How to load m0n0wall onto a WatchGuard Firebox x500, x700, x1000, x2500

CAUTION!  The power supply in the Firebox x series is exposed when the firebox cover is removed



DO NOT apply AC power to the firebox while the cover is off or you will be in risk of electrical shock!  Make sure to remove the AC power cord and wait for 30 min before opening the firebox to give the capacitors time to drain!


Warning!  This procedure will void your warranty and remove the Fireware or Fireware Pro OS from your firebox!  WatchGuard will not help your restore your system!  Proceed at your own risk!.

1. Items needed:

a. Firebox xCore hardware (note that the x500, x700, x100 and x2500 are all the exact same hardware)

b. Philips screwdriver

c. WatchGuard serial console cable

d. CF Card reader

e. Physdiskwrite (download from

f. physGUI (download from

g. Generic PC image of m0n0wall (download from or for the beta release) the file will be named “generic-pcxxxxxx.img” where xxxxxx is the version number.

h. PC with a serial port or a USB to Serial adaptor

i. Terminal emulation program that support serial hardware

j. 20 min of time

2. Open the firebox.

a. Remove the drive tray by lifting the flap on the right side of the firebox front, unclip the 2 grey plastic pieces under the cover and pull them forward.  Pull the drive tray out of the firebox.

b. Remove the 15 black Philips screws from the firebox.  The sides may or may not have a rackmount ear.  There are 6 screws on each side and 3 on the back.  The 8 longer screws go to the 4 holes on each side that are close to the front of the firebox and mount the rack ears.

c. Remove the cover by pushing it toward the back of the firebox.  It should slide back about 2 inches, and then you can lift the cover up and off.

d. Remove the IDE44 cable from the back of the drive holder. Then remove the 4 silver screws holding the drive holder in place.  You can then pull back on the drive holder and lift it out.

3. Flash the CF card.

a. One you have the drive holder removed you should see a 64mb CF card in a holder located at the rear of the firebox under where the drive holder was.

b. Cut the “warranty voiding” sticker to allow the CF card to be removed.

c. There is no ejector for the CF card so remove the CF card by applying slight pressure on the top of the card with your fingers and pull it toward the front of the firebox.

d. Extract the Physdiskwrite.exe and PhysGUI.exe files to a known directory (i.e. c:PhysDisk).

e. Place the m0n0wall image file into the same directory.

f. Insert the CF card into the card reader on your pc and start phyGUI, highlight the CORRECT drive.  Pay extra special attention to the drive size and interface!  If you select the wrong drive you could wipe out your PC’s HDD!

g. Right click on the highlighted line and select “Image laden” and then “Öffnen”

h. A file dialog will open, path to the m0n0wall image file and click open.

i. You will get a warning message, DO NOT CHECK the “Remove 2GB restriction” box just click the OK button.  This is here as an attempt to keep you from writing to your PC’s HDD by mistake, unless you check that box you shouldn’t be able to write to drives bigger then 2GB and since the CF card is 64MB that’s fine.j. You will get another warning. Click “YES”

k. You should see a command window for a few second counting up as data is written to the CF card.

l. When you get the “PhysDiskWrrite beendet.” Message  your CF card is ready.

k. Replace the CF into the firebox.

l. Replace the drive holder and reconnect the IDE44 cable (optional)

m. Replace the firebox cover

n. Replace the drive tray (optional)

4. Set up m0n0wall

a. Connect power to the firebox and turn it on.

b. Connect the grey serial cable that came with the firebox to the firebox console port and your PC’s serial port.

c. Start your terminal emulator and select the COM port that the firebox is connected to, use 19200baud 8/n/1 communication settings.

d. Press enter and you should see the m0n0wall console screen.

e. When asked to set up the vlan select n and enter, you can set up vlans using the web interface once your systems ports are configured.

f. When asked to name the WAN port use re0 (this corresponds to the 0 port on the firebox that is labeled as “External”

g. Use re1 for the LAN port, re2 for OPT1, re3 for OPT2, etc. (you can see the mapping in the above screen shot.

h. Reboot the m0n0wall (it’s no longer a firebox!)

i. Connect a cat5 cable to the port labeled “1” on the front of the m0n0wall and to a network hub/switch or you can use a crossover cable to connect directly to a PC.

j. On a PC connected to the same network hub or connected to the m0n0wall use a web browser to go to the address shown on the console screen (default is by typing into the address bar of the browser.

k. Enter “admin” as the user and “mono” as the password when prompted.  If you see the m0n0wall screen your all set!  Use the information provided at to finish your configuration.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
This entry was posted in How To Guides and tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , . Bookmark the permalink.

Comments are closed.