Jump to content

Recommended Posts

Posted

Wondering if it is possible to replace pfsense (freebsd 14) with Armbian on a netgate sg-2100 appliance? https://shop.telappliant.com/product/sg-2100-pfsense-security-gateway-appliance/
I have the version with an additional 32GB M.2 SSD and it looks like the mvebu_armada-37xx board is supported by the generic Armbian, but I struggle to get from u-boot to starting the installer from usb (used the Armbian_23.5.1_Uefi-arm64_bookworm_current_6.1.30_minimal.img), with the usbboot command.
Below is the current u-boot environment. I have masked some parts with "xxxxx" and probably won't need half of these variables, as they are very vendor specific, for example netgateid etc.

If possible, I would like to flash/replace the boot loader that is not specific for pfsense, but I am a total beginner with arm boards and boot loaders. Not as easy as installing various Linux distros...

 

Marvell>> printenv
arch=arm
baudrate=115200
board=mvebu_armada-37xx
board_name=mvebu_armada-37xx
boot_file=efi/boot/bootaa64.efi
bootcmd=run setLED; run mmcboot; run scsiboot; run usbboot; run net;
bootdelay=2
cpu=armv8
dmi_board_mfg=Silicom
dmi_board_name=xxxxxxxx
dmi_board_serial=xxxxxxxx
dmi_board_ver=R301
dmi_chassis_mfg=Silicom
dmi_chassis_serial=xxxxxxxx
dmi_chassis_ver=R301
dmi_sys_mfg=Silicom
dmi_sys_name=SG-2100
dmi_sys_serial=xxxxxxxx
dmi_sys_ver=R301
dtb_name=armada-3720-sg2100.dtb
eth1addr=xxxxxxxx
ethact=neta@xxxxxxxx
ethaddr=xxxxxxxx
ethprime=eth0
fdt_addr_r=0xc00000
fdtcontroladdr=7f623360
gatewayip=xxxxxxxx
ipaddr=0.0.0.0
kernel_addr_r=0x1000000
load_dev=usb
loadaddr=0x1000000
mmcboot=mmc rescan; setenv load_dev mmc; if fatls ${load_dev} 0:2 /; then run pfsenseboot; fi;
net=dhcp; tftp ${fdt_addr_r} ${dtb_name}; tftp ${kernel_addr_r} loader.efi; fdt addr ${fdt_addr_r}; fdt set / sn ${dmi_sys_serial}; bootefi ${kernel_addr_r} ${fdt_addr_r};
netgateid=xxxxxxxx
netmask=255.255.255.0
pfsenseboot=load ${load_dev} 0:2 ${fdt_addr_r} ${dtb_name}; load ${load_dev} 0:1 ${kernel_addr_r} ${boot_file}; fdt addr ${fdt_addr_r}; fdt set / sn ${dmi_sys_serial}; bootefi ${kernel_addr_r} ${fdt_addr_r};
pxefile_addr_r=0x2000
ramdisk_addr_r=0x2000000
rootpath=/srv/nfs/
scsiboot=scsi reset; setenv load_dev scsi; if fatls ${load_dev} 0:2 /; then run pfsenseboot; fi;
serverip=0.0.0.0
setLED=i2c dev 1; i2c reset; i2c mw 67 ff 0; i2c mw 67 0 1; i2c mw 67 f 20; i2c mw 67 3 40; i2c mw 67 26 0; i2c mw 67 10 0;
soc=mvebu
stderr=serial@12000
stdin=serial@12000
stdout=serial@12000
usb_pgood_delay=4000
usbboot=usb reset; setenv load_dev usb; if fatls ${load_dev} 0:2 /; then run pfsenseboot; fi;
usbrecovery=mmc erase 0 400000; run usbboot
vendor=Marvell



 

Posted

Hi saitama... I'm in the midst of trying to install Armbian on a Netgate SG-1100, which is a similar (?) ARM-based hardware device. It's based on the Espressobin but I think it shares some of the same quirks, including some odd Uboot stuff.

 

Did you get yours working and running Armbian? TBH I actually would like to get mine running stock BSD of some sort, rather than Linux, but I thought Armbian would be a good test to see if an OS other than PFSense is even viable on the hardware to begin with.

Posted (edited)

Hi Jimmay. No progress yet. Since my post here I've spent time learning the basics of u-boot and reviewed some files/scripts located on the latest pfsense plus image, which contains the necessary device tree (dtb) files for both of our netgate appliances. To my understanding, those dtb files are required for a custom armbian image or probably more luck with freebsd. 

If you have access to the latest pfsense plus image ( you need to contact netgate TAC and provide the netgate appliance ID/serial), you could check out the content of the dtb files and the netgate recovery script found under /etc/rc.recovery, which seem to do the magic by setting up u-boot, format partition and flash the image (pfsense plus),

 

Doubtful if it would work work to build a generic Armbian image for personal use with the dtb files? Will give it a few more tries and if all fails, I sell the damn thing and get supported hardware instead 😀

Edited by Saitama

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines