It just occurred to me that @frollic and I have been singing praises of this device for a long time, but I never wrote it up. So here’s the omission corrected.
CloudGenix ION 2000 (more recently marketed as Palo Alto ION 2000) is an entry-level SD-WAN appliance, and a good-looking one at that. The device runs on an Intel Atom C2558 processor (quad-core, 2.4 GHz) with 4 GB of RAM (upgradable to 8 GB). There are six Gigabit Ethernet ports, two with Intel i210 controllers and four with Intel i354 controllers. The only management interface is a console port marked AUX on-device, but you should be able to make OpenWrt work even if you don’t have a console cable. The device is passively cooled, with the ribbed top surface working as the processor's heatsink. It is also a rebranded Lanner FW-7525, so theoretically, it should be able to run open-source operating systems. In practice, however, there are some difficulties you need to overcome. The device's BIOS is password-protected, and the password somehow hasn't leaked (there's some speculation that it may be based on the device's serial number). In the specific case of OpenWrt, those difficulties are overcome rather easily (more on that later).
The good news is, because of the BIOS issue, the pfSense and OPNsense communities tend to shun the device, so it’s obtainable very inexpensively, at least in North America. As of this writing, used devices are available on eBay starting below USD 30, though this may not include a power supply. Speaking of power supply, the device needs 12 V / 3 A with a 5.5 mm barrel connector. The stock power supply has a screw lock (a nut that attaches to the thread on the device to prevent the power supply from disconnecting), but you can use a generic power supply if you have one available (I’ve done this numerous times).
To get OpenWrt running on this device, you need to turn it upside down and open it up. There is one screw on the bottom (usually, with a warranty seal over it) and six on the sides, three per side. Once you remove the seven screws, the bottom slides off, exposing the system board attached to the top, aka the heatsink:
Normally, the device comes with two storage components, a SATA SSD (typically, one made by Transcend) and a 4 GB CF card. For some reason, the last device I bought didn’t have a CF card, so there isn’t one in the photo above, but when present, it goes into the white rectangular holder visible on the right of the system board under the SATA cables connecting the SSD to the system board.
So far, I have not figured out a way to run OpenWrt off the SSD, but running it off the CF card is fairly easy. You remove both storage components from the device, expand the OpenWrt image onto the CF card (I recommend the squashfs non-UEFI image; you will need a computer with a CF card reader, internal or connected via USB), return the CF card into its holder, and keep the SSD for your other projects. Note that the SSD tray also works as a heatsink for the memory module, so you may consider returning it to the device after you took it out to detach the SSD from it.
Just in case, here’s the internal view with the SSD tray removed:
Once you install the CF card into its holder and turn the device on, OpenWrt should boot without an issue. Note, however, that the port detection order differs from the physical layout:
On-device label CONTROLLER 1 2 3 4 5
OpenWrt port assignment eth4 eth5 eth0 eth1 eth2 eth3
By default, at first boot, eth0 (labeled 2 on-device) will be LAN, and eth1 (labeled 3 on-device) will be WAN. So even if you don’t have a console cable, you should be able to manage your device over a network connection. Just connect your management computer to port 2 and access the device at 192.168.1.1 using SSH or a Web browser. To remind, the user name is root, and initially, there is no password, so leave the password field empty.
Ports 4 and 5 have a bypass on them, but in my experience with multiple ION 2000 units, it is always deactivated, so the ports work normally.
Because the device is running on an Atom C2xxx processor, there is a question of whether the processor is susceptible to the AVR54 defect. In my experience, devices labeled Ver: V2.1 (see photo below showing a sticker on the bottom of the device) contain processors stepping C0, in which the defect was corrected. Older V2.0 devices may contain affected processors stepping B0.
Note that since the device has decent processing power and is passively cooled, it tends to run warm. To repeat, the entire top of the device is the processor’s heatsink.
