got proxmox installed on it, have it running currently completely off the wifi card, attempting an opnsense vm and passing through the nics to see if i can get it to work that way
Dell VEP/VMWare Edge/Velo Cloud SD-WAN/VeraCloud VEP1400/VEP1400-X firewall units
- Thread starter j_h_o
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
update got opnsense working as a proxmox vm, got the ix interfaces passed through, it's late will do more futzing around and set up the opnsense fired connections and test them out, make sure they work, then add a second vmbr and add a wired connection to proxmox, migrate over to that, pass the wireless card through to opnsense and see if i can flip it into an AP (this may work hardware pass through, not confident, may have to bridge it through to opnsense to get it to work as an AP)
I've got a edge 620 en route. Any progress on getting all the NICs working? Any recommendations for dumping as much of the factory images as possible before proceeding with any updates, etc? Just in case any of my files end up being useful for others... Thanks!
All the NICs work, including the switch, it's more of an issue to set them up in your RC/boot scripts to have them mapped out correctly (both on BSD and Linux). Native support is still a bit better on BSD, but on either OS you can map the ethernet switched ports to individual VLANs, or Q-in-Q interfaces, or you could bundle them all together.
As for the on-disk storage: I think the 620 has both the eMMC and the mSATA SSD, both should contain the Diag_OS and any SDWAN OS if it wasn't wiped.
Thanks oneplane. Any recommendations of commands to run when it gets here to dump all my various firmwares to files before updating anything? I'd feel a little better going down the rabbit hole with backups in hand.
If you boot any Linux disto over USB and it stays on for more than the default watchdog timeout you can use commands like `lsblk` to find out what devices it knows about (you can also use dmesg to see what hardware it sees).
There should be two internal devices, and they have multiple partitions. You should also see your USB drive as a separate device.
The eMMC device is usually something like /dev/mmblk* and the internal SSD something like /dev/sd* (but your USB drive will also be starting with sd).
All of this assumes you already had serial setup, so that might actually be step 0: get a USB-Micro-B (standard) cable and unscrew the little metal plate on the back that is covering up the USB-Serial interface. You can connect it (hot plug) to any device that has standard USB Serial driver support and open a serial console to the box. Depending on the OS you are using and your familiarity something like screen, minicom, SerialTools.app, PuTTY etc. can do the trick. More details on this are already in this thread, but what you need really depends on what you already know/have
As for dumping the internal devices, you can use DD or CP or gddrescue or anything like it to do a raw dump of the entire block storage device to a file, i.e. store it on a USB3 drive as a file and then transport that over to your workstation.
There should be two internal devices, and they have multiple partitions. You should also see your USB drive as a separate device.
The eMMC device is usually something like /dev/mmblk* and the internal SSD something like /dev/sd* (but your USB drive will also be starting with sd).
All of this assumes you already had serial setup, so that might actually be step 0: get a USB-Micro-B (standard) cable and unscrew the little metal plate on the back that is covering up the USB-Serial interface. You can connect it (hot plug) to any device that has standard USB Serial driver support and open a serial console to the box. Depending on the OS you are using and your familiarity something like screen, minicom, SerialTools.app, PuTTY etc. can do the trick. More details on this are already in this thread, but what you need really depends on what you already know/have
As for dumping the internal devices, you can use DD or CP or gddrescue or anything like it to do a raw dump of the entire block storage device to a file, i.e. store it on a USB3 drive as a file and then transport that over to your workstation.
It should be here in a few days; I'm quite familiar with linux overall, just wasnt sure if the fpga/cpld, flash, and it seems a PIC in there too might be useful to dump before running the updates in diagos. Dumping the emmc & SSD should be quick, just wasn't sure of the other devices.
For the other devices, it could be useful to get the current versions so we know if it's "up to date" or "newer". The Dell DiagOS has the tools to get the versions, but it depends a little on which version you get. Generally, the firmware payloads are located inside the VeloCloud/SD-WAN disks, so if those partitions still exist that would be the most interesting.
Minor detail. These have an RGB LED on the front. It defaults to white. If we can determine the relevant I/O, I can probably get it linked to Home Assistant or OpenWrt.
I think I have the I2C for that, it even has a PWM mode! Still have to dig the project back up before I can get back to it
Where do i find my serial # for the bios password? It's not on a sticker as i'd expect.
in diagos i see TW0GXYDHDNG0019T#### where #### is 4 digits. That with a ! on the end doesnt get me in bios where i can sort out my boot order and stop booting off usb to bypass the emmc that's first
in diagos i see TW0GXYDHDNG0019T#### where #### is 4 digits. That with a ! on the end doesnt get me in bios where i can sort out my boot order and stop booting off usb to bypass the emmc that's first
Last edited:
Hello,
As per the document at https://dl.dell.com/topicspdf/dell-emc-networking-vep1445-vep1485_release-notes1_en-us.pdf on page 21, you should be able to read the tag number while the unit boots off, using the console.
YMMV, but pretty much what I'm seeing when I boot off mine. So for the example above, pw would be 6FXFXC2 plus the usual '! '
Cheers,
I just wanted to say thank you for all of the information you have shared so far. I've got a VEP1400 that I was getting going by messing with the scripts from DiagOS. Would have been much easier if I'd come across this thread sooner.I think I have the I2C for that, it even has a PWM mode! Still have to dig the project back up before I can get back to it
Unfortunately I thought applying the BIOS and CPLD updates from the 1400X package (I missed the X...) was a good idea. I don't suppose you managed to make any progress in dumping the original BIOS and "CPLD" files in a usable format please? I have recently bought another unit but don't have the hardware to grab the dumps from it at the moment.
I don't know if it's still floating around on the public internet, but there's a custom ESXi 7 image for these devices. Back then, I was also able to get a free perpetual license. I've been running Home Assistant as test.
I recently went to play with passthrough and SR-IOV. Surprise! Those are not supported by the free license. So, I thought I'd try Proxmox. The recurring issue is that most bare-metal installs require a real display. The SD-WAN units can fake ANSI text mode over serial, but you'll eventually get stuck. Physical access to the SATA drive requires disassembly and removal of the processor heat sink (with recommended repaste). You could probably find some way to install to USB on another machine and then copy over the image. I had already removed the Wi-Fi module and replaced with an NVMe which only operates at PCIe 3.0(?) x1. That location is easy to get to on the top side of the PCB. I temporarily removed the NVMe and installed Proxmox using a desktop PC. Obviously, the initial network config is wrong and maybe some unnecessary drivers are installed, but it works when transplanted and properly configured. I thought about trying to get Proxmox copied over to the eMMC, but there's little point. It's only 15.6GB with questionable speed and durability. I have the Dell diagnostics there now and could probably piggyback some other 'rescue' tools.
What OS are other people running and how did you get it installed?
I recently went to play with passthrough and SR-IOV. Surprise! Those are not supported by the free license. So, I thought I'd try Proxmox. The recurring issue is that most bare-metal installs require a real display. The SD-WAN units can fake ANSI text mode over serial, but you'll eventually get stuck. Physical access to the SATA drive requires disassembly and removal of the processor heat sink (with recommended repaste). You could probably find some way to install to USB on another machine and then copy over the image. I had already removed the Wi-Fi module and replaced with an NVMe which only operates at PCIe 3.0(?) x1. That location is easy to get to on the top side of the PCB. I temporarily removed the NVMe and installed Proxmox using a desktop PC. Obviously, the initial network config is wrong and maybe some unnecessary drivers are installed, but it works when transplanted and properly configured. I thought about trying to get Proxmox copied over to the eMMC, but there's little point. It's only 15.6GB with questionable speed and durability. I have the Dell diagnostics there now and could probably piggyback some other 'rescue' tools.
What OS are other people running and how did you get it installed?
View attachment 33099
My 640 and 680 units do not have the red location populated. The blue location will accept a standard NVMe drive (only 1 PCIe lane) using an adapter (cheaper elsewhere). Because (used) 42mm drives typically cost more, I trimmed away part of the long support arm and covered with heat shrink. It will then ride over the components beyond the original 42mm space.
My 640 and 680 units do not have the red location populated. The blue location will accept a standard NVMe drive (only 1 PCIe lane) using an adapter (cheaper elsewhere). Because (used) 42mm drives typically cost more, I trimmed away part of the long support arm and covered with heat shrink. It will then ride over the components beyond the original 42mm space.
Last edited:
Did you get all the interfaces passed through? I have BIOS 3.50.0.9-10 dated 07/23/2020 and still can't pass through 3 of the 4 I350 ports. According to this discussion, it's a BIOS bug. I contacted Riccardo and he says he's switched employers and has no access to the BIOS version or file. According to this article, the latest BIOS was 3.50.0.9-13, but VMware had no way to update.
Prices for the 620 are in the $75 range now, so I'm picking one up and see if I can use it on my comcast 1.5Gbps connection instead of a VM I'm running right now. Probably safe to say I'll be dropping some questions in here; I've got Cisco 10G-SR SFPs that I'll be trying to use in the box, hopefully they will play nice.
I don't have anything that's 10Gb capable other than a PC and I haven't run any speed tests. The link says 10Gb.
The only technical issue I've encountered is that GE2, GE3, and GE4 (I350 controller) cannot be used as passthrough. The BIOS doesn't assign them a (virtual?) interrupt.
Since there's no display, it can be difficult to complete a prompted install. I've also had some trouble booting from USB. Getting to the SATA drive requires complete disassembly. Life will be much easier if you remove the mini PCIe Wi-Fi card and replace with an NVMe drive. You'll need an adapter like this. It's cheaper on AliExpress. If you get a 2242 or 2230 NVMe, everything will be very tidy. Lenovo SSS1B60639 can be found on eBay. I paid $18.24 (used, 100% health) including shipping/tax.
Much of this thread is about watchdog problems and updating BIOS. All 3 of my units were new enough to not have that hurdle. Stick with the white case. You can look up the service tag to check the purchase date. Don't expect any support from Dell or VMware.
The power input is standard 5.5x2.1 (2.5 for 680). I've been unable to find a locking power plug that works without modification. The barrel on this one from AliExpress is just a few mm too long. I ended up trimming the barrel, soldering to the contacts and then filling the metal shell with epoxy. That's because once the center pin has been cut, everything falls apart.
I have one unit with OpenWrt as bare-metal. I've got another with Home Assistant running under ESXi 7.
I'm currently working on getting both OpenWrt and Home Assistant running under Proxmox 8. I was able to passthrough the SATA drive to OpenWrt for DLNA and Samba. Since my home internet is only 500Mb, I've got the 10Gb port connected to my PC. I'm going to try to use SR-IOV instead of a software bridge for the VMs. I've got the virtual interfaces configured and visible in Proxmox and OpenWrt. I still need to figure out the network config for Home Assistant. Then, I'll need to find something else to use the remaining cores and memory.
I originally thought about hosting e-mail and/or websites internally, but you can now get a virtual server in a datacenter for as low as $2/month. That includes a dedicated IP and full-blown unlimited Plesk. 1and1 used to charge me $1/month for additional IPs on a dedicated server. It's now increased to $5 per IP. The 2-core VPS is probably faster than the A8i server I rented previously.
Most of the units I see on eBay are 620s. That might be because the 640s and 680s are outside my filter's price limit. The 640 has twice the cores and 4x the installed memory. If you can use those resources, it's probably worth the premium. You just need to watch for a deal.
Here's my purchase history. The best deals are almost always buy-it-now-- especially with forum discussions like this.
Last edited: