Watchguard X750e running pfSense on a SATA hard drive easily with about $10 mods
-
Steve,
Thanks for the reply.
I did indeed use a SATA drive with the same connectors as Vizi0n did.
Forgot to mention that tiny detail ::) -
Hmm, I would guess that's some quirk of the adapter maybe. Assuming the drive itself is good.
Steve
-
Wery thanks for this manual.
I was repeat it in myself. And now all is fine. -
You could have just gone with a Microdrive :)
https://en.wikipedia.org/wiki/Microdrive
http://www.ebay.com/itm/230860368181
Yes I could, but due to the rarity, and possibility of cheap chinese knockoff, I prefer going the regular hard drive way. And it was cheaper to get 2 adapters for less than $10 vs getting a microdrive for $15-20 since I already had the hard drive. The turnaround is also quicker if I ever need to replace it.
I just wanted to add that 14 months later, the Microdrive swap has worked really well and is completely idiot-proof. I have a stack of drives on my desk here from that initial buy I made in December 2015 and they are all working great. Probably why Apple elected to use them in their line of iPods so many years ago. They are definitely not counterfeit, there are millions of them ready to go into a landfill and at $2/each its a headache-free way to get hard disk performance into a Watchguard appliance. Super low-power too, if the power goes out and the Watchguard appliance needs to run on a UPS.
-
Hard to argue with $2. ;)
-
You can use a 2.5" Sata SSD connected to a Sata controller card,
thats connected with a PCI-E 1x flex riser cable to the PCI-E 4x slot on the motherboard.
The differents in navigating speed trough the web UI is like day and night compared to a embedded version run from CF.
I have a x750e thats converted like this, and runs great.Grtz
DeLorean -
I was do it!
But i have a few different moments.
First, after install i doesn't normally booted. pfsense 2.3.3
I was stuck after LAN interfaces is initialized.
So, i going to boot promt, insert
set console="comconsole"
bootAfter this i setup my network interfaces and next reboot was fine.
I use 320 Sata drive with two partition / and swap without any problem.
Thanks for the manual. -
The x750e with 32Gb SSD connected to a Sata Controller card conversion that i made a few months ago.
Grtz
DeLorean.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb) -
The x750e with 32Gb SSD connected to a Sata Controller card conversion that i made a few months ago.
Grtz
DeLoreanThat is a very nice mod!
-
The x750e with 32Gb SSD connected to a Sata Controller card conversion that i made a few months ago.
Grtz
DeLoreanThat is a very nice mod!
Thank you.
It was a bit of struggle to get everything together on 1 plexi plate.
When de power connector is disconnected from the SSD, and after removing the 2 red backplates,
the total conversion can then be slide out.Grtz
DeLorean -
Nice. :D
-
In last time a have e error on this board.
Some one have the same issue?
https://forum.pfsense.org/index.php?topic=128143.msg706598#msg706598
I can't diagnose problem to resolve this mistake. -
I am so happy to find this and that I am not the only one still using this hahaha!!
I just got some COLO on the low low and I have a x550e (post is for a x750e so i'm a lower class :P ) w/16GB flash card in there now but I just got my 160GB IDE H.D.D. that will be install later on this week. However I am having an issue this the LED indicator lights and display, the indicator lights only come on for activity (I guess that is cool) however the display will only show cpu load. I used this https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Overview and some other things here on the forum from googling but no luck.
2.3.4-RELEASE (i386) - NANO
built on Wed May 03 15:22:11 CDT 2017@DeLorean your mod is top of the line :)
-
The lcdproc package should run pretty reliably in 2.3.4 with whatever option screens you selected.
To get the NIC LEDs working as expected you need the modified drivers that set the LED registers correctly. However I've seen some reports of them not running nicely in 2.3.X. YMMV.
Steve
-
The lcdproc package should run pretty reliably in 2.3.4 with whatever option screens you selected.
To get the NIC LEDs working as expected you need the modified drivers that set the LED registers correctly. However I've seen some reports of them not running nicely in 2.3.X. YMMV.
Steve
yeah I will have to work on the LCD a bit and I think I am one of them who is going to have the LED's not run nicely :/ I did modified the drivers and they are still the same. Guess ill have to look into this a bit more. ::)
EDIT/ADD TO:
So I got my IDE drive and installed it, I will make a new post later on to update on the progress -
I wanted to say a big thanks for this thread, it got me thinking and working away.
I have been running a Hyper-V VM of pf as my main firewall/VPN in and out to the datacentre for a while but moving to ESXi and having some VM outages led me to wanting hardware appliance to run pf on to avoid having to talk the better half through booting up clustered storage to get pf online and letting me VPN in to fix issues.
I managed to pick up a WatchGuard X1250E for £125 locally, I then bought a few extras (2x 1GB sticks of PC-8500 RAM, Intel Pentium M 2GHZ CPU, PCIe SATA controller, 4x PCIe flex extender, cables and other misc) and got hacking. I had a stack of 2.5" sata HDD's and SSD's.
I found that NONE of my CF cards would boot the box (being a photographer, I had lots of cards but none old or slow enough (yes I did change the mode, access and head settings)). I made a clone of the original WG image and then flashed the original 512MB card with FreeDOS and flashed the B7 bios.
After much batteling with the CF cards I gave in and soldered a USB extension cable to the mobo front connector. I did have difficulty soldering to the ground pad, so I soldered to the shield of the network ports. I also added power from the ATX connector to sata power lead. I know you can use a USB header and have it running at the front but I wanted to route the USB to one of the rear red expansion plates to run my UPS into eventually.
I then removed the WG PCIe riser and installed my flex extension, added the sata card (mounted to the rear expansion plate as shown below) and by removing the lower plastic card guide, screwed the sata HDD to the existing holes (it needed a gentle file to the rear of the case to fit the HDD in as it is a bit far back).
With the USB connection working, I flashed a 2.1 serial usbboot image to the stick and got pf installed via serial. From here I left it as a pretty vanilla config, plugged into the network and created a quick allow all rule to get internet access on the box. Then performed an online update to 2.3.4 without any notable issues. From here I restored a backup of my operational pf VM and configured everything as needed (interface names were different, some change in rules etc.)
I am running a few extra packages, LCDProc, Snort, Squid and it seems to handle these reasonably well. I have noticed though, sometimes after making a few chages to items such as my multiple OpenVPN clients, there would be multiple PHP processes spawned and the CPU would be battered up at 100%. Restarting LCDProc seemed to resolve this. So for now I will stop the service before making a lot of changes and then run once finished (though, making a lot of changes is a rare thing for obvious reasons).
I have hit an issue today, I normally VPN in via IPSEC over my 4G connection for remote work in the office but in trying to establish the VPN connection today it seems to have half killed the box. I cannot SSH or access the webconfigurator and my OpenVPN connection to the datacentre is down but internet access works fine. That's something to look at during lunch after a drive home.
TL;DR: Saw this and other posts, bought kit, built firewall. Success.
Attached are some images of my install for anyone who is interested. I have recently moved house so the rack is in need of a tidy, but as it is in the garage it is neglected currently due to the new family addition! I have a stack of new hardware to go in.
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
.jpg)
.jpg_thumb)
 -
Nice. :)
-
I found that NONE of my CF cards would boot the box (being a photographer, I had lots of cards but none old or slow enough (yes I did change the mode, access and head settings)). I made a clone of the original WG image and then flashed the original 512MB card with FreeDOS and flashed the B7 bios.
If you flashed Bios version 8.1 , you can forget the settings mode, access and head , because this version
automatic configure your CF card.Grtz
DeLorean -
The lcdproc package should run pretty reliably in 2.3.4 with whatever option screens you selected.
To get the NIC LEDs working as expected you need the modified drivers that set the LED registers correctly. However I've seen some reports of them not running nicely in 2.3.X. YMMV.
Steve
yeah I will have to work on the LCD a bit and I think I am one of them who is going to have the LED's not run nicely :/ I did modified the drivers and they are still the same. Guess ill have to look into this a bit more. ::)
EDIT/ADD TO:
So I got my IDE drive and installed it, I will make a new post later on to update on the progressI am using these:
http://www.vizi0n.com/watchguard/if_sk.ko
http://www.vizi0n.com/watchguard/if_msk.koSolid when link up and no activity
Blinks when there is activityWorks fine on 2.3.4
You can verifiy if the mod is running by running "dmesg | grep LED". You should see an output like this:
[2.3.4-RELEASE][admin@pfSense.localdomain]/root: dmesg | grep LED mskc0: <marvell yukon="" 88e8053="" gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0x8000-0x80ff mem 0xd0020000-0xd0023fff irq 16 at device 0.0 on pci1 mskc1: <marvell yukon="" 88e8053="" gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0x9000-0x90ff mem 0xd0120000-0xd0123fff irq 17 at device 0.0 on pci2 mskc2: <marvell yukon="" 88e8053="" gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0xa000-0xa0ff mem 0xd0220000-0xd0223fff irq 18 at device 0.0 on pci3 mskc3: <marvell yukon="" 88e8053="" gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0xb000-0xb0ff mem 0xd0320000-0xd0323fff irq 19 at device 0.0 on pci4 skc0: <marvell gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0xc000-0xc0ff mem 0xd042c000-0xd042ffff irq 16 at device 0.0 on pci5 skc1: <marvell gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0xc400-0xc4ff mem 0xd0420000-0xd0423fff irq 17 at device 1.0 on pci5 skc2: <marvell gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0xc800-0xc8ff mem 0xd0424000-0xd0427fff irq 18 at device 2.0 on pci5 skc3: <marvell gigabit="" ethernet="" (led="" mod="" 2.2)="">port 0xcc00-0xccff mem 0xd0428000-0xd042bfff irq 19 at device 3.0 on pci5</marvell></marvell></marvell></marvell></marvell></marvell></marvell></marvell> -
So after running my appliance for a while, it seems to be rather unstable and would fall over daily.
Mostly when getting a hit of traffic around 50Mb/s.
The local console would appear normal, but all network traffic would drop and you would not be able to get into the WebGui. I am going to remove the extra 4 ports on the PCIe card and see if this stabilises it, as I know these have been problematic and it does look like a NIC drop to me.
