Fixing bad Intel NIC settings from UEFI

Today, a storm coming through the Dallas area managed to cause a power surge.  Most of my electronics are fine, but the router, a repurposed McAfee S1104 firewall running pfSense, wouldn’t come up properly.  Interfaces em0 and em1 came up mostly OK, but em2 and em3 wouldn’t.

A little checking using dmesg showed an error thrown for each interface (EEPROM checksum is not valid), so pfSense wouldn’t load the interfaces.  After some searching online (painfully slow over tethered LTE), I found someone who tried to fix their issues by using an Intel utility called bootutil.  (It didn’t work for them, but it was still a lead.)

I found the Intel page for it, and downloaded the Windows/EFI utility pack, preboot.exe.  I extracted this to a USB drive, and went through approximately the following steps.  There may be some things a little off as I didn’t actively record it, but something like this should work in the future.

  1. Boot into the EFI shell.  In my case, this involved bringing up the Boot Menu by pressing F7 and selecting from the list, but some motherboards look for F12 or other keys and some enter it from within Setup.
  2. Change to the USB device.  This will vary based on your system.
    fs0:
  3. Move to the appropriate directory.  You’ll want to end up in EFIx64 if you’re on an x86_64 processor or EFI64 if you’re on an Itanium CPU.
    cd APPS
    cd BootUtil
    cd EFIx64
  4. Run the utility to list the NICs.
    BOOTUTIL64.EFI
  5. For each listed NIC, reset it to the default configuration.  I had four, so I ran the following commands.
    BOOTUTIL -NIC=1 -DEFCFG
    BOOTUTIL -NIC=2 -DEFCFG
    BOOTUTIL -NIC=3 -DEFCFG
    BOOTUTIL -NIC=4 -DEFCFG
  6. Reboot the system.

Unfortunately, pfSense didn’t get everything quite right.  I still had to configure the LAN NIC (em3) to get some remote access level.  Fortunately, after each configuration change, pfSense saves a config backup, so I was able to restore from that from within the interface itself (option 15, Restore recent configuration).  After one more reboot, everything was working as it should.  I got up and running much faster than if I had to completely rebuild things (there’s a lesson about backups in here, I’m sure).

Still, resetting the NIC saved me the cost and time of buying a new 4-port Intel NIC, which aren’t cheap.  Here’s to digging around in the parts we don’t usually see.