Watchguard XTM 5 Series

Fffrank

I'm a complete newbie to PFSense but jumped in with both feet on a Watchguard XTM. I got everything up and running (eventually) but my hardware has been crazy unstable. I can't find anything in PFSense logs but I did record this console output as it was crashing. Anyone offer any insight?

https://pastebin.com/K5p3TeD8

chpalmer

@fffrank said in Watchguard XTM 5 Series:

Anyone offer any insight?

https://pastebin.com/K5p3TeD8

My guess is that its going to be hardware related. (especially since I have a few of these out there working flawlessly as do others) First thing is to clean it.. Then re-seat everything you can.. CPU, memory.. ect.. You will need some heat sink compound to do the CPU.

Are you using a CF card or hard drive? Or..?

Fffrank

@chpalmer It just came in from ebay last week. I opened it up and cleaned it, upgraded the processor and ram. It's running off of a 30gb SSD.

Fffrank

One more thought: I don't have the right serial cable to initialize my switch so I've been using all 5 of the XTMs ethernet interfaces bridged. Could this be causing the problem? It seems MUCH more stable with only 1 lan port connected.

Fffrank

Seems to definitely be related to the drive. I've got errors and if I run a full smart scan it crashes it every time. It's a generic 30gb SSD. I had another one so I tried to install on that and had the same issues.

The only other drives I had on hand were a first generation SATA 36gb WD Raptor and a very old 60gb SATA drive that I peeled out of a MacBook. Neither of them would boot no matter what bios options I tried.

I'm going to purchase a new HD and try again, any recommendations? Should I stick with an SSD or is a traditional drive better?

stephenw10

Yeah those errors all look drive related.
I have seen some really weird stuff with a bad SATA cable, I'd swap that out if you haven't already.

As a test you can install to CF. The size will be limiting but it will prove the rest of the hardware. Be sure to remove the SWAP slice during the install and move /var and /tmp to RAM drives after the initial setup to limit writes to the flash if you do.

Steve

Fffrank

My problems have gone from bad to worse. I still can't boot from a SATA drive.... in fact, now I can't boot at all. The bios boot sequence comes up and I can get into the BIOS setup menus but it will never proceed past that. Even with no USB or SATA hooked up. Even with USB/SATA disabled.... it POSTS but then it just freezes up. No lights blink and it never proceeds to look for boot medium.

Is it bricked?!

stephenw10

Hmm, doesn't sound good. Does it show any devices in the boot selection in the BIOS?

Try booting a Nano image written to a CF card if you can. The default settings will try to boot that.

Steve

Fffrank

Yes, it shows the hdd in the BIOS. It also recognizes both the USB and the hdd and lists them during bootup.... And then it just stops. It never seems to get to the point of looking for boot media. No dice on the CF, either.

In fact, even with USB and IDE disabled and no CF card installed..... I don't get an error message. It boots, runs the memory test, and stops.

stephenw10

Hmm, the Nano image should definitely boot since there are no install options. How did you write it to the card?

Are you using the correct baud rate? I think the BIOS will be at 9600 by default but pfSense and the bootloader (everything after what you're seeing) will be at 115200.

Steve

Fffrank

@stephenw10 I burned the CF Card with Rufus and checked that it was bootable with BootableUSBTest. Here's all I get on boot:

https://pastebin.com/sthY2FXC

I did notice that my CPU is HOT (!!) 65-72 at idle. I'm wondering if I might have received a bad CPU or if I didn't apply enough thermal paste and it overheated. Think that could cause the problem?

stephenw10

It will run hot with only the BIOS setup, there is no CPU idle process at that point.

The fact it's showing the BIOS setup proves the CPU is good.

That output is at 115200bps?

Steve

Fffrank

This post is deleted!

Fffrank

@stephenw10 Yes, 115200.

When I first received the unit it would boot and then the console would cut off. After I reconnected it would show me the pfsense boot sequence. Once I flashed the bios, it wouldn't require the reconnection and displayed it all straight through.

It's actually acting the same way as the locked bios would with 3 exceptions. 1) Reconnecting doesn't yield any further console output. 2) The hard drive light initially blinks a bit and then stays solid on. 3) The cursor doesn't jump around at all.... It sits at the end of the boot sequence and doesn't move any further.

stephenw10

Hmm, hard to know what to suggest there then. You might try resetting the CMOS just in case it's picked up some rogue setting.

Steve

Fffrank

@stephenw10 yeah, I've pulled the battery and left the power off overnight and no change. It's a real stumper. :/

stephenw10

You have anything else you can test the CF card in?

Are you using the standard BIOS? You might try writing the unlocked one just to set the registers.

Steve

Fffrank

@stephenw10 Yeah. :/ It's the unlocked bios already and I don't have a way to flash anything else until I can get it to boot. I've got a new CF Card and processor I'm going to try tonight. Running out of other ideas.

samtap

I'm also in the process of turning an XTM 5 into a usable box with pfsense.
I've been reading various forum threads, blogs about the subject. But the details (which can be crucial...) are still a bit vague.

• I have no problem at all with console redirection. I can see BIOS POST, the Watchguard boot-menu and startup log and eventually the login prompt are all visible and usable with default serial console settings (baudrate 115200).
• I first created my own console cable (db9 to rj45) while waiting for delivery of a proper USB console cable. Double checked the pinout on my home-made cable but it wouldn't take my keyboard input, just display output of the XTM. Still don't understand why it doesn't work, but the ordered USB variant works fine....
• Installed pfsense to a hdd using a donor PC as described in many places. However, XTM fails to boot from hdd (with or without a CF card inserted). Not sure if it is due to donor-PC being in AHCI mode, or because I need to change boot-order of XTM in bios. Or maybe it is booting but i just don't see anything since my console is at 115200 baud and (i think) pfsense defaults to 9600? I would expect at least to see some garbage output if the baudrate is incorrect? I did read somewhere the XTM boots from SATA if CF is missing, but in other posts people seem convinced bios must be unlocked and boot order changed.

Next step: I need to unlock bios, either to enable AHCI mode and change boot device order. Can't find any good instructions for this, so i'm just going to try writing $random_linux live image to a spare CF card (and then use flashrom with xtm5_83.rom). That should allow me to enter and change bios settings to further debug booting from the hdd. fingers crossed

Fffrank

@samtap I believe you have to flash the PFSense HDD with an MBR boot record. I played around with this a bit using Rufus to write the image -- I don't remember the exact settings that I used but it sounds like that is your issue.