Hi,

I'm playing around with ESXi and FGT 6.4 and I wanted to do a PXE HTTP boot. But it requires to deliver 2 different files for the same machine. Here is the example config from VMware:

#

# ISC DHCPv6 server configuration file snippet. This is not a complete

# configuration file; see the ISC server documentation for details on

# how to configure the DHCP server.

#

allow booting;

allow bootp;

option client-system-arch code 93 = unsigned integer 16;

class "pxeclients" {

    match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";

    next-server xxx.xxx.xxx.xxx;

if option client-system-arch = 00:07 or option client-system-arch = 00:09 {

    if exists user-class and option user-class = "iPXE" {

             # Instruct iPXE to load mboot.efi as secondary bootloader

              filename = "mboot.efi";

        }

        else {

             # Load the snponly.efi configuration of iPXE as initial bootloader

             filename = "snponly.efi";

        }

    }

    else {

         filename "gpxelinux.0";

    }

}

Have not been able to achieve this with Fortigate.

I thought that I should be able to maybe achieve it with:

multiple dhcp server entries where

   set vci-match is disabled on one, i.e. last catch

       define all parameters

       interface internal

   set vci-match is Arch:00007

       only specify filename, netmask, same ip-range as for all others

       interface internal

   set vci-match is Arch:00009

       only specify filename, netmask, same ip-range as for all others

       interface internal

But my tests so far did not succeed. 

1) How does FGT handle multiple DHCP Server entries on the same interface?

I was able to configure multiple, but not sure if the order of the configuration is what counts, i.e. first-match wins.

dhcp server entries cannot be moved, only renamed, but that did not help

???