Connection to console via serial port not possible

EddZig · August 25, 2021, 04:46:21 PM

Hi,

I want to perform an upgrade of OPNsense to the latest version and would like to be prepared for the case the update would fail. For that I tried to establish a serial connection to the device (no VGA available) from a W10 PC without success.

I checked the settings on the firewall (115200, 8,n,1 - with and w/o hardware flow control) already as well as on the Windows 10 device.

No further idea how to proceed - and, I am a Windows guy, not familiar with Linux. With the help of some KB articles I could check the loader.conf (equals to wht the FW GUI shows). Maybe the serial port of the PC is not working properly, but no clue how to sort that outas I don't have any other serial device...

Any suggestion or help is highly welcome!

Many thanks in advance
EZ

Current OS = OPNsense 18.7.10_4 (amd64/OpenSSL)

chemlud · August 25, 2021, 05:41:09 PM

Did you enable the serial as "Primary Console" in GUI? Password protections?

Is it a serial cable or do you use a serial to USB (on sense side)?

Press RETURN in the putty (?) window while connected, anything happening?

Have you rebooted the sense and watched the serial console for output?

EddZig · August 26, 2021, 09:14:24 AM

Quote from: chemlud on August 25, 2021, 05:41:09 PM
Did you enable the serial as "Primary Console" in GUI? Password protections?

-> Yes

Is it a serial cable or do you use a serial to USB (on sense side)?

-> serial able on sense side, USB2SER on PC side

Press RETURN in the putty (?) window while connected, anything happening?

-> yes, nothing, zero

Have you rebooted the sense and watched the serial console for output?

Yes, even that. Nothing

I am trying to organize a PC with built-in serial int to avoid any issues with the USB2SER adapter, but this will take a while.

chemlud · August 26, 2021, 09:29:10 AM

I would assume some wrong settings in the serial console program on Win side then (putty?). Maybe find a linux machine (serial port or not) and try minicom (as root: minicom -s). Should work if you use the right settings for serial (ttyUSB0, ttyS0, ... depends on your machine).

If you bridge (small piece of cable) RX and TX on the serial side you normally plug into the sense, any key you press on the client should show up in the console output. Quite good test for your serial setup on client side.

Always good to have a second access to your box (independent from network interfaces) and you can learn a lot...

chemlud · August 26, 2021, 09:31:27 AM

...

EddZig · August 26, 2021, 09:46:55 AM

I tried many combination of settings, especially the flow control. I assume the sense side is 8,n,1 and XON/XOFF. I tried the speed and with HW control, w/o, with XON/OFF, without.....

Unfortunately my remote hand will be on vacation for 2 weeks, so "quickly" organizing a linux box will take some time.

Many thanks for your valuable input so far!!!

chemlud · August 26, 2021, 09:50:18 AM

..one last: The serial port on both machines is enabled in BIOS?

EddZig · August 26, 2021, 10:01:35 AM

So, what we just did is the loopback test on the Win PC side. Everything I entered into Putty I just got back.

How to enable/check on sense side? There is no VGA interface, only <Serial 3x LAN, 2 USB>

EddZig · August 26, 2021, 10:14:29 AM

Here a pic of the hardware, maybe you can identify an un-used/disconnected VGA interface...

https://1drv.ms/u/s!Aqo5RK0K40pekpBHQB0x2s5oiXZWJw?e=5tXhiS

EddZig · August 26, 2021, 03:51:55 PM

root@OPNsense:~ # dmesg | grep tty
root@OPNsense:~ #

root@OPNsense:~ # dmesg | grep 16550
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart1: <16550 or compatible> at port 0x2f8 irq 3 on isa0
root@OPNsense:~ #

root@OPNsense:/ # pstat -t
LINE INQ CAN LIN LOW OUTQ USE LOW COL SESS PGID STATE
ttyu0 23040 0 0 2304 23064 0 2307 11 61067 61067 ICOil
ttyu1 0 0 0 0 0 0 0 0 0 0 IC
ttyv0 0 0 0 0 0 0 0 0 0 0 -
ttyv1 0 0 0 0 0 0 0 0 0 0 -
ttyv2 0 0 0 0 0 0 0 0 0 0 -
ttyv3 0 0 0 0 0 0 0 0 0 0 -
ttyv4 0 0 0 0 0 0 0 0 0 0 -
ttyv5 0 0 0 0 0 0 0 0 0 0 -
ttyv6 0 0 0 0 0 0 0 0 0 0 -
ttyv7 0 0 0 0 0 0 0 0 0 0 -
ttyv8 0 0 0 0 0 0 0 0 0 0 -
ttyv9 0 0 0 0 0 0 0 0 0 0 -
ttyva 0 0 0 0 0 0 0 0 0 0 -
ttyvb 0 0 0 0 0 0 0 0 0 0 -
pts/0 7680 0 0 768 7688 0 769 0 49788 96934 Oi
root@OPNsense:/ #

I don't think there are serial interfaces available on sense side.... ANd I have no clue ho to get to the BIOS of this LES without VGA.

chemlud · August 26, 2021, 08:33:02 PM

Details on hardware?

EddZig · August 26, 2021, 09:50:53 PM

Unfortunately nothing. The previous vendor sold the device as "LES v3". No more details except of the picture.
I am wondering how to manage a device on BIOS level w/o VGA...

oneplane · August 26, 2021, 10:29:27 PM

Generally such a BIOS would be managed over the serial port or in-band like coreboot.

Are you using a null-modem cable? Some USB-to-Serial adapters require that if you are going host-to-host.

Also test your serial port by shorting TX and RX on your USB-to-Serial to see if the cable at least works.

~~Regarding the hardware: check if there is a number on the other side of the PCB that shows what it is.~~

It's a normal APU 2d board. https://pcengines.ch/apu2.htm There are two serial ports and there is coreboot instead of a legacy BIOS. Probably the apu2e2 or apu2e4. There are two serial ports, the classic COM port and a 3v3 COM2.

https://www.pcengines.ch/ht_com.htm "Use a DB9 female to female null modem cable" and "115200 8N1 no flow control".

Also: "The serial console can be disabled in BIOS setup if you need the serial port for an external device. To get the serial console back, please press the small pushbutton switch S1 while powering up the board. You can then change the setting in the BIOS."

They have more pages: https://pcengines.ch/howto.htm#serialconsole

So there you go!

cookiemonster · August 26, 2021, 11:33:12 PM

Indeed looks like an APU2. I have one just don't ask me about putty. I use minicom (linux) to connect directly.
The settings:

Code Select

% sudo dmesg | grep uart
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart0: console (115200,n,8,1)
uart1: <16550 or compatible> port 0x2f8-0x2ff irq 3 on acpi0

Now, it is normally running coreboot as bios.
I was going to write exactly what oneplane wrote so I won't repeat but if you want I can confirm how to connect with minicom. It can be a little temperamental. I had to buy another null cable, the one I normally used for a switch would just not work. Also I've now labelled the cable ends. It would normally connect easier one way but not the other and it should not make a difference.
The point is that it might sometimes look like it doesn't work but it eventually does.

EddZig · August 27, 2021, 08:58:38 AM

All!

I honestly appreciate all of your help! At this point in time I believe it doesn't make sense anymore to burn more hours ($$$) on additional trials to get that running.

Rather, I think the time has come and I need to replace the hardware. The best thing to do on this occasion is also to create redundancy/failover solution.

Again, many thanks for all of your help!

Best
EddZig

Connection to console via serial port not possible

EddZig

August 25, 2021, 04:46:21 PM

chemlud

August 25, 2021, 05:41:09 PM #1

EddZig

August 26, 2021, 09:14:24 AM #2

chemlud

August 26, 2021, 09:29:10 AM #3 Last Edit: August 26, 2021, 09:32:11 AM by chemlud

chemlud

August 26, 2021, 09:31:27 AM #4

EddZig

August 26, 2021, 09:46:55 AM #5

chemlud

August 26, 2021, 09:50:18 AM #6

EddZig

August 26, 2021, 10:01:35 AM #7

EddZig

August 26, 2021, 10:14:29 AM #8

EddZig

August 26, 2021, 03:51:55 PM #9 Last Edit: August 26, 2021, 04:02:38 PM by EddZig

chemlud

August 26, 2021, 08:33:02 PM #10

EddZig

August 26, 2021, 09:50:53 PM #11

oneplane

August 26, 2021, 10:29:27 PM #12 Last Edit: August 26, 2021, 10:44:28 PM by oneplane

cookiemonster

August 26, 2021, 11:33:12 PM #13

EddZig

August 27, 2021, 08:58:38 AM #14