Watchguard XTM 5 Series
- 
 @stephenw10 Tried to boot from USB but am getting a message about needing to insert proper media. 
 I have a usb drive with pfSense-CE-memstick-serial-2.4.5-RELEASE-p1-amd64.img 
- 
 You will probably need to enable it in the BIOS. It's been so long since I did that I've forgotten what the defaults are. It can be made to boot USB. Mine does. Steve 
- 
 @stephenw10 Here are all my bios screenshots: 
  
  
  
  
  
  
  
  
- 
 I have Mass storage emulation type set to 'auto' otherwise it's the same. Are you sure the image is on the USB drive correctly? I recommend writing it with Etcher. Steve 
- 
 @stephenw10 Not sure what happened, attached an SSD I had tried before and now it works 
- 
 Has anyone upgraded the fans? 
- 
 You can replace them with something from Noctua for example. There are some references in this thread. I never bothered once I could set the minimum fan speed with WGXepc, those Noctua fans are expensive! Steve 
- 
 @dog2bert Noiseblocker BlackSilent Fan XM-2-40mm does the job for me, cheap and silent, even at full speed. The watchguard is in my living room. 
- 
 @stephenw10 What value should I use for the fan speed? 
 Can you set it in the BIOS now that I have it unlocked?Is 10 safe? Looks like the -f command doesn't work on the 5 series only -f2 /conf/WGXepc64 -f2 10 
- 
 I have the system fan set to 50. The CPU fan is connected to the other controller and WGXepc can't set that (yet). You can set it manually though. Steve 
- 
 @it-supportidata-se I have XTM 5 with the belwo BIOS 
 root@OPNsense:/conf # dmidecode | lessdmidecode 3.2Scanning /dev/mem for entry point. 
 SMBIOS 2.5 present.
 44 structures occupying 2148 bytes.
 Table at 0x000FBCD0.Handle 0x0000, DMI type 0, 24 bytes 
 BIOS Information
 Vendor: American Megatrends Inc.
 Version: 080015
 Release Date: 04/26/2010
 Address: 0xF0000
 Runtime Size: 64 kB
 ROM Size: 1024 kBI am safe to use this image to update my BIOS from https://sites.google.com/site/pfsensefirebox/home/xtm5_83.rom 
- 
 They should all be compatible AFAIK, I've yet to see one that was not. That's just the date from the gen2 models, there are a few posts here confirming it works. For example: 
 https://forum.netgate.com/post/797569Of course flashing the BIOS is always inherently risky. You could lose power part way though etc... And you're running the wrong OS...  Steve 
- 
 @stephenw10 
 Thanks Steve... BIOS flash was successfully...
 Still playing around with different firewalls before going production... if that makes sense 
- 
 The original Watchguard CF card OS boot is able to start Recovery Mode (SysB) or Safe Mode (SysA Safe) from LCD Keys 
 I think is something embedded in MBR or in GRUB stage...I had a crazy idea... how shall be hard making a multiboot like that to choice via LCD keys which disk / partition will have to start ? Obviously i think who should be the right one for the answer... 
 Stephen i'm very cold about ASM or C coding...
 I can only give an original Watchguard CF image and no more right now.
- 
 I believe that code is in BIOS and passed to GRUB. You will still see it try to boot recovery even without a CF card present. Steve 
- 
 @stephenw10 sorry for the delay... i tried without the CF Card and nothing happens during the startup phase on the LCD pressing UP or DOWN button of the case keypad... only the WG BIOS V 1.2 stay. 
 But you could be in right and some code could be embedded in bios too to storage a flag value somewhere...I'm affascinating by bios and i wish spend time investigating.. please may you give me some hints about software you used to modding the XTM5's AMI Bios ? 
 I tried to search on the web but i found only recent software that don't recognize this 1024k ROM.
- 
 [1] Install the flashrom tool pkg pkg install flashrom rehash[2] Download the new flash image cd /tmp fetch https://sites.google.com/site/pfsensefirebox/home/xtm5_83.rom md5sum xtm5_83.romThe MD5 has should be: e75bc93ca2db547a3facb8d611f0d441 [3] Reprogram the flash Read and save the original/current flash image flashrom -r rom.original –programmer internalWrite the new image flashrom -w xtm5_83.rom –programmer internalVerify the write was successful flashrom -v xtm5_83.rom –programmer internalPull the CMOS battery & mains power, wait a few minutes, reboot & voilà . 
 If everything's OK you can delete the new image file with:rm /tmp/xtm5_83.rom
- 
 For actually editing the image there are a number of tools that can open and modify the older pre-uefi AMI BIOSes. Including AMIs own proprietary tool amibcp. You'll have to go searching for that if you want to use it. 
 Bare in mind it's very easy to make an image that doesn't POST and then you need to reflash the chip directly. I did it several times! 
 https://forum.netgate.com/post/336712Steve 
- 
 @Dufflepod thanks i'm aware about that procedure. I wish to edit the .ROM file not just to push it on the CHIP as is. @stephenw10 i found the right (i think) 3.51 version of the amibcp tools but it seems to have a partial control on the bios. I think you found some more specific tool... to be able to change Arm/Disarm LED status and to change the LCD text during bios... 
 If you could help me at least telling me the name of the right software ;)
 I know after that i have to do my hard work on my own...
 Thanks
- 
 The ARM LED is set by setting the appropriate SIO registers. 
 The LCD message I changed by hex editing the right module directly. Which is why it had to be the same number of characters. 
