Watchguard XTM 5 Series
-
I looked through this thread quite quickly and could not find this so reposting just in case.
To put WGXepc64 on an XTM5 box.. and make the arm light go green..
From the console.. each of these commands.
/root
fetch https://github.com/stephenw10/WGXepc/raw/master/WGXepc64
chmod +x WGXepc64From the GUI..
Use the shellcmd package to execute the command at startup.
System > Packages
Available Packages Tab
Locate Shellcmd
Select the + icon to the right
Confirm install is complete
Services > Shellcmd
Click the + icon to add a new command
Enter in the following
Command: /root/WGXepc64 -l green
Shellcmd Type: Shellcmd
Description: Green Arm Light
Reboot
Confirm -
Hi Guys,
Asking for a little pointer here. I have been using PFS 2.1.2 on Watchguard X550e for a few years now but wanted to update and noted comments that these units wouldn't run the latest version because of not supporting x64. So I acquired myself a Watchguard xtm 5 (not sure which model it is) in keeping with the red.
I have downloaded the current memstick-serial but have not made any attempts to flash the bios as a number of the posts said this was not necessary.
I am posting my log below but it is sticking at ata2: <ATA channel> at channel 0 on atapci1 on first boot from CF I cannot find any reference to that error and am thinking I must have made some silly mistake so any pointers appreciated.
Thanks in advance
LukeAMIBIOS(C)2006 American Megatrends, Inc. MB-7580 Ver.WD0 04/26/2010 CPU : Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Speed : 2.60 GHz Press DEL to run Setup (F4 on Remote Keyboard) Press n if you want to boot from the network Press F11 for BBS POPUP (F3 on Remote Keyboard) The MCH is operating with DDR2 800 DRAM Timing: Tcl:6/Tras:18/Trp:6/Trcd:6/Twr:6/Trfc:52/Twtr:3/Trrd:3/Trtp:3 Initializing USB Controllers .. Done. 2014MB OK Auto-Detecting Pri Master..IDE Hard Disk Auto-Detecting 3rd Slave...IDE Hard Disk Ultra DMA Mode-5, S.M.A.R.T. Capable and Status OK /boot/config: -S115200 -h Consoles: serial port BIOS drive C: is disk0 BIOS drive D: is disk1 BIOS 639kB/2060928kB available memory FreeBSD/x86 bootstrap loader, Revision 1.1 (Wed Nov 21 08:03:01 EST 2018 root@buildbot2.nyi.netgate.com) Loading /boot/defaults/loader.conf - - __ _ __ / _|___ ___ _ __ ___ ___ | '_ \| |_/ __|/ _ \ '_ \/ __|/ _ \ | |_) | _\__ \ __/ | | \__ \ __/ | .__/|_| |___/\___|_| |_|___/\___| |_| +============Welcome to pfSense===========+ __________________________ | | / ___\ | 1. Boot Multi User [Enter] | | /` | 2. Boot [S]ingle User | | / :-| | 3. [Esc]ape to loader prompt | | _________ ___/ /_ | | 4. Reboot | | /` ____ / /__ ___/ | | | | / / / / / / | | Options: | | / /___/ / / / | | 5. [K]ernel: kernel (1 of 2) | | / ______/ / / | | 6. Configure Boot [O]ptions... | |/ / / / | | | / /___/ | | | / | | | /_________________________/ +=========================================+ /boot/kernel/kernel text=0x17c1930 data=0xb93d38+0x557b28 syms=[0x8+0x197400+0x8+0x197f72] Booting... KDB: debugger backends: ddb KDB: current backend: ddb Copyright (c) 1992-2018 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 11.2-RELEASE-p10 #9 4a2bfdce133(RELENG_2_4_4): Wed May 15 18:54:42 EDT 2019 root@buildbot1-nyi.netgate.com:/build/ce-crossbuild-244/obj/amd64/ZfGpH5cd/build/ce-crossbuild-244/pfSense/tmp/FreeBSD-src/sys/pfSense amd64 FreeBSD clang version 6.0.0 (tags/RELEASE_600/final 326565) (based on LLVM 6.0.0) VT(vga): resolution 640x480 CPU: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz (2593.56-MHz K8-class CPU) Origin="GenuineIntel" Id=0x1067a Family=0x6 Model=0x17 Stepping=10 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> Features2=0xc00e3bd<SSE3,DTES64,MON,DS_CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,XSAVE,OSXSAVE> AMD Features=0x20100800<SYSCALL,NX,LM> AMD Features2=0x1<LAHF> VT-x: HLT,PAUSE TSC: P-state invariant, performance statistics real memory = 2147483648 (2048 MB) avail memory = 1985601536 (1893 MB) Event timer "LAPIC" quality 100 ACPI APIC Table: <042610 APIC1157> FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs FreeBSD/SMP: 1 package(s) x 2 core(s) ioapic0 <Version 2.0> irqs 0-23 on motherboard SMP: AP CPU #1 Launched! Timecounter "TSC-low" frequency 1296778444 Hz quality 1000 ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff80681430, 0) error 1 random: entropy device external interface ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff806814e0, 0) error 1 ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff80681590, 0) error 1 iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff806a8460, 0) error 1 iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff806a8510, 0) error 1 iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff806a85c0, 0) error 1 wlan: mac acl policy registered kbd1 at kbdmux0 netmap: loaded module module_register_init: MOD_LOAD (vesa, 0xffffffff8120aaa0, 0) error 19 nexus0 vtvga0: <VT VGA driver> on motherboard cryptosoft0: <software crypto> on motherboard padlock0: No ACE support. acpi0: <042610 RSDT1157> on motherboard acpi0: Power Button (fixed) cpu0: <ACPI CPU> on acpi0 cpu1: <ACPI CPU> on acpi0 attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0 Timecounter "i8254" frequency 1193182 Hz quality 0 Event timer "i8254" frequency 1193182 Hz quality 100 atrtc0: <AT realtime clock> port 0x70-0x71 irq 8 on acpi0 atrtc0: registered as a time-of-day clock, resolution 1.000000s Event timer "RTC" frequency 32768 Hz quality 0 Timecounter "ACPI-fast" frequency 3579545 Hz quality 900 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0 pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0 pcib0: _OSC returned error 0x10 pci0: <ACPI PCI bus> on pcib0 pcib1: <ACPI PCI-PCI bridge> irq 16 at device 1.0 on pci0 pci1: <ACPI PCI bus> on pcib1 pci1: <encrypt/decrypt, network/computer crypto> at device 0.0 (no driver attached) vgapci0: <VGA-compatible display> port 0x6800-0x6807 mem 0xfe000000-0xfe3fffff,0xd0000000-0xdfffffff irq 16 at device 2.0 on pci0 agp0: <Intel G41 SVGA controller> on vgapci0 agp0: aperture size is 256M, detected 32764k stolen memory vgapci0: Boot video device pcib2: <ACPI PCI-PCI bridge> irq 16 at device 28.0 on pci0 pcib2: [GIANT-LOCKED] pci2: <ACPI PCI bus> on pcib2 em0: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0x9c00-0x9c1f mem 0xfe6e0000-0xfe6fffff,0xfe6dc000-0xfe6dffff irq 16 at device 0.0 on pci2 em0: Using MSIX interrupts with 3 vectors em0: Ethernet address: 00:90:7f:9a:09:23 em0: netmap queues/slots: TX 1/1024, RX 1/1024 pcib3: <ACPI PCI-PCI bridge> irq 17 at device 28.1 on pci0 pcib3: [GIANT-LOCKED] pci3: <ACPI PCI bus> on pcib3 em1: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0xac00-0xac1f mem 0xfe7e0000-0xfe7fffff,0xfe7dc000-0xfe7dffff irq 17 at device 0.0 on pci3 em1: Using MSIX interrupts with 3 vectors em1: Ethernet address: 00:90:7f:9a:09:24 em1: netmap queues/slots: TX 1/1024, RX 1/1024 pcib4: <ACPI PCI-PCI bridge> irq 18 at device 28.2 on pci0 pcib4: [GIANT-LOCKED] pci4: <ACPI PCI bus> on pcib4 em2: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0xbc00-0xbc1f mem 0xfe8e0000-0xfe8fffff,0xfe8dc000-0xfe8dffff irq 18 at device 0.0 on pci4 em2: Using MSIX interrupts with 3 vectors em2: Ethernet address: 00:90:7f:9a:09:25 em2: netmap queues/slots: TX 1/1024, RX 1/1024 pcib5: <ACPI PCI-PCI bridge> irq 19 at device 28.3 on pci0 pcib5: [GIANT-LOCKED] pci5: <ACPI PCI bus> on pcib5 em3: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0xcc00-0xcc1f mem 0xfe9e0000-0xfe9fffff,0xfe9dc000-0xfe9dffff irq 19 at device 0.0 on pci5 em3: Using MSIX interrupts with 3 vectors em3: Ethernet address: 00:90:7f:9a:09:26 em3: netmap queues/slots: TX 1/1024, RX 1/1024 pcib6: <ACPI PCI-PCI bridge> irq 16 at device 28.4 on pci0 pcib6: [GIANT-LOCKED] pci6: <ACPI PCI bus> on pcib6 em4: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0xdc00-0xdc1f mem 0xfeae0000-0xfeafffff,0xfeadc000-0xfeadffff irq 16 at device 0.0 on pci6 em4: Using MSIX interrupts with 3 vectors em4: Ethernet address: 00:90:7f:9a:09:27 em4: netmap queues/slots: TX 1/1024, RX 1/1024 pcib7: <ACPI PCI-PCI bridge> irq 17 at device 28.5 on pci0 pcib7: [GIANT-LOCKED] pci7: <ACPI PCI bus> on pcib7 em5: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0xec00-0xec1f mem 0xfebe0000-0xfebfffff,0xfebdc000-0xfebdffff irq 17 at device 0.0 on pci7 em5: Using MSIX interrupts with 3 vectors em5: Ethernet address: 00:90:7f:9a:09:28 em5: netmap queues/slots: TX 1/1024, RX 1/1024 uhci0: <Intel 82801G (ICH7) USB controller USB-A> port 0x7080-0x709f irq 23 at device 29.0 on pci0 usbus0 on uhci0 usbus0: 12Mbps Full Speed USB v1.0 uhci1: <Intel 82801G (ICH7) USB controller USB-B> port 0x7000-0x701f irq 19 at device 29.1 on pci0 usbus1 on uhci1 usbus1: 12Mbps Full Speed USB v1.0 uhci2: <Intel 82801G (ICH7) USB controller USB-C> port 0x6c00-0x6c1f irq 18 at device 29.2 on pci0 usbus2 on uhci2 usbus2: 12Mbps Full Speed USB v1.0 uhci3: <Intel 82801G (ICH7) USB controller USB-D> port 0x6880-0x689f irq 16 at device 29.3 on pci0 usbus3 on uhci3 usbus3: 12Mbps Full Speed USB v1.0 ehci0: <Intel 82801GB/R (ICH7) USB 2.0 controller> mem 0xfe4ff800-0xfe4ffbff irq 23 at device 29.7 on pci0 usbus4: EHCI version 1.0 usbus4 on ehci0 usbus4: 480Mbps High Speed USB v2.0 pcib8: <ACPI PCI-PCI bridge> at device 30.0 on pci0 pci8: <ACPI PCI bus> on pcib8 fxp0: <Intel 82801GB (ICH7) 10/100 Ethernet> port 0x8c00-0x8c3f mem 0xfe5ff000-0xfe5fffff irq 20 at device 8.0 on pci8 miibus0: <MII bus> on fxp0 inphy0: <i82562ET 10/100 media interface> PHY 1 on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow fxp0: Ethernet address: 00:90:7f:9a:09:22 isab0: <PCI-ISA bridge> at device 31.0 on pci0 isa0: <ISA bus> on isab0 atapci0: <Intel ICH7 UDMA100 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xffa0-0xffaf at device 31.1 on pci0 ata0: <ATA channel> at channel 0 on atapci0 atapci1: <Intel ICH7 SATA300 controller> port 0x7c00-0x7c07,0x7880-0x7883,0x7800-0x7807,0x7480-0x7483,0x7400-0x740f mem 0xfe4ffc00-0xfe4fffff irq 19 at device 31.2 on pci0 ata2: <ATA channel> at channel 0 on atapci1
-
Is that booting from the memstick-serial image written to CF? Or it booted from USB and installed to CF and then booted from that?
IIRC it will only boot from USB if nothing else bootable is present, which is a problem.Do you want to run from CF or install a SATA drive?
Steve
-
@stephenw10 The first one booted from memstick-serial written to CF I want to install to HD but it isn't getting that far.
Thanks
-
What exact image did you use? You should be using, for example, this:
https://nyifiles.pfsense.org/mirror/downloads/pfSense-CE-memstick-serial-2.4.4-RELEASE-p3-amd64.img.gzDoes it boot further if you disconnect the SATA drive?
Steve
-
@stephenw10 My exact filename is pfSense-CE-memstick-serial-2.4.4-RELEASE-p3-amd64.img it was downloaded from https://www.pfsense.org/download/ and selecting the boxes AMD64, USB Memstick Installer, Serial, New York.
I download on a mac so it may automatically unzip the file for me. Should I try the image location you suggest?
If I disconnect the HHD it is exactly the same, in fact I thought that was the issue at first as I booted without HDD attached.
Thanks
-
In my experience, you have to flash the modified bios since the official bios is locked and many options can't be changed i.e. the boot device preferences, by default it only boots from CF even if nothing else is attached. I was able to run the pfSense installer from CF and install to SATA disks, but it still refused to boot. You'll need the bios firmware, flash tool and some OS, boot that from CF just to flash the bios (you could likely even use the factory firmware and serial console for it, if you can find a compatible flash tool binary). After flashing lots of options that used to be read-only can now be changed and you can boot from SATA, USB etc. In addition with the modified bios pfSense can use front LCD to display some useful stats.
-
@samtap Ok, I thought that may be thew case, but many people on here have said to flash the bios from within pfsense, but mine will not even get that far.
@stephenw10 As you were asking about the image i tried making it on a Win7 PC incase it was the mac no writing it correctly to the CF but I get exactly the same response and it freezes in the same spot. Could my putty settings be wrong and it freezes once it goes into the setup program??
Thanks
-
I think there must be subtle differences between different xtm series and maybe even hardware revisions. For example people claim it boots USB/SATA once you disconnect CF reader, I believe them but for my xtm5 it didn't work like that.
By the way, are you sure it freezes during boot? It might be just the serial console settings that change after it gets through POST and starts booting the OS...
-
Ok.
So I went a step further and used my CF card and HDD connected to a VM and installed pfsense onto the hdd.
Tried hdd in xtm and hdd booted fine unto the exact same point.
So put the hdd back into the vm and booted the hdd and completed the setup with the network card configuration. and then restarted pfsense a couple of times to make sure it was booting all the way through with no questions hoping up. Then put hdd back into xtm and it boots up still to the exact same point, but I have my laptop plugged into port one to see if it gets an IP with the thought that maybe the console is freezing but it isn't getting an IP. And before you think it, yes I did remove the CF card.
Have removed the encryption card in case that was causing an issue but with no joy
So am now not sure what to do next?
Do I have a broken box or do I just need to find a way to flash the bios? I did note at the bios screen I have a date of 04/26/2010 which seems different from the date previously mentioned with bios flashes.
Thanks again
Luke -
It's an odd place in the boot to stop. It's well after the loader variables are set, which is where it would break if you had the wrong baud rate configured. It's before it mounts the root filesystem, which is where it stops writing to all consoles so is thas last thing you see if you have the VGA console set as primary.
Does it still boot the WG OS correctly? Or, say, the OpenWRT x86 image if you don't have the original OS?Steve
-
@stephenw10 Haha, I did power it up before I started and from what I could tell it booted normally. However in the messing about between writing images to CF cards I have overwritten the CF card that came in the unit so now can't check again :-(
Thanks
Luke -
@stephenw10 I down loaded openwrt-18.06.4-x86-generic-combined-ext4.img and the unit boots with it but the serial port settings must be different as it comes up with garbage while booting looking around it seems to be 115200/8/1/None which is what I have set.
Thanks
Luke -
Hmm, I thought that was the default now in OpenWRT too. Try 9600 though.
Maybe you have a bad serial cable? Trying to use the extended serial lines and failing?
Steve
-
@stephenw10 Tried 9600 - no joy different garbage but still garbage. I am starting to wonder about the serial cable too but I need to look and see if I have any others with the rj45 end on them.
Thanks
Luke -
With any half recent serial terminal you only need three connections. More than that might just break stuff if it's not wired correctly. Certainly to connect to pfSense you only need 3 pins connected.
Some older stuff like the X-e bios and FreeDOS required more.Steve
-
@stephenw10 Have tried three different cables now and all with the same results, lost
Luke
-
If you can find one you might try an old NanoBSD serial image directly on the CF card. There are still some mirrors out there hosting them even though they shouldn't be.
Steve
-
I have now tried versions 2.3.5 in both amd64 and i386 and both freeze at the same point as version 2.4.4 I have also tried removing some memory and moving it between banks.
I have also tried to boot the old CF card I used to flash the x550 bios, not to use on this bios but just to see if I can get a dos prompt but again all I get is garbage once past the post screen.
I suspect I need to flash the bios but how can I do this if nothing will load? Failing that I think my box may be a dud :-(
Can't think of anything else left to try now.
Luke
-
@stephenw10 Would this be the right one to try pfSense-CE-2.3.5-RELEASE-4g-i386-nanobsd.img.gz it doesn't say serial but some of the others do say VGA?
The previous versions I have tried have all been memstick versions
Thanks
Luke