Watchguard Firebox XTM 8 Series
-
Mine had the 2GB CF card installed and a 250GB SATA hard drive mounted in a factory mount and connected.
-
I stand corrected. Do you have a picture of the mount?
-
@daveinfla:
Mine had the 2GB CF card installed and a 250GB SATA hard drive mounted in a factory mount and connected.
Ooo. Fancy. ;)
Probably for use as a cache. I'm not aware of any models based on the XTM8 like the old SSL models were. They came with a HD instead of CF.
Steve
-
2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 Found Firebox XTM8 WGXepc Version 1.3 5/3/2018 stephenw10 WGXepc can accept two arguments: -f (CPU fan) will return the current and minimum fan speed or if followed by a number in hex, 00-FF, will set it. -f2 (System fan) will return the current and minimum fan speed or if followed by a number in hex, 00-FF, will set it. -l (led) will set the arm/disarm led state to the second argument: red, green, red_flash, green_flash, red_flash_fast, green_flash_fast, off -b (backlight) will set the lcd backlight to the second argument: on or off. Do not use with LCD driver. -t (temperature) shows the current CPU temperature reported by the SuperIO chip. X-e box only. Not all functions are supported by all models [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -f Found Firebox XTM8 Current CPU fanspeed is ???, minimum is 3f [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -f 37 Found Firebox XTM8 IT87 Fanctl set to sane defaults Minimum CPU fanspeed set to 37 [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -f2 Found Firebox XTM8 Current System fanspeed is ???, minimum is 38 [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -l green_flash_fast Found Firebox XTM8 IT87 GPIO pins configured [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -l green Found Firebox XTM8
;)
Steve
-
2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 Found Firebox XTM8 WGXepc Version 1.3 5/3/2018 stephenw10 WGXepc can accept two arguments: -f (CPU fan) will return the current and minimum fan speed or if followed by a number in hex, 00-FF, will set it. -f2 (System fan) will return the current and minimum fan speed or if followed by a number in hex, 00-FF, will set it. -l (led) will set the arm/disarm led state to the second argument: red, green, red_flash, green_flash, red_flash_fast, green_flash_fast, off -b (backlight) will set the lcd backlight to the second argument: on or off. Do not use with LCD driver. -t (temperature) shows the current CPU temperature reported by the SuperIO chip. X-e box only. Not all functions are supported by all models [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -f Found Firebox XTM8 Current CPU fanspeed is ???, minimum is 3f [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -f 37 Found Firebox XTM8 IT87 Fanctl set to sane defaults Minimum CPU fanspeed set to 37 [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -f2 Found Firebox XTM8 Current System fanspeed is ???, minimum is 38 [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -l green_flash_fast Found Firebox XTM8 IT87 GPIO pins configured [2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ./WGXepc64 -l green Found Firebox XTM8
;)
Steve
Thank you..The program works on my WatchGuard XTM 810 appliance.
-
Glad to hear it.
I recommend you do some sort of load test to make sure the fans are spinning up correctly and the peak temp values aren't too high.
The default settings are just way off so I made what I think are reasonable choices for the standard CPU.Fan PWM values should be between 00 and 7f, 127 levels, but in reality 32 is stopped and 50 appears to be the maximum. I set both cpu and system fan minimum values to 38 but you can override that by setting a number.
The CPU fan should start to ramp up at 40C and the system fan at 35C. Both ramp up by one 'fan setting' per degree so should quite quickly start making noise with a load.
Steve
-
-
-
Help you do what?
What are you doing? What do you expect to happen? What's actually happening?
Steve
-
Hello
I have a XTM 8 series, I would like install PFSense on it. Can you help me please.
Best regards
-
Are you installing to a CF card or a SATA device? Do you have some means of writing to the CF or installing to the SATA device outside on the XTM8?
Steve
-
I have a CF 1Gb and an HDD 500Gb. What ISO PFsense to copy on the CF 1Gb ? And how to install PFsense on the HDD.
Thanks
-
Noting here for reference since it somehow seems to have been missed and I found myself having to search for it again.
The only change required to enable the serial console on com2 is this loader line:
comconsole_port="0x2F8"
Add that to /boot/loader.conf.local and/or set it at the loader prompt initially.
Steve
-
@stephenw10 said in Watchguard Firebox XTM 8 Series:
Noting here for reference since it somehow seems to have been missed and I found myself having to search for it again.
The only change required to enable the serial console on com2 is this loader line:
comconsole_port="0x2F8"
Add that to /boot/loader.conf.local and/or set it at the loader prompt initially.
Steve
Hi,
This is my first XTM810 that i'm converting to a pfsense box, but damn, who weird is this box compared to a XTM5 series ?
The em0 to em9 assigning is crisscross, these boxes can't shutdown because of the AT powersupply design with a hard on/off switch like the ancient X-Core boxes.
At the moment i use a 1Gb CF card with a older version (2.4.4) 64bit full version with Ramdisk enabled from a XTM5 box, i can login with the Web GUI, and with the above fix of Stephen for activating the COM2 port, i can also see whats happening throug serial console with PuTTy.
But the 2 major problems are :
No internet is passing the box, while on the dashboard the gateway is showing green, and the WAN (em0) has a dynamic IP.
The second problem is the Bios of this XTM810 (labeled FW-8750 WG v1.1 on the motherboard and Bios version 1.2 labeled on the LCD) is that i can only make a backup of the Bios with a GQ-4X Willem Programmer through the SPI interface, and that the Bios file is 2Mb in size. Flashrom gives a read error when trying to backup the original Bios.
Erasing the Bios and flashing this backup back with Flashrom gives also a read error, and the 1Mb Bios files brick this box each time.
Also, only the 1Mb Bios files can be opened by the Amibcp tool, i have tried 6 or 7 different versions of Amibcp from version v3.13 to v4.53, the 1Mb Bios files can be opened, but the 2Mb Bios file that i previously backup can't be opened for editing. So first i though that this backup was corrupt, after bricking the box with the 1Mb unlocked Bios, i revived the box again with the 2Mb Bios that i backup, so it's definitely not corrupt this 2Mb Bios file.
With the original Watchguard firmware 12.1.3 (latest version), internet works fine , so the hardware of this box is okay.
I have also tried with and without the AGP disabling fix, because on Supermicro motherboards this fix works great when the assigning of the extra added interfaces doesn't work properly.
So any help or tips to get pfSense working will be great.Grtz
DeLorean -
@delorean I ran into same issue, where the physical order of nics and emX nics in pfsense doesn't match up.
Your nic order may be issue, unless u surely know that phsycal nic and em0 is same.
my fix was as per
https://forum.netgate.com/topic/164397/watchguard-xtm850-network-interface-orders/2
-
Yeah, you can use PCI device wiring in FreeBSD 12, and hence pfSense 2.5.X, to set the NIC order. I personally chose not to because if you have to reinstall and those values are lost the NIC will all be re-ordered again. Just assigning the NICs from the order they are detected is not that hard IMO.
And yes you probably have the NICs assigned incorrectly if you are not passing traffic. There's not much you can do wrong there besides that on a clean install.
The ordering is certainly odd though. What's shown on this post seems to be correct:
https://forum.netgate.com/post/550680Steve
-
Update
I have installed 2.5.2 (memstick serial version) on a 120Gb SSD connected to a XTM5 box, then used only the 2 interfaces em0 and em1 that are assigned by default.
I connected my LAN cable to port with label 3 (em1) and my WAN cable to port with label 0 (em0), same result as before, login to the Web GUI but no internet (WAN interface received a valid IP by DHCP). Then to be sure, i added a pass all through rule for the WAN interface (em0), but still no internet.
I then assigned port with label 1 (em2) as LAN, and still no internet.
Then i assigned all interfaces and enabled each interface, then i created a WAN-bridge, and applied a "pass all through" rule for this bridge and suddenly the box started passing internet through with the WAN on em0 and LAN on em2.
So i though that this has to with the bridge and/or pass all through rule, but after removing the bridge and this added rule, the box still works, even after a few reboots.
Then during testing, at certain moment, i saw only 2 cores of the default Quad Q9400 where displayed at the dashboard, but after a reboot all 4 cores are back.
Has this cpu a issue, i don't know, decent stress test will tell.
So far problem 1 is fixed, but problem 2 for unlocking the Bios is still present. Flashrom doesn't work at all, a read error and read transaction error when trying to backup or flash, and no possibility for opening the 2Mb original locked Bios file.
The Bios shows version 08.00.15 and 12/02/08 , same as the XTM5 Bios.Thanks for the quick replies and help so far.
Greetz
DeLorean -
Hmm, sounds like a bad default route maybe or no default route.
Or a subnet conflict can behave like that.Been so long since I did this the details escape me!
In fact I'm not sure I ever actually flashed the BIOS on this...It's waay easier to do now there is a default config for em NICs. Crazy struggles at the start of this thread.
-
Little sidenote.
The Amibcp tool doesn't have a sizelimit of 1 Mb (like i though),
because i searched on the Bios Mods forum for random Amibios files that are bigger, and the Amibcp tool can even open 8 Mb Bios files.
So the problem with this 2Mb Bios dump that i experience, is not related due the file size.Greetz
DeLorean -
Probably because you are dumping the entire ROM via the SPI reader and the actual BIOS image is not all of that so you end up with a RAW image that AMIBCP can't open.
Not sure why flashrom wouldn't work but the version in 2.5.2 is probably significantly newer than anything we were testing with 5-6 years ago in 2.2-2.3.
I note that my box is still running 2.3.5 Nano.Steve