OPNsense Firewall on MSI Cubi N

Leave a reply

I want to set up an OPNsense firewall on my MSI Cubi N microcomputer. So far, I have created a bootable USB stick with the OPNsense installer (OPNsense 24.7 VGA amd64) in my first post. I configured the MSI Cubi N to boot from the USB stick in my in my second post. Now it’s time to actually install OPNsense on the Cubi N.

Boot the MSI Cubi N with the OPNsense installer

  • Create a bootable USB stick with the OPNsense installer (see this post)
  • Connect a monitor and a keyboard to the Cubi N
  • Insert the USB installer stick into an USB port of the Cubi N
  • Configure the Cubi N to start from the USB stick (see previous post)
  • Start up the Cubi N with the power button
  • As soon as OPNsense logo shows up, press the Space key to set the boot options
    • If the OPNsense installer continues before you can hold it, you need to restart the Cubi N again.
  • Set the boot options (press the 7 key):
    • Verbose: on (click the 6 key)
    • Return to the main menu by clicking the Backspace key
  • Press the Esc key to exit the menu
    • A command prompt starting with OK is shown
  • Set the boot parameter:
    • This is required to because my Cubi N halts when booting up the OPNsense installer (see References).
    • Enter the command and press the Enter key – note the US keybord layout and that there is no space in the command except between set and the variable…)
      • set hint.uart.1.disabled=”1″
  • Now boot the OPNsense installer on the Cubi N:
    • Enter the command and press the Enter key
      • boot
  • The Cubi N boots with the OPNsense installer and finally shows a login prompt 🥳

Install OPNsense on the Cubi N

  • Login
    • User: installer
    • Password: opnsense
  • Keymap Selection
    • Swiss-German
    • move to the top menu: >> Continue with ch.kbd keymap
  • Task
    • Choose the Install (ZFS) option (ZFS GP/UEFI Hybrid)
      • The ZFS file system is in most cases the best option as it is the most reliable option, but it does require enough capacity (a couple of gigabytes at least)
  • ZFS Configuration
    • Select the stripe option for the virtual device type.
      • The default option (stripe) is usually acceptable when using a single disk.
    • Select the disk nda0 Phision 128 GB by pressing the space key
      • This is actually the single disk in the Cubi N
    • Last Chance: confirm with selecting Yes and pressing Enter
  • Installation progress
    • Wait and hang on tight…
  • Final Configuration
    • Set the Root Password
      • Define the root password and enter it twice
    • Complete Install
      • Select and press Enter to reboot
  • My Cubi N reboots from the USB stick… So I shut it down again and remove the USB stick

Start OPNsense on the Cubi N

When trying to start OPNsense on the Cubi N from the internal disk, the boot process hangs after the OPNsense logo at the same position as during the install…

  • Remove the USB stick
  • Press the power button
  • The Cubi N starts OPNsense and shows the boot logo
  • OPNsense hangs with the lines:
    ns8250: UART FCR is broken
    ns8250: UART FCR is broken
    uart0: <16550 or compatible> at port 0x3f8 irq 4 flags 0x10 on isa0
    • Well, I had that issue before🤔
    • I’ll need to persist that setting that I manually changed in the boot loader…
  • Turn off the Cubi N with the power button
  • Start the Cubi N again with the power button
  • As soon as OPNsense logo shows up, press the Space key to set the boot options
    • Set the verbose mode as described above
    • Exit with Esc to the loader prompt
  • Set the boot parameter:
    • This is required to because my Cubi N halts when booting up the OPNsense installer (see References).
    • Enter the command and press the Enter key – note the US keybord layout and that there is no space in the command except between set and the variable…)
      • set hint.uart.1.disabled=”1″
  • Now boot OPNsense
    • Enter the command and press the Enter key
      • boot
  • OPNsense is booting up
  • Login
    • root
    • my secret password 🤐
  • The console now shows some options:
0)  Logout                        7)  Ping host1)  Assign interfaces             8)  Shell2)  Set interface(s) IP address   9)  pfTop3)  Reset the root password      10)  Filter logs4)  Reset to factory defaults    11)  Restart web interface5)  Reboot system                12)  Upgrade from console6)  Halt system                  13)  Restore a configuration
  • Press the 8 key and Enter to enter the shell with a command prompt
  • Edit the /boot/device.hints file with vi:
    • enter the boot directory in the root folder with the cd command
    • cp device.hints device.hints_original_backup
    • vi device.hints
  • Editing files in vi is a nightmare. Best check first one of the links below…
    By pressing the d and a key, one can delete and append characters from the cursor position, respectively.
  • I replaced the hint.uart.0 and hint.uart.1 entries with theses lines:
    hint.uart.0.disabled=”1″
    hint.uart.1.disabled=”1″
  • Write the file with this command (the file is write protected, thus the “!”):
    :w!
  • Exit vi with
    :q!
  • I left the shell command prompt, probably by typing exit
  • This brought me back to the OPNsense menu with the 13 options (see above)
  • I used the reboot option (#5)
  • Now the Cubi N starts successfully OPNsense without any issues and finally shows the login prompt!
    🥳🥳🥳

Note

I tried to reset the BIOS settings, to the default values as described in my first post. However, the Cubi N didn’t boot up anymore with these settings. So, I restored my changed settings from my post about booting the MSI Cubi N from the USB stick.

References

OPNsense

MSI Cubi N

OPNsense boot up issue

OPNsense installation

vi

Leave a Reply

Your email address will not be published. Required fields are marked *