Watchguard XTM 5 Series
-
Had been busy with this is parallel to my normal work (I did not have so much time, because I had hoped to have it finished).
However, my preliminary findings (pictures will come when I find the optimal solution):
-
Replacement of case & CPU fan is a huge success, this eliminates a lot of noise (understatement);
-
PSU fan can be modified, but it is in general noisy, currently thinking to go PicoPSU, currently investigating the options -> modifying PSU fan is not wortth the hassle in time (to investigate & find -> low noise replacements do not exist)
What PSU power would be correct, the one currenly build in is overpowered:
-
CPU=35W (Celeron
-
3 Fans = 0.48W*3=1.5W
-
Mobo = 25-40W
-
Mem=2~5W (orginal XTM 520 mem)
-
Enclosure = 5~10W (estimate)
-
Additional HD = 3W
This mean a total of 94.5W when all components are working at max performance.
From PicoPSU the following kits can be used (net yet tested myself):-
picoPSU-160-XT + 192W Adapter Power Kit
-
picoPSU-150-XT + 150W Adapter Power Kit
-
picoPSU-150-XT + 102W Adapter Power Kit
-
picoPSU-120 + 102W Adapter Power Kit (not recommended because you need an additional cable to convert a molex to a 4 PIN ATX)
Update 5-4-2016:
I got my hands on a picoPSU-150-XT + 102W Adapter Power Kit for 50 euro, which is quite a OK deal in Europe. Tested it yesterday and the box is super duper quiet. However when you have the box in thermal mode once in a while the fans spin up, which is not preferable. Better it is to have the fans by default spin a little faster than they do in thermal mode, in general the CPU will be cooled better and will never reach the BIOS threshold. Currenlty thinking of a way how to adjust.
(Probably by putting the fans in super fast mode in BIOS and adjust the speed with a resistor)
I hope to test this afternoon.Now I will see where I can get my hands on, to test this in my Firebox.
-
-
Upgraded to version 2.3 with an ouch.
"Package LCDproc-dev does not exist in current pfSense version and it has been removed. @ 2016-04-13 01:36:28"
Will be lurking and snooping around, will post possible fix. Unless someone already found it.
Looking at packages, no LCDproc nor LCDproc-dev available for 2.3 yet.
-
Looks like manual install lcdproc here:
https://forum.pfsense.org/index.php?topic=44034.525
Looking at the hits on this thread, we should add LCDproc and LCDproc-dev as packages soon.
-
Just a quick question because I could not yet find it so far. But can I use the ports of the XTM 520 to do a switch function?
It has 6 Gbit ports, 1 is for external (WAN), the others I would like to use for the same internal network (this removes an additional switch)
(Where or how can I do this?)Found it: https://forum.pfsense.org/index.php?topic=48947.msg269592#msg269592
(Missed it the first time) -
Just a quick question because I could not yet find it so far. But can I use the ports of the XTM 520 to do a switch function?
It has 6 Gbit ports, 1 is for external (WAN), the others I would like to use for the same internal network (this removes an additional switch)
(Where or how can I do this?)Found it: https://forum.pfsense.org/index.php?topic=48947.msg269592#msg269592
(Missed it the first time)Just keep in mind that's not really recommended. I do it here with two ports but only use those as VOIP adapter ports. The adapters never communicate with each other over the bridge.
-
Could only find that it impacts performance, not read (yet) any other negative effects.
-
Has anyone installed a full install of Linux on one of these ? I want to turn this into a NAC since it has so many NICS. The only downside is it requires a 'full' Linux installation.
-
question what are the 3 conectors on th pcie side i asume 1 is the second com poort ?
-
I have an XTM 505, not quite sure what I can do to rescue it yet. Here's what I know so far. The SSD was reporting ATA Status 51 errors. And a tech inadvertently zeroed out the root :o
I replaced the SATA cable just in case there was something wrong with the old one.
So it basically will let me get into BIOS, but obviously there's nothing to boot. I only have a SanDisk 256MB and Centon 16GB CF on hand. Tried loading pfSense onto the 16G since it won't fit on the 256MB, still didn't boot. It does seem like the BIOS is editable, though. So I'm wondering if this was flashed already since everything I'm reading here says it would be readonly otherwise. But definitely doesn't seem to like larger CF cards.
What exactly should I do to be able to boot from the embedded CF card? Try 2G/4G? Apparently NO local stores carry cards that small anymore, but I can have one overnighted. Couldn't I put a smaller OS image on the CF at least to get it to boot up from the 256MB (if that's the issue) so that I can put an OS back on the root drive of the SSD? This is our one and only firewall for a small business, so I'm definitely interested in getting her back up and running soon.
Thanks for any help.
-
Since my last post in February I have tried several times to get the system running. I have installed pfsense from a CD iso on a laptop and then moved the drive over to the XTM after the reboot phase.
Whilst connected with Putty I get lots of output and then finally boot seems to hang on:
ada0 at ata2 bus 0 scbus1 target 0 lun 0
ada0: <samsung 850="" ssd="" evo="" 120gb="" emt01b6q="">ACS-2 ATA SATA 3.x device
ada0: Serial Number S21UNSAG436895Z
ada0: 300.000MB/s transfers (SATA 2.x, UDMA5, PIO 512bytes)
ada0: 114473MB (234441648 512 byte sectors)
ada0: quirks=0x1<4K>
ada0: Previously was known as ad4</samsung>And I can not access it via web interface either (I assume because it hasn't loaded).
This is booting from an SSD and it seems to be running WG BIOS V1.2.
Any ideas?
P.S. I also got the following:
pcib3: <acpi pci-pci="" bridge="">irq 17 at device 28.1 on pci0
pci3: <acpi pci="" bus="">on pcib3
em1: <intel(r) 1000="" pro="" network="" connection="" 7.6.1-k="">port 0xac00-0xac1f mem 0xfe7e0000-0xfe7fffff,0xfe7dc000-0xfe7dffff irq 17 at device 0.0 on pci3
em1: Using MSIX interrupts with 3 vectors
em1: The EEPROM Checksum Is Not Valid
device_attach: em1 attach returned 5
pcib4: <acpi pci-pci="" bridge="">irq 18 at device 28.2 on pci0
pci4: <acpi pci="" bus="">on pcib4</acpi></acpi></intel(r)></acpi></acpi>A search showed me this thread -> https://forum.pfsense.org/index.php?topic=110634.0 but I would assume I need to get the dam thing to work before I can fix that. Could this be what is hanging the XTM boot?
P.P.S. I tried installing to the SSD on the laptop in AHCI and compatibility (IDE) mode but neither seems to work.
-
Read this?
http://www.triebwerk23.de/joomla/index.php/firewalls/watchguard-xtm-5-xtm-505-515-525-545-pfsense-64-bit
Or at least looked at the pictures? ;D
-
Thanks chpalmer. I had previously looked through that but I can't find anything that will help me. As I say, I can't do anything after that final bit of output about the SSD. I can't type :(
-
Ive never had any of the units Ive set up reject a cf card so Im at a loss here.
I have been using the Scandisk Ultra 4G cards if that helps.
All my units are on hard drives now as I think back. The one I run here at my main shop location was the first and just worked.
-
Sorry I obviously didn't make myself clear. I am trying this on an SSD and haven't tried a card. I only have a 1 GB CF card that was with the XTM so would have to use an old version of PFS that would fit. I will take that as my next avenue of testing.
-
Sorry I obviously didn't make myself clear. I am trying this on an SSD and haven't tried a card. I only have a 1 GB CF card that was with the XTM so would have to use an old version of PFS that would fit. I will take that as my next avenue of testing.
Sorry- read too fast and I should remember that. Ive read along since you've been trying…
Did you catch the bios settings for the SATA type drive in the article I linked. PATA first en such?
When you look at BIOS does the box see the drive? (You may have already answered and sorry if Im forgetful... busy here and going nuts. ;D )
-
Hi All,
First, thank you for putting together this amazing resource - there is so much info here and so much talent its unbelievable.
OK, ego bribe out of the way, I have come into possession of an xtm 515 and been trying to get pfsense 2.3 on it for a couple days without much success.
Pre-reqs - i got a usb-serial cable which works to acccess the bios - 115200, putty defaults (8n1). I can also watch the default xtm os start up on it ok on the original 1gb transcend cf card (i know the watchguard OS pretty well)
I got a 4gb cf card - i can flash the original watchguard firmware onto this and boot it, so i know the cf card is good and bootableprocess i am following is - apply 4gb amd64 image to cf card, replace card in the 515. start up xtm 515.
First time i booted it, it started up pfsense without argument and i was able to do the port assignment, so i shut down the box to rack it and use it.
now, it POSTs and displays the bios splash then does nothing else - no further output from serial port after it completes detection of devices
I can replace the 4gb cf card with the original 1gb card and boot original watchguard os OK, and i have tried applying the original firmware to the 4gb card and this boots ok also - i have read there is a bug with the baud rate 9600 after first boot, but i have also read the firmware 2.3 defaults to baud 115200 and that is what i used to run the initial setup anyway.
Now, even if i re-flash the cf card with a clean pfsense 2.3 it simply wont boot - it just hangs after POST and BIOS screen (but WILL boot fireware OS just fine)
I even tried an older firmware so i could flash the watchguard default 1gb cf card with a 1gb pfsense image but that wont get past BIOS either.
I also tried:
pulling mobo battery
ram pull
booting with baud rate 9600 selected
starting serial/terminal connection after POST/bios screenI know I shouldn't need to flash the bios to run pfsense on an xtm 515, just the cf card, and in any case to flash the bios I'd need to get a working pfsense environment on it.
Any clues anyone? Has anyone had this issue before? Should I just give up and throw the thing in the trash?
All clues greatly appreciated :)
Iain
-
Are you trying to start it with the console cable plugged in and console active? Try it both ways. with and without.
How long are you waiting? Ive noted my unit at times went a minute or two without doing anything.
Have a SATA drive you could try?
Dont throw it away! Someone will take it off your hands. ;D
-
Interesting…
I had tried flashing the 1GB CF card and it still wouldn't boot (I was really pissed).
I came back to this thread and saw this message about trying to boot without serial connected. This works reliably (out of four boots)! If I wait until the three beeps are heard in close proximity and then connect the console all is fine. I will now try and do the same with the SSD and report back.
-
I will try adding more patience and wait 5 mins before connecting…
Can't try the Sata port because I need to flash the bios to boot from it afaik? Or will it boot Sata if I remove the cf card? I've got enough Sata disks in the spare parts box... I'd kinda like to put an ssd and a ram upgrade in it anyway but I'm not spending any money on it unless I can get past step 1!
-
chpalmer - you are bang on the money - add more patience!
Waited 5 minutes until i heard the magic three beeps and THEN connected to the console. Bingo.
I'd waited over 15 minutes before with the console connected and no response - it seems NOT connecting to the console until boot is completed is the secret (obviously, I couldn't wait to see the progress before…)
Think I might buy a nice big SATA disk, because more storage is always good...
Thanks guys! No need to trash a perfectly good (but traded up, so no sale...) 515.