THE STEPS OUTLINED IN THIS ARTICLE WILL VOID THE WARRANTY OF THE CITRIX NETSCALER AND ARE NOT RECOMMENDED FOR PRODUCTION USE.
I had a few old NetScaler MPX 5500 appliances laying around in the lab and set out to see if I could re-purpose one as a firewall. I grabbed a 128GB SSD online and started testing to see if I could get pfSense CE installed.
Hardware: Citrix NetScaler MPX 5500. This appliance contains the following ports:
- RS232 serial console port.
- Two 10/100/1000Base-T copper Ethernet management ports, numbered 0/1 and 0/2 from left to right. You can use these ports to connect directly to the appliance for system administration functions.
- Four 10/100/1000Base-T copper Ethernet ports numbered 1/1, 1/2, 1/3, and 1/4 from left to right.
Software: pfSense Community Edition (https://www.pfsense.org/download/)
- Version: 2.4.3
- Architecture: AMD64 (64-bit)
- Installer: USB Memstick Installer
- Console: Serial
- Filename: pfSense-CE-memstick-serial-2.4.3-RELEASE-amd64.img
The SSD I went with was this Mushkin TRIACTOR-3DL – 128GB SSD (MKNSSDTR128GB-3DL). It was only $38.99 at the time on Amazon, figured why not.
I started by reading up on the installation steps and documentation on the pfSense site (https://doc.pfsense.org/index.php/Installing_pfSense#Installer_ISO.2C_Memstick_or_Memstick_Serial.3F). Looks pretty straight forward, right? First step following the download was to get this image over to a USB thumb drive. I read this article regarding getting these images to a thumb drive for installation on the Netgate hardware (https://www.netgate.com/docs/reference/create-flash-media.html) and decided to use Rufus to write the image (https://rufus.akeo.ie/).
The USB thumb drive: I started this process by using my newer “Samsung 32GB BAR (METAL) USB 3.0 Flash Drive (MUF-32BA/AM)”. Looks great, but I ended up having issues during boot of the pfSense installer. I ended up switching over to my older “Corsair Flash Survivor Stealth 32GB USB 3.0 (CMFSS3-32GB)”. Boy did things progress quickly after I figured out the thumb drive was my issue.
Ok. Now I have the pfSense installer written to my USB drive, inserted the USB drive into the port on the back of the MPX, installed the Mushkin SSD into the drive tray, and inserted the SSD into the back of the MPX appliance. I also removed the compact flash (CF) card that comes in the NetScaler, as it won’t be needed to run pfSense.
The next step is to connect up a console cable from my laptop to the RS232 port on the MPX. Using your favorite terminal application, I’m using PuTTy, we can view the output from the MPX and complete the installation. To see the output of the NetScaler MPX boot process, you need to configure the terminal session to support VT100 terminal emulation, 9600 baud, 8 data bits, 1 stop bit, parity, and flow control set to NONE. From here you may need to hit the DELETE key during boot to get into the BIOS (there isn’t any indication here, just hit it when text appears). You can now adjust the boot order and move the USB drive seen to a higher priority than the SSD.
Lesson learned: pfSense uses a different set of settings for serial console output. You will need to reconfigure the console sessions for 115200 baud, 8 data bits, 1 stop bit, parity, and flow control set to NONE. See the details on this here (https://doc.pfsense.org/index.php/Connecting_to_the_Serial_Console).
Now that we’re connected to the MPX, adjusted the boot order in the BIOS, reconfigured the console session with the new settings, we are now ready to install pfSense. Go ahead and boot up the MPX, we should see the installation output for pfSense. This procedure is quite simple and you can follow the steps listed in the documentation.
After installation, you can configure the port and IP assignments. I found the ports were from right to left (igb0 = 1/4, igb1 = 1/3, igb2 = 1/2, igb3 = 1/1, igb4 = 0/1, igb5 = 0/2). Now you’re ready to get configuring pfSense into your lab on a NetScaler MPX.
Let me know if you have any questions and thank you for reading!