WatchGuard Firebox: Core-e and Peak-e series
-
Just a quick update before I upgrade to 2.2.3, been up for over 60 days with no problems. A word of advice, make sure multiple internal networks block traffic from each other - it causes the occasional interface to hang in only one direction (receive) from noisy broadcast devices.
Thanks again for everyone who made this possible. pfSense on WatchGuard - a professional combination.
-
I had numerous issues with the firewall because I mistyped a configuration option upon first setup. This setting is not included in any pfSense backup, and must be performed BEFORE the watchguard firebox fully boots pfsense. When booting a fresh CF or Microdrive on a WatchGuard box you need to interrupt the boot loader when it starts counting down from 4. You'll see the OK prompt. At the prompt enter:
set hint.ata.0.mode=PIO4 set hw.msk.msi_disable=1 bootThat will allow the card to boot and you can then add the lines to /boot/loader.conf.local
You can create it and put the lines into it by executing this in the Diagnostics > Command Prompt Execute Shell command box:/etc/rc.conf_mount_rw echo 'hint.ata.0.mode=PIO4' >> /boot/loader.conf.local echo 'hw.msk.msi_disable=1 ' >> /boot/loader.conf.local /etc/rc.conf_mount_roThe Hitachi 4GB Microdrives are much faster than any CF card that I've used so far, and don't suffer from write limitations of flash memory (I've had to replace CF several times due to logging wearing out the CF card.) Also, they are $4 apiece on eBay - an actual tiny hard drive! When using a Microdrive, one can set NanoBSD to permanent read/write mode which eliminates slowdowns that users experience with the WebGUI.