Nokia IP110/IP120 and m0n0wall

 

Introduction

The Nokia IP110 and IP120 are embedded PC's built to run CheckPoint.  However they are standard x86 hardware, and can run m0n0wall. 

Hardware Specifications

Geode processor - National GX1 300 MHz
64 MB RAM (IP110), 128 MB RAM (IP120)
5 GB laptop hard drive
Three 10/100 Ethernet ports
Two serial ports (console and auxiliary)

Where to Buy

Nokia discontinued these models a few years ago, hence the only place to get these is through the various sources for used equipment.  I got mine off eBay for $135 USD including shipping.  eBay is probably the most likely place to find one.  Search for Nokia IP1* to find both the IP110 and IP120.  You may want to set up a saved search to email you when new items matching those keywords are found.  It might take some time to find a reasonable deal.  The going price is about $75-$125 USD plus shipping.

Pictures
Here are some pictures of the outside of the device, with a laptop hard drive in the first two, desktop hard drive in the fifth, and CD in two others for size comparison.

It's a little bigger than I anticipated, but I'm used to working with Soekris devices.  It's definitely bigger than a Soekris or a WRAP, and has a pretty clunky power cord.  It reminds me of Cisco 1600 series routers, though it's a little smaller than those. 

The Insides

Take out the four torx screws in the corners of the bottom, and the top comes off, revealing its board.  Note the screw holes are pretty deep and narrow.  The torx bit I had that fit (T8, to be exact) was too wide to reach down to the screw.  I had to buy a small torx set to get the screws out (needed one anyway). 

Two pictures of the inside.

Pretty much what I expected.  Has everything onboard, a 5 GB laptop hard drive (standard SFF IDE), and no moving parts (other than in the hard drive).  No fans, so without the hard drive this device will be completely silent. 

The board is screwed into the bottom of the case with three additional screws.  You can clearly see one of the screws in the above pictures - to the left of the hard drive, towards the bottom, with the orange/reddish circle around it.  The other two are on each side of the back plate, one next to LAN I, the other next to the power input. 

The hard drive is further attached by four screws on the bottom of the board. 

After removing those four screws, you will be able to slide the hard drive out of its connector and remove it. 


Loading m0n0wall

How to load m0n0wall depends on what storage medium you are planning to use.  The included hard drive will work, but will require a laptop to use to load m0n0wall, and will be by far the most likely source of failure in the unit.  I am going to use a laptop IDE to CompactFlash adapter, and run m0n0wall on a CompactFlash card.  I chose this route over using the hard drive because laptop hard drives in general aren't as reliable as their desktop counterparts, and these IP1xx units are already three or more years old.  The likelihood of that hard drive failing during the unit's second life with m0n0wall is pretty high.  So to save myself the frustration of replacing a downed firewall, I am switching to CompactFlash. 

However, for the benefit of those of you that would like to run on the included hard drive, I will walk through those installation procedures. 

Hard Drive Installation

First find a laptop with a hard drive that is reasonably easy to remove.  Most laptops are good about making the drive accessible, however I have seen my fair share that you literally have to disable the entire laptop to get to the hard drive (I've seen this on several Sony Vaio laptops).  Every Dell laptop I've seen requires the removal of only one screw to remove the hard drive, so try a Dell if you have one available.  I have a spare Dell Inspiron 3500 that I will be using for this purpose.  The hard drive is located behind the battery on this model.

Pull the drive out of the laptop.  It will be encased in some sort of drive tray.  You'll probably have to remove some screws to get the drive out of the tray, and then replace it with the drive for m0n0wall.  Put the m0n0wall drive into the laptop, and boot up the laptop off of the m0n0wall Live Installer CD.  Use the instructions for the live installer found here.

Shut down the laptop, and take the freshly loaded m0n0wall hard drive out, and replace the original hard drive.  Put the m0n0wall drive back into the IP1xx, without reattaching any of the screws.  Leave the board in the bottom half of the case to avoid shorting it out on anything.

Before powering up the IP1xx, attach your serial console, and open a connection with the following settings.

 

Now power on the IP1xx.  You should see the system booting, and the following menu after boot.


m0n0wall console setup
**********************
1) Interfaces: assign network ports
2) Set up LAN IP address
3) Reset webGUI password
4) Reset to factory defaults
5) Reboot system

Enter a number: 1

Valid interfaces are:

fxp0 ff:ff:ff:ff:ff:ff
fxp1 ff:ff:ff:ff:ff:ff
fxp2 ff:ff:ff:ff:ff:ff

Note the invalid MAC addresses.  For some reason these Nokia boxes don't show a valid MAC address. 

Go ahead and assign the interfaces.  For this example setup, fxp0 will be LAN, fxp1 will be WAN, and fxp2 will be OPT1.  Save the changes and let it restart.  After it's saved, unplug the Nokia and remove the hard drive.  Put it back into the laptop, and boot off the live installer CD. 

The rest of this is on the wiki for now, to be incorporated soon. Click here for the end of this doc.


Chris Buechler
July 2005