Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TippingPoint X506 Hardware

    Scheduled Pinned Locked Moved Hardware
    29 Posts 3 Posters 6.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sifter
      last edited by

      Posting some pictures of the inside of a TippingPoint.  I removed the heatsinks and applied new thermal paste.  The old paste was dried up.  Now to see if it will boot.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        A number of interesting looking chips there.  :)
        No idividual NICs by the looks of it so possibly a switch chip or an ASIC (more of a problem).

        Edit: The claimed performance looks to be in line with just using the Celeron raw though.

        What are the Broadcom and Nat. Semi. chips opposite the miniPCI slot?

        Steve

        1 Reply Last reply Reply Quote 0
        • S
          Sifter
          last edited by

          @stephenw10:

          What the Broadcom and Nat. Semi. chips opposite the miniPCI slot?

          Steve

          Ill snap closeups for you.  Check back in a few.

          1 Reply Last reply Reply Quote 0
          • S
            Sifter
            last edited by

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Ah, OK.
              The National Semiconductor chip apperas to be a NIC. The DP83816 should be supported by the FreeBSD sis(4) driver.

              The Broadcom bcm5812kfb is a crypto accelerator chip. Possibly supported by the ubsec(4) driver? (it's not specifically mentioned). It's not necessary to run but would be nice.

              Be interesting to know what's under the other heatsink but you can read it from the logs easily enough.

              The other intersting thing is the BIOS rom, possibly the chip next to the smsc superio chip labelled 'General' something. Not a standard bios which is probably not a good sign.
              Edit: Looks like it's a 'General Software' embedded bios which were quite popular and there is a lot of info available so maybe all is not lost.  :)

              Does it boot a CF card with a Nano image on it? It wouldn't surprise me to find it only boots signed images.  :-\

              Steve

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Looks like the Watchguard V60 box had a General Software BIOS, though probably an earlier version. On that box you could access the bios using Ctl-C via the serial console.

                https://forum.pfsense.org/index.php?topic=67300.0

                Steve

                1 Reply Last reply Reply Quote 0
                • S
                  Sifter
                  last edited by

                  Booting [/boot/kernel/kernel]...
                  Copyright (c) 1992-2012 The FreeBSD Project.
                  Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
                          The Regents of the University of California. All rights reserved.
                  FreeBSD is a registered trademark of The FreeBSD Foundation.
                  FreeBSD 8.3-RELEASE-p11 #0: Wed Sep 11 18:43:07 EDT 2013
                      root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386
                  Timecounter "i8254" frequency 1193182 Hz quality 0
                  CPU: Intel(R) Celeron(R) M processor         1.50GHz (1497.45-MHz 686-class CPU)
                    Origin = "GenuineIntel"  Id = 0x6d8  Family = 6  Model = d  Stepping = 8
                    Features=0xafe9f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,tm,pbe>AMD Features=0x100000 <nx>real memory  = 1065353216 (1016 MB)
                  avail memory = 1019756544 (972 MB)
                  ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07330f0, 0) error 1
                  ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc0733190, 0) error 1
                  ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc0733230, 0) error 1
                  wlan: mac acl policy registered
                  ACPI Error: A valid RSDP was not found (20101013/tbxfroot-309)
                  ACPI: Table initialisation failed: AE_NOT_FOUND
                  ACPI: Try disabling either ACPI or apic support.
                  cryptosoft0: <software crypto="">on motherboard
                  padlock0: No ACE support.
                  pcib0: <host to="" pci="" bridge="">pcibus 0 on motherboard
                  pci0: <pci bus="">on pcib0
                  pci0: <base peripheral=""> at device 0.1 (no driver attached)
                  pci0: <base peripheral=""> at device 0.3 (no driver attached)
                  vgapci0: <vga-compatible display="">port 0xf800-0xf807 mem 0x80000000-0x87ffffff,0xc0000000-0xc007ffff irq 11 at device 2.0 on pci0
                  uhci0: <intel 82801db="" (ich4)="" usb="" controller="" usb-a="">port 0xf400-0xf41f irq 11 at device 29.0 on pci0
                  uhci0: [ITHREAD]
                  usbus0: <intel 82801db="" (ich4)="" usb="" controller="" usb-a="">on uhci0
                  uhci1: <intel 82801db="" (ich4)="" usb="" controller="" usb-b="">port 0xf000-0xf01f irq 10 at device 29.1 on pci0
                  uhci1: [ITHREAD]
                  usbus1: <intel 82801db="" (ich4)="" usb="" controller="" usb-b="">on uhci1
                  uhci2: <intel 82801db="" (ich4)="" usb="" controller="" usb-c="">port 0xec00-0xec1f irq 9 at device 29.2 on pci0
                  uhci2: [ITHREAD]
                  usbus2: <intel 82801db="" (ich4)="" usb="" controller="" usb-c="">on uhci2
                  ehci0: <intel 82801db="" l="" m="" (ich4)="" usb="" 2.0="" controller="">mem 0xc0080000-0xc00803ff irq 7 at device 29.7 on pci0
                  ehci0: [ITHREAD]
                  usbus3: EHCI version 1.0
                  usbus3: <intel 82801db="" l="" m="" (ich4)="" usb="" 2.0="" controller="">on ehci0
                  pcib1: <pci-pci bridge="">at device 30.0 on pci0
                  pci1: <pci bus="">on pcib1
                  sis0: <natsemi 10="" dp8381[56]="" 100basetx="">port 0xcc00-0xccff mem 0xc0100000-0xc0100fff irq 11 at device 1.0 on pci1
                  sis0: Silicon Revision: DP83816A
                  miibus0: <mii bus="">on sis0
                  nsphyter0: <dp83815 10="" 100="" media="" interface="">PHY 0 on miibus0
                  nsphyter0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
                  sis0: [ITHREAD]
                  ubsec0 mem 0xc0110000-0xc011ffff irq 10 at device 2.0 on pci1
                  ubsec0: [ITHREAD]
                  ubsec0: Broadcom 5823
                  isab0: <pci-isa bridge="">at device 31.0 on pci0
                  isa0: <isa bus="">on isab0
                  atapci0: <intel ich4="" udma100="" controller="">port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xd800-0xd80f mem 0xc0080400-0xc00807ff irq 9 at device 31.1 on pci0
                  ata0: <ata channel="">at channel 0 on atapci0
                  ata0: [ITHREAD]
                  ata1: <ata channel="">at channel 1 on atapci0
                  ata1: [ITHREAD]
                  pci0: <serial bus,="" smbus="">at device 31.3 (no driver attached)
                  cpu0 on motherboard
                  atrtc0: <at real="" time="" clock="">at port 0x70 irq 8 on isa0
                  ppc0: <parallel port="">at port 0x378-0x37f irq 7 on isa0
                  ppc0: Generic chipset (EPP/NIBBLE) in COMPATIBLE mode
                  ppc0: [ITHREAD]
                  ppbus0: <parallel port="" bus="">on ppc0
                  ppi0: <parallel i="" o="">on ppbus0
                  uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
                  uart0: [FILTER]
                  uart0: console (9600,n,8,1)
                  uart1: <16550 or compatible> at port 0x2f8-0x2ff irq 3 on isa0
                  uart1: [FILTER]
                  Timecounter "TSC" frequency 1497449541 Hz quality 800
                  Timecounters tick every 10.000 msec
                  IPsec: Initialized Security Association Processing.
                  usbus0: 12Mbps Full Speed USB v1.0
                  usbus1: 12Mbps Full Speed USB v1.0
                  ugen0.1: <intel>at usbus0
                  uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus0
                  ugen1.1: <intel>at usbus1
                  uhub1: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus1
                  usbus2: 12Mbps Full Speed USB v1.0
                  usbus3: 480Mbps High Speed USB v2.0
                  ugen2.1: <intel>at usbus2
                  uhub2: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus2
                  ugen3.1: <intel>at usbus3
                  uhub3: <intel 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus3
                  uhub0: 2 ports with 2 removable, self powered
                  uhub1: 2 ports with 2 removable, self powered
                  uhub2: 2 ports with 2 removable, self powered
                  ad0: 3906MB <hms360404d5cf00 dn4eca2a="">at ata0-master UDMA33
                  uhub3: 6 ports with 6 removable, self powered
                  Trying to mount root from ufs:/dev/ad2s1a
                  ROOT MOUNT ERROR:
                  If you have invalid mount options, reboot, and first try the following from
                  the loader prompt:
                  
                       set vfs.root.mountfrom.options=rw
                  
                  and then remove invalid mount options from /etc/fstab.
                  
                  Loader variables:
                  vfs.root.mountfrom=ufs:/dev/ad2s1a
                  vfs.root.mountfrom.options=rw
                  
                  Manual root filesystem specification:
                    <fstype>:<device>Mount <device>using filesystem <fstype>eg. ufs:/dev/da0s1a
                                         eg. cd9660:/dev/acd0
                                         This is equivalent to: mount -t cd9660 /dev/acd0 /
                  
                    ?                  List valid disk boot devices
                    <empty line="">Abort manual input
                  
                  mountroot>
                  ø\
                  panic: Root mount failed, startup aborted.
                  cpuid = 0
                  Uptime: 45s
                  Cannot dump. Device not defined or unavailable.
                  Automatic reboot in 15 seconds - press a key on the console to abort
                  Rebooting...</empty></fstype></device></device></fstype></hms360404d5cf00></intel></intel></intel></intel></intel></intel></intel></intel></parallel></parallel></parallel></at></serial></ata></ata></intel></isa></pci-isa></dp83815></mii></natsemi></pci></pci-pci></intel></intel></intel></intel></intel></intel></intel></intel></vga-compatible></pci></host></software></nx></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,tm,pbe> 
                  
                  1 Reply Last reply Reply Quote 0
                  • S
                    Sifter
                    last edited by

                    @stephenw10:

                    On that bios you could access the bios using Ctl-C via the serial console.

                    Steve

                    
                                     +---------------------------------------------+
                                     |              Enter password:                |
                                     +---------------------------------------------+
                    
                    
                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      Awesome! Shame the bios is locked but never mind if it boot's OK. Could always try extracting the bios and looking for likely passwords later.

                      Is that booting the standard NanoBSD image? Strange that it's looking for root on ad2.  :-
                      Edit: Or is it a standard install with embedded kernel?

                      Anyway it's actually ad0, the primary master, so at the mount root prompt enter:

                      ufs:/dev/ad0s1a
                      

                      It should then boot.

                      I only see one NIC detected, sis0. I wonder how it's connected to the others ports? VLANs via a switch chip perhaps, SOHO router style.

                      ubsec is loaded, nice.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • S
                        Sifter
                        last edited by

                        I pulled a 4gig microdrive from another system that has a full install on it.

                        mountroot> ufs:/dev/ad0s1a
                        Trying to mount root from ufs:/dev/ad0s1a
                        WARNING: / was not properly dismounted
                        Configuring crash dumps...
                        No suitable dump device was found.
                        Mounting filesystems...
                        ZFS NOTICE: Prefetch is disabled by default on i386 -- to enable,
                                    add "vfs.zfs.prefetch_disable=0" to /boot/loader.conf.
                        ZFS WARNING: Recommended minimum kmem_size is 512MB; expect unstable behavior.
                                     Consider tuning vm.kmem_size and vm.kmem_size_max
                                     in /boot/loader.conf.
                        ZFS filesystem version 5
                        ZFS storage pool version 28
                        mount: /dev/ad0s1a R/W mount of / denied. Filesystem is not clean - run fsck.: Operation not permitted
                        ** /dev/ad0s1a
                        ** Last Mounted on /
                        ** Root file system
                        ** Phase 1 - Check Blocks and Sizes
                        INCORRECT BLOCK COUNT I=188460 (4 should be 0)
                        CORRECT? yes
                        
                        ** Phase 2 - Check Pathnames
                        ** Phase 3 - Check Connectivity
                        ** Phase 4 - Check Reference Counts
                        UNREF FILE I=188422  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188423  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188424  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188425  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188426  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188442  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188443  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188444  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188445  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188446  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188447  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188448  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188449  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188450  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE I=188451  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 13 23:48 2014
                        CLEAR? yes
                        
                        UNREF FILE  I=188544  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 19 19:05 2014
                        RECONNECT? yes
                        
                        NO lost+found DIRECTORY
                        CREATE? yes
                        
                        UNREF FILE  I=188545  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 19 19:05 2014
                        RECONNECT? yes
                        
                        UNREF FILE  I=188546  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 19 19:05 2014
                        RECONNECT? yes
                        
                        UNREF FILE  I=188547  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 19 19:05 2014
                        RECONNECT? yes
                        
                        UNREF FILE  I=188548  OWNER=root MODE=100644
                        SIZE=0 MTIME=Feb 19 19:05 2014
                        RECONNECT? yes
                        
                        LINK COUNT FILE I=235668  OWNER=dhcpd MODE=100644
                        SIZE=673 MTIME=Feb 15 22:33 2014  COUNT 2 SHOULD BE 1
                        ADJUST? yes
                        
                        ** Phase 5 - Check Cyl groups
                        FREE BLK COUNT(S) WRONG IN SUPERBLK
                        SALVAGE? yes
                        
                        SUMMARY INFORMATION BAD
                        SALVAGE? yes
                        
                        BLK(S) MISSING IN BIT MAPS
                        SALVAGE? yes
                        
                        6209 files, 95092 used, 1333071 free (159 frags, 166614 blocks, 0.0% fragmentation)
                        
                        ***** FILE SYSTEM MARKED CLEAN *****
                        
                        ***** FILE SYSTEM WAS MODIFIED *****
                        Disabling APM on /dev/ad0
                        
                             ___
                         ___/ f \
                        / p \___/ Sense
                        \___/   \
                            \___/
                        
                        Welcome to pfSense 2.1-RELEASE  ...
                        
                        Dump device does not exist.  Savecore not run.
                        Creating symlinks......done.
                        External config loader 1.0 is now starting... ad0s1b
                        Launching the init system... done.
                        Initializing............................. done.
                        Starting device manager (devd)...done.
                        Loading configuration......done.
                        Warning: Configuration references interfaces that do not exist: rl0 rl3
                        
                        Network interface mismatch -- Running interface assignment option.
                        sis0: link state changed to DOWN
                        
                        Valid interfaces are:
                        
                        sis0  ff:ff:ff:ff:ff:ff   (up) NatSemi DP8381[56] 10/100BaseTX
                        
                        Do you want to set up VLANs first?
                        
                        If you are not going to use VLANs, or only for optional interfaces, you should
                        say no here and use the webConfigurator to configure VLANs later, if required.
                        
                        Do you want to set up VLANs now [y|n]?
                        
                        
                        1 Reply Last reply Reply Quote 0
                        • S
                          Sifter
                          last edited by

                          The box isnt showing me any love when I put the pfSense-2.1-RELEASE-512mb-i386-nanobsd.img.gz image on a Transcend 4gig ultra cf card.

                          Like literally no output on the serial, both 9600 and 115200.

                          1 Reply Last reply Reply Quote 0
                          • S
                            Sifter
                            last edited by

                            After writing the pfSense-memstick-serial-2.1-RELEASE-i386.img.gz image to a usb stick and trying to boot from it, I got the following:

                            TippingPoint OS, MFG version
                            BSP: [t10 1.2] Bootloader: [15]
                            Creation date: Jun  2 2006, 10:24:47
                            
                            Press any key to stop auto-boot...
                             0
                            auto-booting...
                            
                            boot device          : ata=0,0
                            unit number          : 0
                            processor number     : 0
                            host name            : NDS
                            file name            : auto
                            flags (f)            : 0x0
                            
                            Could not initialize ATA.
                            
                            Error loading file: errno = 0x0.
                            Can't load boot file!!
                            
                            
                            1 Reply Last reply Reply Quote 0
                            • stephenw10S
                              stephenw10 Netgate Administrator
                              last edited by

                              Hmm, OK.
                              What baud rate do you see the locked BIOS at?

                              Maybe it just can't boot that card for some reason.
                              No booting from USB either. That's not surprising it would be big security risk if you could just plug in your own compromised OS and reboot the box without even opening it.

                              Can you try setting up the NICs with the microdrive?
                              First you need to find out if you can actually get any networkaccess at all. I aimagine it might be VLANs to whatever the chip under the heatsink is but they may require setting up via some out of band service like i2c which would be bad.

                              Steve

                              1 Reply Last reply Reply Quote 0
                              • S
                                Sifter
                                last edited by

                                @stephenw10:

                                Hmm, OK.
                                What baud rate do you see the locked BIOS at?

                                Steve

                                I can see the TippingPoint OS prompt and bios password prompt at 115200.  When the microdrive is in, I have to close putty and reopen it at 9600 in order to see the full boot.

                                1 Reply Last reply Reply Quote 0
                                • stephenw10S
                                  stephenw10 Netgate Administrator
                                  last edited by

                                  Sometimes if you're running at 115200 the bootloader sees that as some random input when it gets to the F1 prompt and then waits for you to press return which you can't because your not actually connected.
                                  Try booting the CF card with putty at 9600 the whole time.
                                  Also if you've just changed the boot media you sometimes have to boot twice as the first boot halts with a message about hardware change. Only the case with some BIOSes and I wouldn't expect it on something designed for embedded but still…

                                  Steve

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    Sifter
                                    last edited by

                                    Interesting, it doesnt like my Transcend Compact Flash ULTRA 4GB Industrial.

                                    As soon as I imaged my microdrive with the pfSense-2.1-RELEASE-512mb-i386-nanobsd.img.gz image and popped it in, it booted right away.

                                    Here is a snippet from assigning vlan interfaces.

                                         ___
                                     ___/ f \
                                    / p \___/ Sense
                                    \___/   \
                                        \___/
                                    
                                    Welcome to pfSense 2.1-RELEASE  ...
                                    
                                    Creating symlinks......done.
                                    External config loader 1.0 is now starting... ad0s3
                                    Launching the init system... done.
                                    Initializing............................. done.
                                    Starting device manager (devd)...done.
                                    Loading configuration......done.
                                    
                                    Default interfaces not found -- Running interface assignment option.
                                    sis0: link state changed to DOWN
                                    
                                    Valid interfaces are:
                                    
                                    sis0  ff:ff:ff:ff:ff:ff   (up) NatSemi DP8381[56] 10/100BaseTX
                                    
                                    Do you want to set up VLANs first?
                                    
                                    If you are not going to use VLANs, or only for optional interfaces, you should
                                    say no here and use the webConfigurator to configure VLANs later, if required.
                                    
                                    Do you want to set up VLANs now [y|n]? y
                                    
                                    VLAN Capable interfaces:
                                    
                                    sis0    ff:ff:ff:ff:ff:ff   (up)
                                    
                                    Enter the parent interface name for the new VLAN (or nothing if finished): sis0
                                    Enter the VLAN tag (1-4094): 100
                                    
                                    VLAN Capable interfaces:
                                    
                                    sis0    ff:ff:ff:ff:ff:ff   (up)
                                    
                                    Enter the parent interface name for the new VLAN (or nothing if finished): sis0
                                    Enter the VLAN tag (1-4094): 200
                                    
                                    VLAN Capable interfaces:
                                    
                                    sis0    ff:ff:ff:ff:ff:ff   (up)
                                    
                                    Enter the parent interface name for the new VLAN (or nothing if finished): sis0
                                    Enter the VLAN tag (1-4094): 300
                                    
                                    VLAN Capable interfaces:
                                    
                                    sis0    ff:ff:ff:ff:ff:ff   (up)
                                    
                                    Enter the parent interface name for the new VLAN (or nothing if finished):
                                    
                                    VLAN interfaces:
                                    
                                    sis0_vlan100    VLAN tag 100, parent interface sis0
                                    sis0_vlan200    VLAN tag 200, parent interface sis0
                                    sis0_vlan300    VLAN tag 300, parent interface sis0
                                    
                                    *NOTE*  pfSense requires *AT LEAST* 1 assigned interface(s) to function.
                                            If you do not have *AT LEAST* 1 interfaces you CANNOT continue.
                                    
                                            If you do not have at least 1 *REAL* network interface card(s)
                                            or one interface with multiple VLANs then pfSense
                                            *WILL NOT* function correctly.
                                    
                                    If you do not know the names of your interfaces, you may choose to use
                                    auto-detection. In that case, disconnect all interfaces now before
                                    hitting 'a' to initiate auto detection.
                                    
                                    Enter the WAN interface name or 'a' for auto-detection: sis0_vlan100
                                    
                                    Enter the LAN interface name or 'a' for auto-detection
                                    NOTE: this enables full Firewalling/NAT mode.
                                    (or nothing if finished): sis0_vlan200
                                    
                                    Enter the Optional 1 interface name or 'a' for auto-detection
                                    (or nothing if finished): sis0_vlan300
                                    
                                    Enter the Optional 2 interface name or 'a' for auto-detection
                                    (or nothing if finished):
                                    
                                    The interfaces will be assigned as follows:
                                    
                                    WAN  -> sis0_vlan100
                                    LAN  -> sis0_vlan200
                                    OPT1 -> sis0_vlan300
                                    
                                    Do you want to proceed [y|n]?y
                                    
                                    Writing configuration...done.
                                    Updating configuration...done.
                                    Cleaning backup cache...done.
                                    Setting up extended sysctls...done.
                                    Setting timezone...done.
                                    Configuring loopback interface...done.
                                    vlan0: changing name to 'sis0_vlan100'
                                    
                                    Starting Securevlan1: changing name to 'sis0_vlan200'
                                     Shell Services.vlan2: changing name to 'sis0_vlan300'
                                    ..done.
                                    Setting up polling defaults...done.
                                    Setting up interfaces microcode...done.
                                    Configuring loopback interface...done.
                                    Creating wireless clone interfaces...done.
                                    Configuring LAGG interfaces...done.
                                    Configuring VLAN interfaces...done.
                                    Configuring QinQ interfaces...done.
                                    Configuring WAN interface...Generating new MAC address.done.
                                    Configuring LAN interface...done.
                                    Syncing OpenVPN settings...done.
                                    Configuring firewall......done.
                                    Starting PFLOG...done.
                                    Setting up gateway monitors...done.
                                    Synchronizing user settings...done.
                                    Starting webConfigurator...done.
                                    Configuring CRON...done.
                                    Starting DNS forwarder...done.
                                    Starting NTP time client...done.
                                    Starting DHCP service...done.
                                    Starting DHCPv6 service...done.
                                    Configuring firewall......done.
                                    Generating RRD graphs...done.
                                    Starting syslog...done.
                                    Starting CRON... done.
                                    Bootup complete
                                    
                                    FreeBSD/i386 (pfSense.localdomain) (console)
                                    
                                    *** Welcome to pfSense 2.1-RELEASE-nanobsd (i386) on pfSense ***
                                    
                                     WAN (wan)       -> sis0_vlan100 ->
                                     LAN (lan)       -> sis0_vlan200 -> v4: 192.168.1.1/24
                                     OPT1 (opt1)     -> sis0_vlan300 ->
                                    
                                     0) Logout (SSH only)                  8) Shell
                                     1) Assign Interfaces                  9) pfTop
                                     2) Set interface(s) IP address       10) Filter Logs
                                     3) Reset webConfigurator password    11) Restart webConfigurator
                                     4) Reset to factory defaults         12) pfSense Developer Shell
                                     5) Reboot system                     13) Upgrade from console
                                     6) Halt system                       14) Disable Secure Shell (sshd)
                                     7) Ping host                         15) Restore recent configuration
                                    
                                    Enter an option:
                                    
                                    
                                    1 Reply Last reply Reply Quote 0
                                    • S
                                      Sifter
                                      last edited by

                                      @stephenw10:

                                      Can you try setting up the NICs with the microdrive?
                                      First you need to find out if you can actually get any networkaccess at all. I aimagine it might be VLANs to whatever the chip under the heatsink is but they may require setting up via some out of band service like i2c which would be bad.

                                      Steve

                                      So even after assigning vlan's 100, 200, and 300 to the sis0 interface, no interfaces come alive when I plug in a CAT5 cable to each of the 6 jacks.

                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        Sifter
                                        last edited by

                                        And here is our mystery chip under the heatsink.

                                        1 Reply Last reply Reply Quote 0
                                        • stephenw10S
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          Ok so as suspected a switch IC. These are normally configured via spi in soho routers but usually (often) that's only neccessary if you need to change the default config.
                                          You can't just assign VLANs at random. Assign the sis interface directly. Run a packet capture on it. Whilst it's running send some traffic into external switch ports. Now look at the capture to see what vlans traffic arrived on. Of course you'll have to get the capture file off the box to analyse it, or do it the hard way.  ;)

                                          Steve

                                          1 Reply Last reply Reply Quote 0
                                          • S
                                            Sifter
                                            last edited by

                                            @stephenw10:

                                            You can't just assign VLANs at random. Assign the sis interface directly.

                                            Steve

                                            I need 2 interfaces before pfsense will proceed, do I assign one generic vlan as WAN and then assign the sis0 directly to LAN?  How would you do it?

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.