Thanks a lot for sharing, might be helpful. Do you know if this applies to other mainboards in Watchguard products, e.g. M370 / M470 and so on?
Always thought that the password is sort of hardcoded and can´t be removed by resetting CMOS.
Yep they´re trending a bit higher, guess the guy on eBay didn´t know what they are worth, even with without an active live security.
There is a plugin for that on the net, called LCDproc. Out of box the LCD writes “pfsense” not more. Keys are not working.
Yes, usually the first one is WAN on a Watchguard, but of course any port can be WAN or fallback on a real Fireware System (Watchguards name for the OS). Same for pfSense, you can use any port as WAN.
Haven´t really tested the first one at all 
But pfSense can assign a network to that interface so I guess you could use it anyways with 10/100 speed.
Looks promising to me. It runs on an Intel CPU with 8GB RAM. CPU is an embedded one, so no upgrade possible. Memory could be upgradable, but you have to open the box to check that. Without seeing the mainboard, if there is no SATA/mSATA port, you need to install pfSense to a CF card.
https://www.watchguard.com/help/docs/hardware%20guides/Firebox_M440_Hardware_Guide.pdf
I didn’t need to flash/unlock or modify Bios. Just make sure to pull out the CF card. The XTM will then boot the next device e.g. SATA.
You need to pull the compact flash card out of the slot. Store it somewhere safe in case you want to go back to Fireware OS someday. After that, the box will boot from the next medium, e.g. SATA or USB.
If you have a USB-Console cable you’re able to see the output and boot process 
Considering I got my watchguard for $25 I’d say yes it’s a fun little low cost project.
Sorry for the delay in getting back to you. From a hardware perspective and looking at the other WG box I have on hand, the principle of resetting the BIOS password should be similar. Just like your normal PC motherboard, removing the CMOS battery should clear any settings and passwords set. However be warned it resets everything to default, so other issues could arise and you would have to play with the BIOS settings to correct any incompatibilities. For all intensive purposes it looks like the WG boxes are nothing more then a PC motherboard with extra ethernet ports. If removing the battery dose not reset the BIOS look for a similar jumper pin, move it to the reset position pins, power on the system, give it a few seconds then power off and reset the pin back to the default position and power on again. That should wipe any settings that are set in the EEPROM or MMC chip which ever its using for long term settings saves.
Looks like it has worked but it only detect igb0, ix0 and ix1. The ig0 is the WAN port and the 2 ix ports are the 10G sfp ports. So it’s not detecting ports 1-24 which 9-16 are POE.
Anyone have any suggestions?
Ah of course! I was looking for another hard drive lol… I have a DB9-Console cable that worked on my laptop. Really cool to see as a newbie.
Thank you!
Or just move jumper J2 from the master position (pins 1/2) to the slave position (pins 2/3) 
Hah, dude, the firewall is up to a xeon 1265L, 16GB, an Intel s3500 SSD and running Zen armor. Def over kill but handles 10Gb like a champ. Core switch is an Aruba s2500.
I’m not sure. Mine definitely doesn’t support 10gb. That’s ok tho.
Sounds like a good setup.