Proventia IBM Gx3002 install guidance



  • All - I bought an IBM Proventia GX3002 thinking pfsense was already installed.  Its not.  I havent done an install using serial console.

    specs
    via board
    ide hdd
    serial console (NO VGA)

    How do i install this pfsense?

    I was thinking doing  the memstick-serial.img but that doesnt seem to work. I see activity on the usb stick when I reboot but it see nothing on the serial console

    I know the serial console works because I can plug it into cisco ASA5505 and i see output on the terminal.  Not so for the IBM Gx3002.
    I dont know if this appliance supports booting from memstick.

    What image should I transfer to the onboard IDE HDD?  Has anybody installed pfsense on this appliance before?  Any guidance would be a big help.



  • one more thing, it might be the stupid serial console connection. I needed a  male to male adapter to connect. But not sure if it works or not.



  • To boot from the USB stick you will probably need to choose that option in the BIOS. You will probably be able to find a user manual or maintenance manual online and that will probably tell you how to get into the BIOS. (hit keyboard DEL key during a particular phase of the startup?)

    What serial port speed does the BIOS use?



  • says to connect using the default.

    " Create a new connection using the following settings:
    4. Press ENTER to establish a connection.
    When the connection is established, the Proventia Setup
    Configuration Menu appears.
    Tip: If you are unable to establish a connection, ensure the appliance
    has power and that you have started the appliance.
    Setting Value
    Communications Port Typically COM1 (depending on computer setup)
    Emulation VT100
    Bits per second 9600
    Data bits 8
    Parity None
    Stop bits 1
    Flow control None"



  • The problem i have is i see no output on the serial console. There is no VGA output… :(

    • there is currently activity on the USB but no output on the screen,  this is BS...


  • @source:

    The problem i have is i see no output on the serial console.

    That is the first thing you need to get working.

    You generally need a "cross over" (or "null modem") cable: Tx data on end A connects to Rx data on end B, Rx data on end A connects to Tx data on end B. Usually that means pin 2 on end A connects to pin 3 on end B, pin 3 on end A connects to pin 2 on end B.

    Does your documentation give the pinouts of the serial port you are using?


  • Netgate Administrator

    The gx3002 looks to have a standard male (with pins) DB9 serial port on it. A normal null modem cable should fit fine. If you had to use a gender changer you probably have the wrong cable.
    The Cisco ASA5505 has an RJ45 console port so I assume you must have used an adapter of some sort?

    Steve



  • Thanks for your help.  Sorry if this is a duplicate post.

    I needed the following:

    serial coupler
    null modem connector ( I assume null modem cable would have worked fine)
    usb to serial to connect to my mac.

    This had a 20GB IDE HDD, which made the box really loud and heavy. I removed it and I installed pfsense on a mini usb disk.  
    The installation asked me to install a customer kernel or standard. It would not boot with a standard kernel, so I re-installed pfsense and put an embedded kernel and it booted fine.

    ![photo 2-1.JPG](/public/imported_attachments/1/photo 2-1.JPG)
    ![photo 2-1.JPG_thumb](/public/imported_attachments/1/photo 2-1.JPG_thumb)
    ![photo 1-1.JPG](/public/imported_attachments/1/photo 1-1.JPG)
    ![photo 1-1.JPG_thumb](/public/imported_attachments/1/photo 1-1.JPG_thumb)


  • Netgate Administrator

    Ah, nice.
    Looks like a good box for pfSense. It seems to have LAN-bypass, did you have to disable that somehow?

    Steve



  • It is nice, for $50 on ebay.  Its very quiet with it running off usb memory stix.    IM not sure how the lan bypass works. I has two ports labeled as protected(red) and those don't light up when i plug an ethernet cable to them.  I dont know if there is a jumper on board that needs to be changed.  I didnt see anything in the bios.  I'll let you know.


  • Netgate Administrator

    Usually with LAN-bypass the two ports will default to bypass mode (where the two ports are simply connected together and not to the NICs internally) if the OS doesn't keep reseting the watchdog periodically. You can usually disable that function or set it permanently in either state using jumpers or in the BIOS setup, looks like you're aware of that.  :) Alternatively it may be possible to add the watchdog reset to pfSense and keep the LAN-bypass functionality.

    Steve



  • Next to the ethernet ports on the motherboard, there is a two red jumpers, moving the top one over to the right one space, enables these "protected ports."



  • Hi,

    Does this mean that even though it has 4 physical ports, only 2 are addressable in pfsense?


  • Netgate Administrator

    Nope, this box appears to have 4 Realtek 8139 interfaces. All are visible to pfSense and all will be usable once you've disabled the lan-bypass. At least that's how I read this thread in combination with this one: http://forum.pfsense.org/index.php/topic,60482.0.html

    Steve



  • I'm also looking for some help.  I bought 5 of these things and I've only gotten one to work after about 8 hours trying to get an installation on it.  In the end, I had to dd the 4GB nanobsd image to a HDD and install the HDD.  It worked once.

    Kinda getting frustrated with them at this point.  Has anyone here gotten pfsense to work on the device preferrrably using the entire capacity of the hard drive or is running from CompactFlash without getting the fault?  Any help at all is appreciated.  If I figure anything out on my own I'll post bask here.

    Source, when you say "top" do you mean looking at the device from the front or back.  I guess what I really want to know is the jumper closest to the bypass LED or farthest away?

    Thanks guys, looking forward to getting these up and running!



  • @TrevBaker:

    I'm also looking for some help.

    You could help the readers of this topic help you by providng more information.

    @TrevBaker:

    I bought 5 of these things and I've only gotten one to work after about 8 hours trying to get an installation on it.  In the end, I had to dd the 4GB nanobsd image to a HDD and install the HDD.  It worked once.

    You spent the 8 hours on the one box? or tried installs on a number of boxes?

    Please provide more details of what you mean by worked "once". Install completed then first reboot completed but thereafter it wouldn't boot to the option question? What changed that you consider it no longer "works"?



  • Hi,

    Fair enough Wallabybob.  Sorry for the wall of text that follows.  I am trying to use the 2.1 images and when I was successful in booting the USB I had to perform the boot delay trick.  I chose my words poorly.  When I said once, I meant that I was successful in getting only 1 to run, albeit with a 4GB nano image.  As far as I know it still works, but I set it aside to try and get the others to work.

    The 8 hours were spent over the course of two days on 4 of the 5 machines.  The fifth machine I opened up after I posted and found it damaged, I'm asking for a replacement.  So I have 4 machines to work with right now.  The first machine is 800MHz not 1GHz as advertised.  I suspect it's a clocking issue but have not had a chance to see what's up with that specific issue.

    I first imaged the LiveCD to a thumb drive and placed the thumb drive in the unit's top USB port.  I went into the BIOS and told it to boot from that drive first, then to boot to the HDD, then to boot to the "boot devices on the add-on card".  That last part if from memory, so the exact wording might be different.  The internal HDD is an 40G IDE from WD.  After letting it sit for about 30 minutes while I tried to find out more about the GX3002 it still sat at what i'll call "Pre-Boot" when the BIOS hands the machine over to the bootloader.  Nothing happened.

    I then powered off the machine and tired to re-image the LiveCD with no success.  I tried various options in the BIOS to get the booting from USB to work.  I tried imaging the memstick image to the USB drive with similar results. I then put the drive in an IDE to USB caddy and imaged the 4GB image to the disk directly.  This appeared to work but seemed to lock it up.  I also tried imaging the 512MB nano to a 512 CF card I have handy and I get the exact same result as Cougar 281 in the thread http://forum.pfsense.org/index.php?topic=60482.0

    I pulled another unit and stuck the USB drive with the memstick image on it and it booted to pfsense nearly immediately.  I could not install from the memstick image, when I tried option 99 (unlisted but it let me enter it at the prompt) I received an error about a missing script.  I tried the LiveCD image again but that would not boot at all.  I gave up for the day.

    Today I installed the IDE drive in another computer with a CDROM.  I burned the liveCD to a disc and loaded it up.  I was successful in formatting the drive and installing pfsense onto it.  I put the drive back in the (2nd) GX3002 and it would not boot.  Put the memstick imaged USB drive in it and it worked.  I could not get it to boot from the drive.  I took the drive out and imaged 4GB nano and it worked.  This is the only working one.  I tried the other two but they get stuck at the same place as the first when booting from the HDD.  Booting from USB works on the 3rd and I have not tried the 4th.

    But Trev, you might be wondering, why not run from USB? The answer is because I want to run from the whole HDD, not just 10% of it.  I want to use the proxy package and try and help save on transfer and speed up the connection for frequently used sites.

    I brought 3 of them home (second, third and fourth) this weekend to try and see what I can do.  If you guys have any ideas, I'm willing to try 'em.

    My first thing to try is to get the BIOS settings out of the only one that works and mirror it to the others.

    Thanks!


  • Netgate Administrator

    I assume you're using a serial console, yes?
    When you installed to the HD in a different machine did you select the embedded kernel or enable serial console in the webgui?

    The Nano images are the only thing that use serial console by default. Everything else requires you to take steps to enable it.
    The livecd image won't work in s USB flash drive. Use the memstick-serial image if you want to do everything on the box.

    Steve



  • @TrevBaker:

    I then powered off the machine and tired to re-image the LiveCD with no success.  I tried various options in the BIOS to get the booting from USB to work.  I tried imaging the memstick image to the USB drive with similar results. I then put the drive in an IDE to USB caddy and imaged the 4GB image to the disk directly.  This appeared to work but seemed to lock it up.

    I presume the "4GB image" is is the nanoBSD based image with VGA support (in file  pfSense-2.1-RELEASE-4GB-i386-nanobsd_vga.img.gz.) As Steve said, the file whose name doesn't include VGA is configured for a serial console so your monitor will quickly appear dead f you boot that.

    @TrevBaker:

    I pulled another unit and stuck the USB drive with the memstick image on it and it booted to pfsense nearly immediately.  I could not install from the memstick image, when I tried option 99 (unlisted but it let me enter it at the prompt) I received an error about a missing script.

    Can you give the exact text of the report? I have done a couple of installs from memstick image and not had any problems.

    @TrevBaker:

    Today I installed the IDE drive in another computer with a CDROM.  I burned the liveCD to a disc and loaded it up.  I was successful in formatting the drive and installing pfsense onto it.  I put the drive back in the (2nd) GX3002 and it would not boot.  Put the memstick imaged USB drive in it and it worked.  I could not get it to boot from the drive.

    Did you try changing anything (e.g. BIOS boot order)? Was anything reported when you attempted to boot from the IDE drive?

    @TrevBaker:

    I took the drive out and imaged 4GB nano and it worked.  This is the only working one.  I tried the other two but they get stuck at the same place as the first when booting from the HDD.

    What is on the screen when this happens? A screenshot (say from a mobile phone) attached to a reply might be more convenient than trying to type a screen full of text.

    @TrevBaker:

    My first thing to try is to get the BIOS settings out of the only one that works and mirror it to the others.

    I would concentrate on trying to get a single computer booting from the hard drive and providing as much information as you can to your replies. Then knowing a bit more about what a successful boot looks like you will probably be better placed to clone the settings.



  • Good morning!

    @wallabybob:

    I presume the "4GB image" is is the nanoBSD based image with VGA support (in file  pfSense-2.1-RELEASE-4GB-i386-nanobsd_vga.img.gz.) As Steve said, the file whose name doesn't include VGA is configured for a serial console so your monitor will quickly appear dead f you boot that.

    It's certainly possible that I used a vga image.  I did a lot of downloading images that first day.

    @wallabybob:

    Can you give the exact text of the report? I have done a couple of installs from memstick image and not had any problems.

    I feel stupid, really stupid.  I don't think I was using the serial version of the memstick image.  I tried so many things that I must have been really confused.  I erased all image files, re-downloaded the memstick-serial image and lo and behold, it works.  At least I've been able to access the installer and it appears to be installed correctly.  The only other thing I've done this morning is pull the battery to factory reset the BIOS on all units.  I learned that the BIOS default clock speed is 800MHz, so I can even fix that one I was going to send back.

    @wallabybob:

    Did you try changing anything (e.g. BIOS boot order)? Was anything reported when you attempted to boot from the IDE drive?

    I did change the boot order to allow the USB drive to boot first, then IDE.  When I was using just IDE, the USB option is removed from the boot order menu.  The BIOS seems to update itself based on what's plugged in.  One of my tests showed that if the USB, IDE and CF cards are all installed, I can see all of them.  As I remove devices, they disappear and preserve the original order configured.

    All in all, I apologize for wasting anyone's time here.  It did work in the end and I learned something valuable.  I also answered another question I posed to Source, the jumper in question is the furthest one from the Bypass LED header.

    Thanks again!



  • @stephenw10:

    I assume you're using a serial console, yes?

    Yes I am using the serial console with a null modem cable.

    @stephenw10:

    When you installed to the HD in a different machine did you select the embedded kernel or enable serial console in the webgui?

    I tried both, at least I thought I had.  My experience this morning tells me I didn't.



  • More as a reference for other folks…

    To disable the bypass:
    Remove the two screws on each side and pop the covers apart.

    With the board up and the e'net ports facing you, you'll see two red jumpers near the edge facing you.  The "top" jumper aka the one furthest from you, is the the one you want to move to the right.  The jumper below is probably already on the rightmost two pins.

    At this point you may want to remove the PATA hard drive because of what I'll suggest next.  I also removed the frame that holds the drive to get better airflow to the components.

    Re-assemble.

    Flip the unit so the bottom is facing you.  There's a plate to be removed.  Two of the screws show and 3 are hidden by the mfg's sticker (most likely).  If you remove the plate you'll find the so-dimm socket for the system memory AND a CF socket that is on the second PATA controller as the primary.  I burned the embedded 2 gig nanobsd (serial console) onto a 2gig CF, and installed it here.

    Once you re-assemble, the only thing that moves is the cpu fan.



  • Im also in the process of installing one of these boxes.  First tried the USB drive imge: pfSense-memstick-2.1-RELEASE-i386.img.gz

    Nothing continued to boot after it got past the bios checks.

    Phoenix - AwardBIOS v6.00PG, An Energy Star Ally
      Copyright (C) 1984-2003, Phoenix Technologies, LTD

    Proventia BIOS GX3002 Version R1.00.W1 T8 ( 11212006 )

    Main Processor : VIA C7 1.00GHz(100x10.0)
    Memory Testing : 1039296K OK +  8M shared memory

    DDR DIMM Speed : 533
    DDR DIMM Data Width : 64-Bit, Single Channel
    IDE Channel 0 Master : None
    IDE Channel 0 Slave  : None
    IDE Channel 1 Master : None
    IDE Channel 1 Slave  : None
                              Phoenix Technologies, LTD
                                System Configurations
    +==============================================================================+
    | CPU Type          : VIA C7              Base Memory      :    640K          |
    | CPU ID/ucode ID  : 06A9                Extended Memory  :1038336K          |
    | CPU Clock        : 1.00GHz            Cache Memory      :    128K          |
    |–----------------------------------------------------------------------------|
    | Diskette Drive A  : None                Display Type      : EGA/VGA          |
    | Diskette Drive B  : None                Serial Port(s)    : 3F8 2F8          |
    | Pri. Master Disk  : None                Parallel Port(s)  : None            |
    | Pri. Slave  Disk  : None                DDR2 SDRAM at Rank : 0 1            |
    | Sec. Master Disk  : None                                                    |
    | Sec. Slave  Disk  : None                                                    |
    +==============================================================================+

    USB Storage Device : VBTM    Store 'n' Go    5.00...Full Speed device 1.X

    PCI device listing ...
    Bus No. Device No. Func No. Vendor/Device Class Device Class              IRQ

    0      8        0    10EC  8139  0200  Network Cntrlr              11
        0      9        0    10EC  8139  0200  Network Cntrlr              7
        0      10        0    10EC  8139  0200  Network Cntrlr              5
        0      15        0    1106  0571  0101  IDE Cntrlrtrlr              14
        0      16        0    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr    11
        0      16        1    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr    11
        0      16        2    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr      7
        0      16        3    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr      7
        0      16        4    1106  3104  0C03  USB 2.0 EHCI Cntrlr          5
        1      0        0    1106  3344  0300  Display Cntrlr              11



  • And here is the post from when trying to use the CF card with pfSense-2.1-RELEASE-4g-i386-nanobsd.img.gz

    Phoenix - AwardBIOS v6.00PG, An Energy Star Ally
      Copyright (C) 1984-2003, Phoenix Technologies, LTD

    Proventia BIOS GX3002 Version R1.00.W1 T8 ( 11212006 )

    Main Processor : VIA C7 1.00GHz(100x10.0)
    Memory Testing : 1039296K OK +  8M shared memory

    DDR DIMM Speed : 533
    DDR DIMM Data Width : 64-Bit, Single Channel
    IDE Channel 0 Master : None
    IDE Channel 0 Slave  : None
    IDE Channel 1 Master : SanDisk SDCFH-004G HDX 6.03
    IDE Channel 1 Slave  : None
                              Phoenix Technologies, LTD
                                System Configurations
    +==============================================================================+
    | CPU Type          : VIA C7              Base Memory      :    640K          |
    | CPU ID/ucode ID  : 06A9                Extended Memory  :1038336K          |
    | CPU Clock        : 1.00GHz            Cache Memory      :    128K          |
    |–----------------------------------------------------------------------------|
    | Diskette Drive A  : None                Display Type      : EGA/VGA          |
    | Diskette Drive B  : None                Serial Port(s)    : 3F8 2F8          |
    | Pri. Master Disk  : None                Parallel Port(s)  : None            |
    | Pri. Slave  Disk  : None                DDR2 SDRAM at Rank : 0 1            |
    | Sec. Master Disk  : LBA,ATA 33, 4000MB                                      |
    | Sec. Slave  Disk  : None                                                    |
    +==============================================================================+

    PCI device listing ...
    Bus No. Device No. Func No. Vendor/Device Class Device Class              IRQ

    0      8        0    10EC  8139  0200  Network Cntrlr              11
        0      9        0    10EC  8139  0200  Network Cntrlr              7
        0      10        0    10EC  8139  0200  Network Cntrlr              5
        0      11        0    10EC  8139  0200  Network Cntrlr              10
        0      16        0    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr    11
        0      16        1    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr    11
        0      16        2    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr      7
        0      16        3    1106  3038  0C03  USB 1.0/1.1 UHCI Cntrlr      7
        0      16        4    1106  3104  0C03  USB 2.0 EHCI Cntrlr          5
        1      0        0    1106  3344  0300  Display Cntrlr              11



  • Apparently, Mac has a different way of writing the image than physdiskwrite on windows.  Booting just fine now.



  • Anyone know where more of these can be picked up from?


  • Netgate Administrator

    You just have to get lucky on Ebay.  ;)

    Steve



  • Yeah kicking myself when i saw a auction with quantity 50 and I only got 2 about a year ago.  Haven't seen any sense.

    BTW has anyone tried the other proventia hardware?  The GX4004-C seems to be available and is already rackmount ready.  I can't seem to find information on the board itself to see if it's running the correct processor to even attempt an install.



  • I did the same…only bought two.

    However I just bought another model E1500. They are rackmount, P4 3.x Ghz, 2GB RAM and 80GB Hard Drive. They have (5) Gigabit ports and one PCI slot. So hardware sounds great but I'm having an issue with the ports. for some reason I can't get them to work or only 1 or 2 (very odd). Its seems there could be linked ports like on the Gx3002 but can't find any jumper(s) or setting to change. Anyone work with one of these before and have any ideas? If someone can help me get all the ports going I would be happy to send them one of the units as a thank you.

    Thanks,
    Adam


  • Netgate Administrator

    You mean the ES1500? This?

    Can you access the BIOS? If this box is using LAN by-pass it's often configurable there.

    Steve



  • Steve,

    Thank you for the reply. Yes, the ES1500. I have checked in the BIOS but did not find anything there.

    Thanks,
    Adam



  • Ok, so after further work it seems that they are not actually by-pass. It seems there might be driver or config issues. I brought all the connection down from the shell and then brought one by one up manually. After that each seem to work. I then enabled one by one in pfsense and confirmed each working. Rebooted a few times to make sure they kept working and no issue. Not sure why this is  because I was even getting pfsense reporting the interface link up even with no cable plugged in before I went through these steps. It seems there is some others that have had similar issues with watchguard devices which use the same interface chipset. I did find the below link about updating the firmware but have not tried that and not sure it is needed.

    https://forum.pfsense.org/index.php/topic,20095.msg250430/topicseen.html#msg250430

    So at this time I have everything working great and will continue testing other the next several days to see if there is any stability issues.


  • Netgate Administrator

    Ah ok.
    The Marvell 88e8053 NICs as reported in the link can suffer a lock-up. In the Watchguard boxes it usually only happens under heavy load and is reported as a "watchdog timeout" in the logs. There is an easy workaround though:
    https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Known_Issues_2
    The firmware (actually more like a group of register settings) update didn't help the watchdog issue. It only removed errors from yhd boot log. Are you seeing those errors? Which version are you NICs running? What does the following report:

    pciconf -l | grep msk
    

    Steve