[talk] some pfSense, APU notes
Patrick McEvoy
mcevoy.pat at gmail.com
Wed Sep 24 14:36:17 EDT 2014
George Rosamond wrote:
> Posting here someone on talk@ or via a search engine, might find it useful.
>
> The APU is PCEngines most recent board, replacing those well-loved Alix
> boards. They are 64-bit, and have either 2G or 4G of RAM. mSATA SDD,
> SD Card storage.
>
> http://pcengines.ch/apu.htm
>
> Since the APUs run hot, mounting the heat sink pad is critical. Rumor
> has it there's a few degree cooler on the mobo if you use the black case
> as opposed to the other ones.
Should you be unlucky enough to knock your heatsink off/ need a new one,
here is the Netgate link for a replacement one. May you never need to
use this link:
If you're placing an order, add this to your order an extra heatsink:
http://store.netgate.com/APU-Heatsink.aspx
>
> When flashing to the newest and latest BIOS, USB sticks were
> unsuccessful. I used an SD card with syslinux from gooze.eu, and
> replaced the ROM file as per the most recent at the particular APU
> product description page.
>
> The PCEngines support forum (http://www.pcengines.info/) can seem more
> like an ugly bar fight, but hold your nose and peruse and you may find
> something useful.
>
> For pfSense on the APU with SD cards, I'm using the amd64-nanobsd version.
>
> Over serial, pfSense needs cu/tip/minicom speed at 9600, while the APU
> is set for 115200. Setting the speed to 9600 means the BIOS information
> is missed. Setting the speed to 115200 means pfSense seems to hang at
> the "choose a slice" stage, when it actually isn't. On pfSense, console
> speed can be tinkered under the System tab, then Advanced, and scroll
> down to "Serial Communications."
>
> The usual "mount root" error can be resolved by manually mounting the
> two slices on the SD card, and adding the following to
> /boot/loader.conf.local (preferable over /boot/loader.conf)
>
> kern.cam.boot_delay=10000
>
> I recommend making sure both slices boot. This can be done manually
> during the boot process, but can also be done through the "Diagnostics"
> tab, then "NanoBSD" in the first "Bootup Information" section.
>
> I'm guessing that recent pfSense upgrade problems I've been having on a
> variety of devices with flash media storage has to do with this.
>
> One (seemingly) stupid consideration for all devices requiring logins:
> change the default login name. Always. Brute forcing passwords is more
> difficult when the adversary is using the default login.
>
> HTH.
>
> g
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
More information about the talk
mailing list