to be cleared after flashing the BIOS for settings to be changed.
- The "user password" was still set in the BIOS, though it didn't cause any problems, I made sure to clear it just in case.
- I wanted to use lcdproc-dev directly so that I could try out the screens from the UI. As others have pointed out, the client has issues connecting to the server, which appears to be because localhost resolves to ::1. But if you haven't set up IPv6, the server won't be listening there. So I simply commented out the ::1 entry in /etc/hosts as I'm not using IPv6 on this network at all, and lcdproc thus far appears to be working without issue.
I think that about covers it. I'll follow up here if I run into any trouble or come up with anything fun, as I plan on fiddling with the lcdproc a bit at some point to at least see if I can make it a bit less finicky if/when time permits.
-
Hi All,
Just trying to read everything I can but I have a question about Stock BIOS or Flashrom. Can I upgrade the CPU to a Xeon and Menory using the Watchguard Stock BIOS or do I need to flash the Bios with Flashrom…..
Thanks
-
It is not necessary to flash the BIOS unless you want to make use of speedstep or specific features.
I upgraded both the RAM and processor before touching the BIOS to verify that everything was working, and it had no problem detecting them. Keep in mind that you will likely need to do some modifications to the processor and socket to do the Xeon, but the Core2 processors are supported natively.
-
Thanks TuxToaster for you speedy reply. I'm currently try to win a xtm 5 on ebay now. As for modifications to the Xeon chip or socket it is my understanding the socket is a lga775 as per the link below and this guy is running a Xeon 3370 Quad Core with 4x 3GHz. Please take a look at the web page you need to use chrome to translate to english and tell me what you think….
http://www.triebwerk23.de/joomla/index.php/firewalls/watchguard-xtm-5-xtm-505-515-525-545-pfsense-64-bit
Thanks
-
Good luck with the bid! As for the Xeon, it looks like a 3370 would actually work, as it is a LGA775 socket. Many of the Xeons are 771 sockets and have to be modified slightly to work.
So the 3370 will fit, the main concern I think anyone would have is the power usage, as it is a 95W TDP, as opposed to the 65W CPU that the machine is shipped with. The motherboard does indeed support it, but the power supply and cooling system are smaller than those in the system that the Watchguard was based on. I know a few others here have reported similar processors worked for them. You would just want to be cautious of the power usage and heat, particularly if the box is under a heavy traffic load.
It's worth noting that there is no fan directly over the CPU, there are two fans at the back of the case and the enclosure goes over both and the heatsink, but under extreme temperatures that may not move heat away from the CPU surface as quickly as a fan directly on the heatsink might, so it might pose problems down the road. I actually looked at putting in a low profile heatsink with fan on it, but it was slightly too tall to fit in the case.
As others have said, this is probably not a big issue and will likely work, but just some things to think about.
-
The FW-7580 that the XTM5 is based on was rated for 95W CPUs but it had more fans and a bigger PSU. I haven't fitted anything >65W myself.
I personally think that the ducted cooling solution used by Lanner/Watchguard is much better than a fan on the CPU directly. It may allow the CPU the become slightly hotter but it keeps everything else much cooler by extracting the hot air from the case.Steve
-
Greetings,
I just got two XTM 510s today, and after testing each port to satisfy myself that the units were fully functional, I took the time to inspect and write down some part numbers so I could easily replace fans and the like when they wore out. The PS fans are already starting to rattle and warble a bit. I hope this info will be suitable for the
https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox
page.
Watchguard XTM 510
HW Model: NC2AE8
Mother Board: MB-7580 W V1.2 A
Fans: Sunon Maglev GM1204PQB1-8A
1.5" x 1"
PS: FSP Group inc Model: FSP-150-50LE
Total 150W
Fan: Protechinc electric: MGA4012YB-A15
1.5" square x 0.5" thick
One SATA power connectorThe second one:
Mother Board: MB-7580 W V0.3 B
PS: Seventeam Model: ST-220FUB-05E
Total 220W
Fan: Sunon Maglev KDE1204PKVX
1.5" square x 0.75" thick
Two SATA power connectors
Rack Ears: WG8544Hope that's helpful,
Clif -
Thanks for your input about the power usage of the watchguard shipped with 65w CPU. I guess going over 65w may overheat. So I did some research and found this person on ebay selling a watchguad 510 with pfsense on it that he upgraded the cpu to xeon L5410 lga 771. The xeon L5410 is rated at 50w so that is within spec but I would need to do a Mod. to the CPU and mother board socket.
I won the bid for the Watchguard xtm so I should be getting it by this Tuesday and I order the xeon L5410 with conversion sticker to lga 775. 4 gb of LD ddr2 of ram.(I can't afford 2x4gb of ddr ram it cost like $140). I hope everything works when I put it together. I will leave the stock BIOS for now. But I may want to flash it if I feel risky.
Here is the link for LGA 771 to 775 MOD
http://www.overclock.net/t/1384920/good-news-for-the-lga775-now-771-is-available-to-convert-to-775-motherboard -
Just finished installing on a XTM 505 and a XTM 515. I put the pfsense-memstick-serial image on the 1 GB CF cards that were in the boxes, after making a backup image of the cards for safety sake. Plugged in a SATA SSD in each box, then booted, reading via serial connection at 115200 baud, till the BIOS finished loading. I then quickly reconnected at 9600 baud to get to the install screens. (You could skip watching at 115200, and just wait until the 9600 baud took over.) I did the Serial Kernel rather than the Standard Kernel, (or is it Custom?), so that I could get to the boxes after it rebooted without having to remove the SSDs and add the serial config info to the /cf/config/config.xml file. After the successful install, I removed the CF cards and booted up without a hitch.
If you are moving configs from an older setup to a new setup, the Ethernet ports are FXP0 for the 10/100 port, and then EM0 through EM5 for the gigabit ports. And remember to watch out for find and replace replacing parts of your certificates! :o
-
Yeah, don't use find and replace for converting interface names. That is the road to errors and confusion! ;)
I'm surprised you had to use 9600 for the memstick-serial images. Everything should be at 115200 from 2.2 on.Steve
-
Hi All,
Well got my Watchguard 505 in yesterday and had trobule installing and booting of a sata hard drive. It so happens @gharris sent out a message on what procedure gharris did and it worked like a charm.
Now I tough I can upgrade the CPU so looking around this forum some people said they where able to get a xeon lga771 to 775 up and running with stock bios. Well I did the procedure put the sticker on the CPU and cut out the tabs. Place 2 different xeon lga771 chips in and nothing. I will not boot.
So I decided to flashrom the bios which is pretty easy and that didn't help. Do I need to upgrade the bios? if so where can I get it.
If any one that did this conversion please let me know how you did it. I really would like to get ithe watchguard up and running with the xeon cpu
many thanks!
-
Have you proven the CPU in a 771 board? Perhaps it's dead. I assume that when you try to boot it you are seeing nothing at all, the same as if you boot with no CPU in it?
I haven't attempted this conversion but it looks like the placement of the adapter is critical and requires a fair degree of precision.Steve
-
Thanks for getting back to me. No I can't prove the CPU works because I don't have any 771 motherboards. But I purchased 2 CPU's for that reason and both don't work. Yes when I boot it is blank just like as if there is no CPU in the xtm5. The adapters took a lot of time to put on and on both CPU's I did my best putting them on. So I assume it is on correctly on each CPU.
There are a few amount of people in this thread said that they did the conversion but did not leave instruction on how they did it. Can someone that was successful on doing the 771 to 775 conversion please share what they did.
Many Thanks!
-
Hey guys,
I have some exciting news! After some research, I tried an experiment.
I have successfully achieved a Watchguard XTM 505 running a Quad Core Xeon L5420 CPU on pfSense!
The LGA 771 to 775 pin mod works! See: http://www.delidded.com/lga-771-to-775-adapter/
I bought this: http://www.ebay.com/itm/291073902038
You need to be very careful putting the sticker onto the CPU, and then ultra careful cutting the tabs off the motherboard. I did this with a Stanley knife.
Cheers,
Scott McNaught
http://www.synergy8.com/I am trying to do the same a you I purchased the same Xeon CPU L5420 and a L5410 got the adapters 771-775 and when I put it it into the xtm5 all I get is a blank screen. Did you upgraded your bios what if any modification you did to get this working. I have unlocked my bios with flashrom and still will not work. Any help would be grateful
thanks
-
Has anyone just gone the hacky way and put on a quiet fan like http://www.amazon.com/gp/product/B0039P998M/ref=ox_sc_act_title_2?ie=UTF8&psc=1&smid=A2T6N244WTLWGU and just leave the top off the case?
Mine is way nosier than I like it. XTM510
Edit:
Nevermind, just moved it to a spare room I am not in much. Need to move my whole rack in here. -
Has anyone just gone the hacky way and put on a quiet fan like http://www.amazon.com/gp/product/B0039P998M/ref=ox_sc_act_title_2?ie=UTF8&psc=1&smid=A2T6N244WTLWGU and just leave the top off the case?
Mine is way nosier than I like it. XTM510
Edit:
Nevermind, just moved it to a spare room I am not in much. Need to move my whole rack in here.Mine seriously isn't any louder than my desktop. In fact my switch in the same rack has a louder fan. But your solution is the same as mine. Moved to an almost unused room. :)
-
You can try reducing the minimum fan speed with WGXepc. By default the slowest speed that the fan is allowed to run at is quite high, far higher than is necessary to hold the target temperature.
However you need to be aware that the CPU temperature may not be the limiting factor here. If you slow the fan speeds you are reducing the airflow inside the case in general which may overheat some other components.
That also very true if you remove the top. The case fans then do nothing at all, there will be parts getting almost no cooling where previously there was some air flow through the case.
That said I've run mine with no top cover for days without issue. Not much load on it though.Steve
-
I've recently aquired a XTM 510 which I'm installing PFsense on, I'd like to be able to boot off a hard drive in order to utilize caching, could someone point me in the write direction if that is even possible? Without a video output it seems the standard builds wont' work and the nano builds would only give 4gb of space?
Thanks
Hi there. I run 2.1.2 on xtm 510 with 120GB SATA SSD drive. It works perfectly fine. Cache read speed for Squid is around 35MBps.
Edit:
Marion, could you please explain what you did to flash Steve's bios on to the XTM 5. Seemed so easy for you Anything I have have tried so far has not worked.
I flashed pfsense serial full install on an SDD… The console works when the bios loads up, but then when pfsense starts to load, the text goes invisible. Any suggestions?
-
Just finished installing on a XTM 505 and a XTM 515. I put the pfsense-memstick-serial image on the 1 GB CF cards that were in the boxes, after making a backup image of the cards for safety sake. Plugged in a SATA SSD in each box, then booted, reading via serial connection at 115200 baud, till the BIOS finished loading. I then quickly reconnected at 9600 baud to get to the install screens. (You could skip watching at 115200, and just wait until the 9600 baud took over.) I did the Serial Kernel rather than the Standard Kernel, (or is it Custom?), so that I could get to the boxes after it rebooted without having to remove the SSDs and add the serial config info to the /cf/config/config.xml file. After the successful install, I removed the CF cards and booted up without a hitch.
If you are moving configs from an older setup to a new setup, the Ethernet ports are FXP0 for the 10/100 port, and then EM0 through EM5 for the gigabit ports. And remember to watch out for find and replace replacing parts of your certificates! :o
I was able to make more progress with Gharris's method running 2.2.3. 115200 baud worked fine for me to view the bios and install screens.
The issue I'm having now is when I boot from the SSD after the install. Putty seems to print out invisible text as Pfsense boots. I installed the embedded kernal version. This was the same issue I had previously when I installed the full install directly to the SSD using a laptop. Any suggestion?
-
As recommended on this page-
sprechen Sie Deutsch?
http://www.triebwerk23.de/joomla/index.php/firewalls/watchguard-xtm-5-xtm-505-515-525-545-pfsense-64-bit
Advanced/Terminal Type- VT100
Ive rebooted one time after I made this change and it seemed to print out just fine for me for the first time. Before I would have to reset the terminal after the initial boot screen.