Turn old watchguard into pfsense router

[Sir-robin10]

Hellowa

 

So I'm having an old watchguard x700 here (which costed me 100 euro) and I kinda want to make a pfsense box from it. Now it was flashed before with pfsense, but I had reset the system (in pfsense itself) and everything stopped working... I don't really want to just throw away the firebox (since it would be the same as throwing 100 euro away and as a student, I don't have a really big income, so high expenses are not what I really can affort...

 

Does anyone have a suggestion? Can be a new (cheap) server or something along those lines... In the discord someone gave me the following links;

 

https://www.jetwaycomputer.com/1U-Rackmount-Barebones.html

https://www.gigabyte.com/Motherboard/GA-IMB310N-rev-10#ov

 

In which the first link looks really what I'd need (could use it as a switch I think/hope)

 

but I really have nu idea.... And what the prices would be neither...

 

Some requirements I have are,

 

- More then 2 ports (prefer 6 or more)

- I'd LOVE 1gbit at least

- POE is not required at all

- Capable of supporting 5 VPN clients at the same time (will almost never hapen)

- rack mountable (however I don't have a rack, yet)

- not tooooooo loud, since that firebox is loud as hell (it sounds like a hairdryer)

- Please, don't go over 100 euro.... That's a "big" investment for me as a student...

 

I hope someone can help me out here,

 

side info: I live in belgium

[dalekphalm]

Have you tried following this guide?

https://forum.netgate.com/topic/7024/successful-install-on-watchguard-firebox-x700

[Sir-robin10]

4 minutes ago, dalekphalm said:

Have you tried following this guide?

https://forum.netgate.com/topic/7024/successful-install-on-watchguard-firebox-x700

Yes I have, I just don't know what pfsense version I can use for the boot. I tried alot of them but nothing seems to boot....

[Mikensan]

That's from 11 years ago and I highly suspect that CPU is x86 being a Celeron... I can't remember when pfSense went full x64 so I don't know which version to tell you to install.

 

You don't need to buy brand new for a pfsense router, but the two things I would look for are x64 (just about everything in the last 9 years) and AES NI. Look to see what a dell R210 II would run you, for me it is.around $200.

 

Also give a look at edgerouters, they're very capable. Then if you ever get a server to use as a lab you can virtualize extra things like piHole for DNS filtering or nginx/haproxy/traefik for reverse proxying etc...

 

https://amzn.com/B00YFJT29C

 

[Falconevo]

I think the last version of pfSense to have full 32bit CPU support was 2.3.*, 

 

There's a public historical repo below with 2.3.5 which should function on the x700 but you won't be able to update to 2.4.* onwards as the support has been dropped.

 

https://mirrors.xmission.com/pfsense/downloads/

ISO https://mirrors.xmission.com/pfsense/downloads/pfSense-CE-memstick-2.3.5-RELEASE-i386.img.gz

 

Keep in mind that the x700 watchguard has no AES-NI support or any real performance.  Attempting to use it for a connection over 100M will likely lead to poor performance, would recommend getting something more sensible with later hardware that has AES-NI support so you can keep up to date with later pfSense releases.

[GuruOfNothing]

SHS... Student Hardware Syndrome... that is what I call your current issue. Big dreams and no money. So been there.

 

First of all, there is no such thing as a "cheap server". There is cheap hardware turned into a server but cheap is a relative term. The first common mistake made by individuals with SHS is that they want to take inexpensive hardware and create some sort of LAN to share gaming and media on. That means LOTS of bandwidth moving around and "cheap" hardware makes that horribly unstable. There is no substitute for good backbone when doing this kind of thing. pFSense will require a decent amount of CPU power if you are planning on cranking a lot of data through it since it has to process everything you whack at it. I would shy away from 32 bit processors for that reason unless it is just going to be you that is using the data pipe. A simple PC can do the job if you give it 4 MB of memory to work with and all you need is 2 ethernet ports... one WAN and one LAN. Add a switch to the LAN and you can have all the ethernet ports you want. Your LAN can be fast as hell and the pFSense box doesn't have to do the heavy lifting. I bought a used Dell x64 AMD computer for $50 and added a 2 port NIC. Installed x64 version of pFSense and it is stable as can be. Add on Snort and pFBlocker and you have whole home adblocking as well as intrusion detection. I am into that box about $63 US.

[Jarsky]

As pointed out by Mikensan, those old Firebox's are x86 (32-bit). I used to have an x750e with pfSense, and they were fantastic 10 years ago. 

If you have slow internet then sure they'll still be good if you get an old 2.2.6 - 2.3 version of pfSense then you can still run it, but it only supports up to 100Mbit with the LAN ports (nor would the CPU keep up with gigabit routing anyway). 

 

If you really want to go custom install, then you can't really go past a Dell R210 ii for up to gigabit.

 

Netgate make a range of pfSense appliances like the SG-1000 & SG-1100. 

Despite running pfSense out of the box, theyre also low powered ARM devices, so very good on power