Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Autumn 2024 badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiConnect
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDB
- FortiDDoS
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGuard
- FortiGate Cloud
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiPhish
- FortiProxy
- FortiRecorder
- FortiRecon
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiWAN
- FortiVoice
- FortiWeb
- FortiWebCloud
- Lacework
- RMA Information and Announcements
- Wireless Controller
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- RE: DHCP options for PXE
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Not applicable
Created on 12-28-2009 11:15 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
DHCP options for PXE
I' m having problems getting the FortiOS DHCP server set to forward to my TFTP server.
I' ve tried a lot of combinations and have gotten no where. Any help would be greatly appreciated. I would think all that' s needed is:
option 1 66 31302e36302e3230312e32 (TFTP IP in hex)
option 2 67 7078656c696e75782e30 (pxelinux.0 in hex)
When I do a tcpdump the clients are still trying to hit the dhcp/gateway instead of the TFTP' s IP. I saw another place on the forum that recommended adding option 150 but I didn' t have any luck w/ that either. I know I' m doing something stupid. Can anyone shed some light on this?
Thanks,
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
8 REPLIES 8
Not applicable
Created on 01-11-2010 11:36 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
***bump***
Anybody?? Please! :)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please elaborate a bit. What are you trying to get done?
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!See my Fortigate related scripts
at: http://fortigate.camerabob.com
Not applicable
Created on 01-11-2010 01:43 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No problem. We rely heavily on PXE booting in our environ. We are currently using the old 3com PXE server & TFTPD32 on our Win2k8 servers for PXE. Using any linux/unix DHCP server it' s really easy to define the boot flags to point the the TFTP server' s IP and boot filename -- thus eliminating the need to run a PXE deamon on port 4011. I can' t keep running this old 3com service as it corrupts the arp tables.
Anyway, as a corporate mandate I have to use my Fortigate as our DHCP server. It works great however I can' t get the DHCP options to redirect to our TFTP server' s IP. My understanding is these are basically Linux boxes so I' m sure they are capable of doing basic things like this, but I can' t make it work for PXE.
My firewall @ home has this setup to define the next-server & filename dhcp options:
http://dl.dropbox.com/u/1445590/junk/pfsense.png
I can' t seem to make this work using the FortiOS' s dhcp options.
Are you able to see what I' m doing wrong? Thanks for taking a look at this for me.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don' t understand how it worked on your linux box, but I' ve used this with some phones and thin clients to find the TFTP server:
Option 1 66 AC16002D ( that is 172.22.0.45)
Option 2 49 AC16002D (sun authentication server).
Why the long string?
Cheers, Eric
Rackmount your Fortinet --> http://www.rackmount.it/fortirack
Rackmount your Fortinet --> http://www.rackmount.it/fortirack
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What dhcp option does your pxe boot needs? tftp-server name ? or option 150? I bet it' s the latter.
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Not applicable
Created on 01-12-2010 06:38 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Eric, I was using the longer string because phone support made it sound like this would need the ' .' in the IP address. I' ve shortened it to 0A3CC902 which should be correct.
So the strange thing is that using one or both option 66 or 150 my PCs still try to grab the boot file from the DHCP server (firewall).
10.60.201.1 -> Fortigate - gateway & DHCP
10.60.201.2 -> TFTP server
It' s so easy to set this up using DHCPD & M$ DHCP; this is driving me crazy.
Here' s what the PXELinux guys say you need:
# PXE-specific configuration directives...
option dhcp-class-identifier " PXEClient" ;
option vendor-encapsulated-options 09:0f:80:00:0c:4e:65:74:77:6f:72:6b:20:62:6f:6f:74:0a:07:00:50:72:6f:6d:70:74:06:01:02:08:03:80:00:00:47:04:80:00:00:00:ff;
next-server <TFTP server>;
filename " /tftpboot/pxelinux.0" ;
I' d love to try all four of these options, but the interface is limited to three. Is it possible to add a fourth via the command line?
Thanks for the help so far. This has been much more helpful than the PAID support I received from Fortinet.
Not applicable
Created on 01-12-2010 07:50 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry I guess I have 2x accounts.
guitarben = mrguitar
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
PXELinuxBump. I am interested in this as well and I am wondering whether someone was able to make this work. thanks
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- Fortigate+Fortiswitch+FortiAP 144 Views
- ISO Image of Rocky Linux for... 82 Views
- Captive Portal Missing and Host Registration... 240 Views
- upgrade batch of FGT 6.4.6 to... 125 Views
- FortiPAM Disable View Access 72 Views
Labels
-
FortiGate
8,042 -
FortiClient
1,611 -
5.2
801 -
FortiManager
679 -
5.4
639 -
FortiAnalyzer
516 -
FortiAP
425 -
FortiSwitch
424 -
6.0
416 -
FortiClient EMS
364 -
5.6
362 -
FortiMail
301 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
188 -
SSL-VPN
176 -
FortiNAC
161 -
IPsec
154 -
6.4
128 -
FortiGuard
125 -
FortiGateCloud
98 -
FortiCloud Products
94 -
FortiSIEM
92 -
SD-WAN
89 -
FortiToken
86 -
Customer Service
74 -
Wireless Controller
74 -
FortiAuthenticator
70 -
4.0MR3
64 -
Firewall policy
58 -
FortiProxy
53 -
FortiEDR
50 -
Fortivoice
49 -
FortiADC
49 -
FortiExtender
43 -
VLAN
42 -
FortiDNS
41 -
High Availability
40 -
FortiSandbox
39 -
ZTNA
37 -
FortiGate v5.4
35 -
Routing
34 -
LDAP
34 -
FortiSwitch v6.4
33 -
DNS
33 -
BGP
32 -
SAML
31 -
Certificate
30 -
Interface
29 -
SSO
27 -
NAT
27 -
FortiConnect
25 -
Authentication
25 -
FortiWAN
24 -
FortiConverter
24 -
RADIUS
24 -
FortiGate v5.2
23 -
VDOM
23 -
FortiLink
23 -
Web profile
21 -
Virtual IP
20 -
FortiSwitch v6.2
18 -
FortiPortal
18 -
Fortigate Cloud
18 -
Logging
18 -
Application control
18 -
FortiMonitor
16 -
Traffic shaping
16 -
FortiPAM
16 -
FortiDDoS
15 -
FortiGate v5.0
14 -
SSL SSH inspection
14 -
OSPF
13 -
FortiCASB
12 -
SSID
12 -
IP address management - IPAM
12 -
FortiManager v5.0
11 -
Automation
11 -
Admin
11 -
Static route
11 -
WAN optimization
11 -
Web application firewall profile
11 -
FortiSOAR
10 -
FortiRecorder
10 -
SNMP
10 -
4.0MR2
9 -
FortiGate v4.0 MR3
9 -
FortiWeb v5.0
9 -
FortiAP profile
9 -
FortiManager v4.0
8 -
FortiBridge
8 -
IPS signature
8 -
System settings
8 -
Proxy policy
8 -
4.0
7 -
FortiAnalyzer v5.0
7 -
RMA Information and Announcements
7 -
Security profile
7 -
Traffic shaping policy
7 -
Port policy
7 -
FortiCache
6 -
DNS filter
6 -
trunk
6 -
Packet capture
6 -
Intrusion prevention
6 -
FortiCarrier
5 -
FortiToken Cloud
5 -
FortiTester
5 -
Users
5 -
Fabric connector
5 -
Fortinet Engage Partner Program
5 -
3.6
4 -
FortiDeceptor
4 -
FortiScan
4 -
FortiDirector
4 -
Internet service database
4 -
Antivirus profile
4 -
Traffic shaping profile
4 -
DLP sensor
4 -
Email filter profile
4 -
Web rating
4 -
FortiDB
3 -
FortiHypervisor
3 -
Explicit proxy
3 -
NAC policy
3 -
Application signature
3 -
DLP Dictionary
3 -
DLP profile
3 -
DoS policy
3 -
Netflow
3 -
Replacement messages
3 -
VoIP profile
3 -
Multicast routing
3 -
FortiInsight
2 -
FortiAI
2 -
API
2 -
FortiNDR
2 -
Authentication rule and scheme
2 -
Protocol option
2 -
Schedule
2 -
Service
2 -
Zone
2 -
Cloud Management Security
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Kerberos
1 -
Subscription Renewal Policy
1 -
Video Filter
1 -
TACACS
1 -
SDN connector
1 -
Multicast policy
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1475 | |
| 1007 | |
| 749 | |
| 443 | |
| 207 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.