OPNsense on WatchGuard T70

Started by MiSC37, August 01, 2022, 08:26:22 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 01, 2022, 08:26:22 AM
Hi.   I thought it may be useful for someone else to hear about my experience with installing OPNsense 22.1.2 onto an old WatchGuard T70.  This device has a 1.6GHz Intel Celeron N3160 CPU, 2GB RAM (I know on the small side and it cannot be upgraded) and 16GB mSATA SSD.  It has 8 x 1GB ports.  However please note only ports 0, 1 and 2 work with OPNsense - Ports 3-7 from what I have read are proprietary switch ports.  There is a way to get them working as a basic switch and you can read about it from the links provided below.
I used the following from the pfSense forum as a base to know it was possible / get started.  It's a good resource for anyone interested giving it a try: https://forum.netgate.com/topic/151470/watchguard-firebox-t70

Parts required to get this to work
- WatchGuard T70 and power supply
- Very small Torx screw driver to remove screws from case - I believe it is a T6.  The one I used was a T6H
- Cisco console cable
- If you don't have a serial port in your computer, a USB to serial adapter
- SATA disk with power - used temporarily for installation purposes
- mSATA to USB or Optionally a larger blank mSATA drive


The steps I took were:
- Downloading the OPNsense image file: https://opnsense.org/download/    Select AMD64 and Serial as the image type
- Extract the img image file from zip
- Get a copy of HDD Raw Copy.  You can get the portable or installable copy from here: https://hddguru.com/software/HDD-Raw-Copy-Tool/
- Use HDD Raw copy to copy the img file onto a the temporary SATA disk.  I used a SATA SSD
- Remove case from T70 and remove the mSATA SSD.   Connect mSATA to PC.  Took a backup via HDD Raw Copy.  Wiped the drive (without wiping the disk, the WatchGuard will try to boot from this disk first)
- Install mSATA back into WatchGuard
- Connect temporary SATA disk with OPNSense image to SATA port.  Connect power to SATA disk (I used spare PC power supply)
- Connect console cable to console port on T70 and fire up Putty or other terminal emulator.   Set serial port to be: BPS=115200,Data Bits=8,Parity=none,stop bits=1, flow control (none)
- Power on WatchGuard.   You should see the BIOS / boot process happen in terminal emulator.   OPNsense runs in live CD boot mode by default.   To install to the mSATA disk login to OPNsense with username:  installer and password: opnsense
- Follow the prompts and it will install to the mSATA
- Once complete.  Power down the T70 and remove the temporary SATA disk
- Power on the T70 and it should boot from the mSATA as a fully installed instance
- You can now connect ethernet port of computer to port 0 in device to configure via browser on address:  https://192.168.1.1  Default username:  root  Password: opnsense

You can reconfigure the interface order to match the labelling on the WatchGuard by going to Interfaces - Assignments.   I have LAN set to be interface igb1 and WAN on igb0

I have upgraded the firmware to the recently released 22.7 from the web interface.
So far performance has been great.   I don't have a very complicated setup.  Internet is an odd 100Mb/5Mb FTTP with PPPoE.  I get over full speed in speed tests ` ~103/6Mbps.  I have basic IDS enabled in monitoring mode, 2 VLAN's and WireGuard VPN configured.  The CPU has not been stressed .  I have seen the RAM go into the 1.5GB range whilst testing.  However, whilst writing this the uptime is around 3 days and RAM is sitting at a low 34% (651/1913MB)
Print
Go Up Pages1
User actions