[UPDATE: Version 2.1.5. vs 2.2.2 sent me for another tailspin – be warned. This is why swear words were invented I think – but I was victorious. Read below for the differences.]
This was a bit of a nightmare but I finally figured it out. This version of this article is after I have ordered 2 of these. I know the benefits were huge of getting this as I have a very trusted friend install these at many places that I also do work for (he is the IT desktop guru, I am the IT bus. automation/database application guy. I have installed vpn software on them etc. I have a client who I said – “no problem – I will get you the best most configurable router possible” … but to my chagrin – lots of re-learning from ages past. Serial communication instead of a VGA … oh my. Lots of plugging in the usb, unplugging the soekris board and plugging things back in in the right order. If this helps you – please leave a comment.
Let me help you not to have to rip all your hair out. Many little hints from online, my friend who lives quite far from me who wasn’t available at the same times I was etc. and trial and error. Here we go ….
Some knowns
- the Soekris net5501-70 hardware is a i386. Don’t just look at the AMD and assume it is an AMD64. This is a VERY OLD PROCESSOR (2003 vintage) . DO NOT DOWNLOAD AMD64 – or you will be sorry
- this board has NO VGA you can connect to it. If you need to see things BUY THE VGA VERSION (you don’t really need to see anything unless things go wrong). I had to get a NULL MODEM cable (remember the 90’s and the nightmares of serial cables – well – I had to make 2 trips to buy a USB-serial cable (my old one had no drivers for os x nor windows 7) and another trip to get a null modem cable. NULL MODEM CABLE.
- the Sokeris BIOS communicates on the serial port at 19200 BUT … then one it finishes the system then switches to 9600 for pfsense 2.1.5 and 15200 for pfsense 2.2.2. – how annoying.
- How dumb is that. Luckily a guy on line shows us how to fix this to be all 9600 baud. For pfsense 2.2.2 use 115200 – no I didn’t listen to myself on the next bullet – I am still using non-VGA
- BUY THE VGA VERSION OF THE SOEKRIS BOX (did I say that again!?)
- I was told to order 2 power supplies and the SanDisk 4GB Compact Flash. One of the flash cards sadly didn’t work – this is very sad, but I was glad I bought 2. I was told to order a certain kind right from Soekris as not all CF worked I was told.
Follow these steps
- Download pfsense – the i386 version even if you processor has AMD stamped on it in large letters. On the download page at the time of writing – I chose these options on the download page
- Comp Arch: i386 (32-bit)
- Platform: Embedded (NanoBSD) typically with CF
- Console: Serial
- CF Card Size
- Unzip the .gz – note that windows 7 does not have native support for .gz zipped files, so I downloaded 7-zip and it unzipped fine. Don’t forget this unzip step
- I checked the md5 hash but found the university of Hawaii’s mirror to be indeed correct
- Using some forums – I was told to delete the partitions on the Compact Flash and use diskpart (dos command) and do the following:
- run computer management (from an explorer window, r-click on the menu item on my computer->manage, click on Storage->Disk Management )
- delete all the partitions on your Compact Flash – be careful not to delete your c: partitions or else this whole exercise becomes much longer 🙂
- now on subsequent times I have done this (I have done 3 so far ) – this step might not be possible as there is nothing to delete – rest assured you are not crazy
- exit computer management in prep for the next command
- open new dos command line and type
- diskpart
- list disk
- select disk X (result from B) – do not get this wrong or else you could erase your C: drive
- clean all <<this takes a few minutes>>
- exit
- download physdiskwrite program and follow these instructions to the letter to install the image on the to compact flash. I think win32diskimager works fine too by the way and the GUI is a one two three you are done kind.
- the physdiskwrite program is a dos commandline program so after running diskpart, the drive number was 2. Then I typed
”
physdiskwrite -u -d 2 pfSense-2.1.5-RELEASE-4g-i386-nanobsd-20140825-0744.img
”
This process take a few minutes.
- the physdiskwrite program is a dos commandline program so after running diskpart, the drive number was 2. Then I typed
- eject the CF card from the PC and plug the CF card into the drive in the Soekris box (unscrew the soekris box, install, put it back together)
- power up the box
- plug your network cable into the eth0 slot (LAN) and go to http://192.168.1.1 and voila – instant router. The default username and password is admin/pfsense
- Didn’t work? Go through the VGA or RS-232 (change speed steps are down at the end of this article)
- for 2.2.2 I had to answer all the “what interface do you want to use for the WAN? Then setup ip’s for the LAN etc. by going through the geek level menu items on the RS-232 (or VGA) port. What a pain – how come they don’t just pick some defaults!!!!! Oh – then reboot it a couple of times and unplug-replug your ethernet.
- BUT WAIT (no literally wait – it takes about 3 minutes to boot up – before you should look for http://192.168.1.1
- DHCP does in fact exist on the Eth 0 port so there should be no need to set ip addresses or gateways or anything. Trust me – I have tried all scenarios – when I wrote this – I confirmed everything and edited this article at least 5 times over the next month.
- Didn’t work? Go through the VGA or RS-232 (change speed steps are down at the end of this article)
- Now I do a restore from one company to the next – so
- first – get the config you like and download it from the Diagnostics->Backup/Restore menu
- go to the new box and restore it using the same menu item but in reverse
- immediately change the Dynamic DNS and always use a different IP range from one customer to the next so you can log into one customer from the other in case you need to look at settings and compare
Those are your instructions – mine fell down at 8 – see the bottom of this article on the software and links that helped be get to the 8 steps above.
What my big problem in hindsight was is that I had the wrong CPU architecture and I feel like a dolt, but in 2014 when i buy hardware and it has AMD stamped on it (and the i in i386 I think means Intel) I chose AMD64 as the download architecture. I asked a friend for help, and didn’t look at the details of what I ordered because he orders this one all the time. Here is the article that highlights the start of my issue while googling.
- Note May 19th 02:10am’s listing … where it says FFS bad disklabel – it is a bad disk label because it is a 64 bit image.
- Then after changing the baud to all be 9600 – I narrowed in on the comment from the loader “CPU doesn’t support long mode”. Well some quick googling helped me narrow that down to the wrong architecture (another soekris customer) and then I downloaded the i386, did all the rigamarole, and it all came together.
I hope I helped everyone else out who is looking for a great pfsense hardware solution and less stress in their lives. Please leave a comment to know if I helped you. These boxes last for years and years and has 4 separate network interfaces.
Other resources I had to use to figure out my issue were
- how to connect to rs232 port using mac os x console via usb/rs232 serial port
- here is an article how to make the bios 9600 baud so that the bios boot and the rest of the boot are all in english and not computer garbley goop. It is 9600 8N1 in case that means anything – it does to me and brings back nightmares of the 1990’s
Hi,
Thanks for those instructions. I’m trying to install pfsense 2.2.4 on a net5501 (it’s working fine on 2.1.5, with a 8GB CF Card and serial port), but I come on this error on boot:
(aprobe0:ata0:0:1:0): ATA_IDENTIFY. ACB: ec 00 00 00 00 40 00 00 00 00 00 00
(aprobe0:ata0:0:1:0): CAM status: Command timeout
(aprobe0:ata0:0:1:0): Retrying command
Did you had this error when you proceeded?
Regards,
Ben
So far I have been clean on the boot and install. I am assuming that you did a NEW box with a NEW card and NEW pfsense (since you are reading this article?). There are a few other sites that are marked with solved – but you are using a card – I was told by my friend who is also obsessed with these boxes – ONLY TO BUY FROM Soekris … so he too was intimating that it is finiky but if you buy the stuff from them – all seems to work well. I have not ventured on ordering anything but what he recommended.
(shows your not the only one) https://forums.freebsd.org/threads/system-doesnt-recognize-hdd-after-boot.35317/
(here are some people who seemed to have it solved/understood with an update) https://forum.pfsense.org/index.php?topic=92609.0
In Google I
– typed “ATA_IDENTIFY CAM status soekris”
– narrowed it down to results in the past 1 year
Did you get it solved? If so could you post a reply for others? I installed ASKIMET spam filter – so I can find real comments faster.
Also is pfsense now breaking the 4GB barrier with the plug ins you are installing?
Hi, thanks for your response.
Well, I have this Soekris for some years now, running under pfsense 2.1.5.
So I backed up the disk image before following the steps you described (with the same card I used before); as it didn’t turn well, I rolled back the image.
I will try some methods as soon as I can (like this one: https://lists.freebsd.org/pipermail/freebsd-hackers/2015-June/047894.html), I will let you know how it went 🙂
Ben