Le Goût du Libre

User Tools

Site Tools

Trace: opnsenseonvelocloudedge510
opnsenseonvelocloudedge510

This is an old revision of the document!

OPNsense installer preparation and router coreboot configuration
  1. Get the OPNsense VGA installer (yes, VGA) at https://opensense.org/download and create a USB installer from it using BalenaEtcher or your preferred method
  2. Remove the small metal plate on the back of the router, at the right of the network ports, this will expose a mini-USB port. Connect a mini-USB cable into the device, and the other end to your PC.
  3. Using a program like Putty, connect at 115200 Baud, and connect the power cable in the router, you should see some output as it boots up. Allow it to boot into VeloCloud OS.
  4. The default login is root, password is VeloHelloXXX (XXX=last-3 of S/N on bottom of device)
    1. If this doesn't work, reboot and watch closely, there will be a prompt offering to press f and ENTER to enter fail-safe mode
      1. Run the two commands below to change the root password
        mount_root
echo -e "youpassword\nyoupassword" | passwd root
      2. Reboot device and login with new password
  5. Once logged in,
    cd /root
  6. From there, let's configure the network. Connect a network cable from your router or switch to the 4th port (GE4) and allow it to establish a link and connect. Connect your computer to port 1 (GE1).
  7. Change to the existing firmware directory: 
    cd /root/firmware
  8. Grab a copy of the modified corebooot firmware :
    wget https://raw.githubusercontent.com/PhoenixSheppy/VeloCloud-Edge-510-OPNsense-Conversion-Guide/refs/heads/main/firmware/2017-4-10-coreboot.rom 
velocloud vc-edge:~/firmware  - wget https://raw.githubusercontent.com/PhoenixShep
py/VeloCloud-Edge-510-OPNsense-Conversion-Guide/refs/heads/main/firmware/2017-4-
10-coreboot.rom
Connecting to raw.githubusercontent.com (185.199.108.133:443)
2017-4-10-coreboot.r 100% |*******************************|  8192k  0:00:00 ETA
velocloud vc-edge:~/firmware  -
  9. Change directory again :
    cd ..
  10. Let's update the DMI (Desktop Management Interface) data region in the firmware image: 
    ./dmi-tool -u firmware/2017-4-10-coreboot.rom
Updating flash with current DMI info ...
Current DMI:
decoding ...
SN=CKPG933, UUID_str=a04d141b-0ff4-4e25-bbf0-ded5867a5296, BSN=PH0TTRNNNBP7L1, pname=2R0220 bversion=haEDG
Done. Please power cycle the board if the flash has been updated
  11. Follow that with this command: 
    ./dmi-tool -w -p EDGE510 -v 1
Programming DMI  ...
Current DMI:
decoding ...
SN=CKPG933, UUID_str=a04d141b-0ff4-4e25-bbf0-ded5867a5296, BSN=PH0TTRNNNBP7L1, pname=2R0220 bversion=haEDG
Updating current DMI..
No new system SN provided, using the current system SN
No new UUID provided, using the current UUID.
No new Board SN provided, using the current Board SN
Done. Please power cycle the board if the flash has been updated
  12. Finally, let's flash that firmware : 
    flashrom --programmer internal --write firmware/2017-4-10-c
oreboot.rom
flashrom v0.9.8-r1888 on Linux 3.14.79 (x86_64)
flashrom is free software, get the source code at http://www.flashrom.org

Calibrating delay loop... OK.
coreboot table found at 0x7fbee800.
Found chipset "Intel Avoton/Rangeley".
This chipset is marked as untested. If you are using an up-to-date version
of flashrom *and  * were (not) able to successfully update your firmware with it,
then please email a report to flashrom@flashrom.org including a verbose (-V) log.
Thank you!
Enabling flash write... OK.
Found Winbond flash chip "W25Q64.V" (8192 kB, SPI) mapped at physical address 0x00000000ff800000.
Reading old flash chip contents... done.
Erasing and writing flash chip... Erase/write done.
Verifying flash... VERIFIED.
velocloud vc-edge:~  -
  13. To finalize, the watchdog timer that reboots the systems and prevents from running another OS has to be disabled. Run the following command:
    i2cset -y 1 0x24 0x00 0x00 && i2cset -y 1 0x24 0x01 0x00

After you've run those two commands, your device is ready to install OPNsense.

OPNsense live boot from USB VGA installer
  1. Unplug the power cable, plug the OPNsense VGA installer USB key prepared previously in either USB port.
  2. Remember to have the mini-USB cable plugged into the serial port
  3. Unplug the network cable from the GE4 port and plug it into the GE2 port. This is where OPNsense will search for and configure its WAN connection.
  4. Plug a network cable from your PC into the GE1 port. This is where OPNsense will configure the LAN and provide DHCP leases. Make sure your PC connection to the router is stable, if you loose the SSH connection to the router during installation (for example, by your PC going into sleep mode), you will have to start over from that step.
  5. Plug the power cable again. The boot sequence will take 3-4 minutes, be patient.\\The serial output should scroll by and briefly show the OPNsense logo and menu. The last few lines of output should look something like:
    /boot/kernel/carp.ko size 0xfb90 at 0x244d000
/boot/kernel/if_gre.ko size 0xaa30 at 0x245d000
/boot/entropy size=0x1000

After 3-4 minutes, you should be able to ping the router at 192.168.1.1.

OPNsense installation via SSH
  1. The installer can the be launched by SSH, from your PC in a terminal:
    $ ssh installer@192.168.1.1
  2. When prompted, enter the password : opnsense\\The installer should launch. All questions can be kept as default except the following :
    1. At the second step, choose UFS/UEFI Hybrid. ZFS is ideal on systems with more storage and resources, but not practical on this configuration. You can decide to try it anyways, this is a homelab device to experiment.
    2. At the third step, choose the internal storage eMMC storage as target for installation. This will replace the factory Velocloud OS. In this example an external 64GB USB key used for the installer was detected as da0, the other storage (da1) indicating 7GB is the internal storage.
  3. After that, proceed with defaults. You will see progress indicators. This should take under 8 minutes.
  4. You can then change the root password (default is opnsense), or just choose Complete Install.
  5. Next step, choose Reboot and the serial output should show the boot sequence, showing the text OPNsense logo and menu, and messages, as above. Again, this will take 3-4 minutes.
References
opnsenseonvelocloudedge510.1762355428.txt.gz · Last modified: by Fabián Rodríguez