Hi all,
Time for a quick post 🙂
If you have an old Sophos SG appliance laying around, don’t throw it out, it runs the free PFSense Community Edition just fine 🙂
For VGA install:
Attach a HDMI Monitor and a USB keyboard to the device.
Download installer here:
Download pfSense Community Edition
Use RUFUS to create a bootable USB stick and choose the downloaded PFSense Image.
Boot the appliance from the USB stick.
Choose the standard settings in the installer, and choose the disk to install PFSense to.
After reboot, set up the intial settings (All PFSense releated and not covered here)
Now to get the LCD working for the 1U rack mount SG devices 🙂
Install the LCDPROC package in PFSense package manager, and setup like this:
To add a little extra “hello” and “goodbye” messages, for fun, edit the file:
/usr/local/etc/LCDd.conf
[server]
DriverPath=/usr/local/lib/lcdproc/
Driver=hd44780
Bind=127.0.0.1
Port=13666
ReportLevel=3
ReportToSyslog=yes
User=nobody
Foreground=no
ServerScreen=no
Hello=” IKT-PEOPLE APS”
Hello=”+45 70 40 50 28″
GoodBye=”Firewall”
GoodBye=”shutting down…”
WaitTime=5
TitleSpeed=5
ToggleRotateKey=Enter
PrevScreenKey=Left
NextScreenKey=Right
ScrollUpKey=Up
Restart service “service LCDd onerestart”
Result:
This is a tiny bit (but only a tiny bit) overoptimistic. Sophos devices generally work very well with pfSense, but there are exceptions.
Specifically, every SG 105 I’ve tried gets stuck when it boots pfSense from USB. Pretty early, too; it can’t load a specific kernel module (I forget which, since it’s been a while). As far as I can tell, this has something to do with the fact that SG 105 (at least up to Revision 2, inclusive), despite having a 64-bit processor, has a 32-bit BIOS, which is no longer supported on pfSense. So pfSense just can’t deal with it and hangs on boot. Incidentally, OPNsense has an identical issue, which leads me to believe that this goes all the way down to FreeBSD…
This said, both OpenWrt and IPFire install and run on SG 105 with zero issues.
Thanks for the info 🙂
I have only tried with SG2xx and up, they worked perfect 🙂
Best regards
Martin
Meanwhile, I am happy to report that I just installed pfSense on two SG 125 rev 2 units and have experienced no problems. So SG 125 definitely works with pfSense (at least in revision 2), and the only question mark I have now is SG 115…
Thanks for sharing – great job 🙂
Best regards
Martin
Nick and Martin,
I was able to install pfSense on a SG 115 just the other day thanks to the forum post linked below.
Here are the instructions I followed (from user pfme):
In BIOS Settings:
Advanced menu > USB Configuration > Disable “Port 60/40 emulation”
Reboot, at the PFSense menu, select option 3 and type:
set kern.vty=”sc” press Enter
boot press Enter
After install, add to the loader.conf file:
In shell mode type vi /boot/loader.conf then Enter
Add kern.vty=”sc” to the last line
Type :wq then Enter
Type reboot then Enter
Hope this helps!
https://forum.netgate.com/topic/133355/installing-pfsense-on-sophos-xg-105-rev-2/
Thanks for getting back on this og sharing the fix 🙂
Best regards
Martin
Matt,
Thank you for sharing this solution! I just tested it on a Sophos SG 105 Rev 2, and it worked without a hitch.