I am having problems getting WDS to work across VLANs. PCs within the same VLAN can use WDS with no problem, but when I try to use WDS across VLANs, I get the following error:```304 11.304373 {WDS.IP} {CLIENT.IP} TFTP 64 Error Code, Code: Illegal TFTP Operation, Message: Access violation.```I've tried the following while troubleshooting:Disabling the firewall on the WDS server.Confirmed that WDS is set to reply to ALL clients.Creating a policy that allows ALL traffic from the troubled VLAN to the WDS server.Move the VM between VLANS (works while in the same VLAN as the WDS server, but does not when I move it back).None of this changed the behaviour. I keep getting the same error. I have the correct DHCP options:Next bootstrap server {WDS.IP.ADDRESS}DHCP Option 66 : String : {WDS.IP.ADDRESS}Set the filename with the following command:set filename "smsboot\\x64\\wdsmgfw.efi"No matter what I do, I keep getting the same message and problem. Has anyone been able to get WDS to work across VLANs? I'm running FortiOS v6.2

New Member

Question

WDS across vLANS not working

Forum|Forum|3 years ago
October 27, 2022
3 replies
3167 views

I am having problems getting WDS to work across VLANs. PCs within the same VLAN can use WDS with no problem, but when I try to use WDS across VLANs, I get the following error:

```

304 11.304373 {WDS.IP} {CLIENT.IP} TFTP 64 Error Code, Code: Illegal TFTP Operation, Message: Access violation.

```

I've tried the following while troubleshooting:

Disabling the firewall on the WDS server.
Confirmed that WDS is set to reply to ALL clients.
Creating a policy that allows ALL traffic from the troubled VLAN to the WDS server.
Move the VM between VLANS (works while in the same VLAN as the WDS server, but does not when I move it back).

None of this changed the behaviour. I keep getting the same error.

I have the correct DHCP options:

Next bootstrap server {WDS.IP.ADDRESS}
DHCP Option 66 : String : {WDS.IP.ADDRESS}
Set the filename with the following command:
```
set filename "smsboot\\x64\\wdsmgfw.efi"
```

No matter what I do, I keep getting the same message and problem.

Has anyone been able to get WDS to work across VLANs?

I'm running FortiOS v6.2

FortiGate

Anthony_E

Staff

Hello Timothy,

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Regards,

Best Regards

Anthony_E

Staff

Hello Thimothy,

We are still looking for a solution.

We will come back to you as soon as we get one.

Regards,

Best Regards

aionescu

Staff

Hi @timothyd ,

If it works in the same VLAN, it means the same broadcast domain.

While replicating the issue please run the following commands:

diagnose debug flow filter addr x.x.x.x (where x.x.x.x is the IP address of the server)

diagnose debug flow trace start 100

diagnose debug enable

This will show us how traffic is handled.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded