Watchguard XTM 5 Series

stephenw10

OK, so it only shows that the first time it is run. It only needs to setup the GPIO pin once.
It the BIOS was setting it up correctly it wouldn't have to so you would never see those messages. You could confirm that on the other box.
So we can say that, for some reason, the BIOS is not running the SIO table on that box.

Unfortunately I have no idea why that might be.

Steve

CodeJACK

Anyone upgraded to pfsense 2.5 yet? Any issues with compatibility for WGXepc64 or other mods mentioned in this thread?

dlucas46

@codejack

Did it last night on mine.

No major problems, except for issues with Core temp and the IPV6 Gateway bug.

I have swapped the processor for a Xeon and coretemp gets the wrong values. I fixed this before but the Kernel is now based on version 12 instead of 11 so I have had to recompile the module.

For those of you that are using Xeons, new coretemp module is attached here.

coretemp2.zip

Upload coretemp2.ko to /boot/modules/coretemp2.ko

Chmod 755 coretemp2.ko

In your /boot/loader.conf.local add the following:

coretemp2_load="YES"

Then reboot.

You should now have a correct temperature reading.

stephenw10

Yeah, works fine here. No significant issues seen so far, I've been running 2.5 snapshots on it for months.
Including the coretemp values with a Xeon:

Name 	xtm5.stevew.lan
System 	pfSense
Netgate Device ID: e436ea6ef44065f7f646	
BIOS 	Vendor: American Megatrends Inc.
Version: 080015
Release Date: Wed Feb 3 2010
Version 	2.5.0-RELEASE (amd64)
built on Tue Feb 16 08:56:29 EST 2021
FreeBSD 12.2-STABLE

The system is on the latest version.
Version information updated at Sun Feb 21 14:34:55 GMT 2021  
CPU Type 	Intel(R) Xeon(R) CPU L3110 @ 3.00GHz
Current: 2000 MHz, Max: 3000 MHz
2 CPUs: 1 package(s) x 2 core(s)
AES-NI CPU Crypto: No 

I'm guessing you're using a Xeon with a pin-mod?

Steve

dlucas46

@stephenw10

Yes it is a L5420 771 to 775 conversion.

Core temp thinks it is a core2duo. Both processors have the same ID.

CodeJACK

Great, ill plan for an upgrade so. Im using the box as a UniFi controller also. If there is no compatibility issues there, ill upgrade. Thanks!

stephenw10

Ah, well running unifi on there is probably completely untested. However you have installed that would need to be updated for FreeBSD 12. Really it's much better not to do that anyway.

Steve

bryanjlaz

I know this thread / topic is quite but I am just now getting into "flashing" an XTM 525 that I have had for years and didn't know where to begin nor really had the time. To be completely transparent, I am above average in knowledge in IT networking etc, but am definitely not up there with some of you guys. I encountered an issue while flashing and have no idea what it could be. The box powers on and that's pretty much it. Fans run like hell, full speed, never come down. The lCD is backlit and that is all. I was following a tutorial, I have actually seen it referenced here. Here is the link.

https://alpha-labs.net/2017/08/pfsense-on-watchguard/

I removed the CF Card in order to boot from the SSD's as instructed but the fans and the lcd are all I get. No serial output, nothing.

Any insight would be greatly appreciated.

stephenw10

You should see some output on the console even if there is no boot drive installed.
It should also beep and the fans should slow down when it POSTS.
If you don't see any of that it's probably failing to POST which is usually a hardware issue. Have you added any hardware components?

Steve

bryanjlaz

@stephenw10

Thanks for the quick reply. Yes, I swapped the cpu for an Intel E5700, put in 2 new ram modules (2gb each, non ecc), and was going to boot from 2 ssd's that have pfsense installed by another pc. Tried to boot from the ssd's and that was the 1st occurrence of the issue. I put all of the original hardware back in as well to no avail. I also put the CF card in a reader and it appeared to have been corrupted.

stephenw10

Hmm, try resetting the CMOS. Just pull the battery if the jumper is not obvious.

I assume it did boot correctly before you swapped in the CPU and RAM?

The CF card still had the WG OS on it?

The E8400 is better CPU choice IMO. As long as your RAM will run at 1333. 3x the L2 cache of the Pentium E5700. Or it will run a Core2Quad if you need it.

Steve

bryanjlaz

@stephenw10

Sorry it's been so long. I abandoned the project for a little bit due to work and life circumstances. I am starting to think I followed a botched tutorial or somehow missed something and botched it myself. I have since acquired another 5 series and have it running pfsense without any bios mods. On the previous box, discussed in my last comm, I had installed 2 ssd's, updated RAM, and the E3400 CPU. When I traced back everything I did, nothing stood out as a root cause of this issue. I have tested the box with another power supply and get the same reponse. Fans sound like they're going to lift off, all leds near the fans and cpu are illuminated. Is it possible for BIOS to have been wiped somehow? I am willing to purchase the appropriate kit/s and attempt to flash the bios via spi.

Regards

stephenw10

It's possible the BIOS was damaged but unlikely.
It's probably cheaper to get a different XTM5 than SPI flash interface so it depends why you're doing this.

bryanjlaz

@stephenw10

Just a learning experience more than anything really. I got the 1st box for free from a previous employer when they upgraded their network. IT guy told me to "Have at it" with the contents of the big pallet boxes of various equipment they were sending off to the recycling company. At the time I knew what it was but I didn't know it's potential and how sought after of a device it may have been more so at the time (2015). They took really good care of their equipment. Not a scratch, dent, or ding. I must be mistaken on what is required equipment wise to flash it. I take it the aardvark and not the usb with the battery jumper looking clip lol.

bryanjlaz

@bryanjlaz said in Watchguard XTM 5 Series:

@stephenw10

Just a learning experience more than anything really. I got the 1st box for free from a previous employer when they upgraded their network. IT guy told me to "Have at it" with the contents of the big pallet boxes of various equipment they were sending off to the recycling company. At the time I knew what it was but I didn't know it's potential and how sought after of a device it may have been more so at the time (2015). They took really good care of their equipment. Not a scratch, dent, or ding. I must be mistaken on what is required equipment wise to flash it. I take it the aardvark and not the usb with the battery jumper looking clip lol.

Forgot to add. The fact that it was such a good find for free, I hate to see it go to waste.

stephenw10

@bryanjlaz said in Watchguard XTM 5 Series:

Just a learning experience more than anything really

Oh well go for it then. I learned a lot playing with that box in.... 2012. (Wow).

Technically you can flash the chip using 4 resistors and a parallel port!
Anything that can write to SPI should do it.

What you are seeing currently is what happens if the BIOS is corrupt. But it's also what happens if it fails to post for some other reason like bad ram, bad CPU etc.

bryanjlaz

@stephenw10

Is there any positive outlook on any of the newer units? M200, 400 etc..

mr.rosh

@bryanjlaz From what i have experienced with the XTM 800 Series I had, somehow the watchgaurd device would only want to boot from the CF card as the first device.

Obviously my CF card was not faulty. So I ended up using WIN32DiskImager and imaged the pfsense 2.5.1 image to the CF card.
placed in and rebooted the CF card, and viola, the pfsense booted up.

couple of things.

1. do not format your CF card. there appears to be a specific sector or something that watchgaurd bios reads from cf card. just image it using the WIN32DiskImager [run as administraor]
2. unplug the power adapter and then plug in the CF card.
3. only plug in disk, in the 1st sata port, not 2nd sata port. watchguard would not boot up.
4. do all of this in the stock hardware[cpu and ram, this way u know all works, and install pfsense]
5. once installed, then u can upgrade cpu/ram.

hope this helps.

stephenw10

@bryanjlaz said in Watchguard XTM 5 Series:

Is there any positive outlook on any of the newer units? M200, 400 etc..

The M200/300 are ARM based so not worth trying currently. The M400 works fine.

Steve

gaiex

Hello Guys,

I've had a working pfsense XTM 5 for 4 months, than after upgrading to 2.5 when it came out, it started to crash sometimes and never understand what was causing it, even using 2.4.5.
Left the watchguard on the side for other 6 months and went with a pfsense VM, but after going without internet when doing maintence on the server was a no go.
So I'm revisiting the watchguard pfsense again.
This time I installed the 2.5.2 pfsense version on a new 120gb SSD, new sata cable, and reflashed the bios and looks like its working.
But before going further with pfsense configs and getting it in production I want to ask you guys what changes do you do in the BIOS beside the AHCI option ?
What about the ACPI, you keep it at v1.0 or change it to 2.0 or even 3.0 ?
Any more changes worth doing ?

ps: should we choose the MBR Dos partitions or GPT GUID partition table on the install ?

Thanks