thanks, i' ve done a snif! it' s in the dropbox! the links is above! i think i have a problem with the return path, because it comes from a lan who' s tagged... raffa

Can you provide the config of the interfaces? Maybe you can make a test with fewer components involved? Tagged vlan, what is the configuration of the switch ?

the vlan thing doesn' t work out...forget it its only confusing...:-) i connect both Lan via policies, i can log in with my domain credentials, but the pxe boot doesnt work! maybe a DNS problem because..have to control this. i will give an update... rafael addition; how can i set a DNS server for the interface with the ip 10.39.x.x? the interface with the ip 172.16.x.x get a dhcp from the fortinet...

and the two pxe-boot screenshots from both networks...

and the other network

You can specify which DNS server to use, i would use same for all. So in the Fortigate i would specify the Windows dns server (AD). Example: config system dhcp server edit 1 set auto-configuration disable set default-gateway 192.168.50.1 set wins-server1 192.168.50.5 set wins-server2 192.168.50.7 set dns-server1 192.168.50.5 set dns-server2 192.168.50.7 set interface " internal" config ip-range edit 1 set end-ip 192.168.50.254 set start-ip 192.168.50.110 next end set netmask 255.255.255.0 set next-server 192.168.51.2 ( in a different subnet, fw policys are needed) end next Btw, have you tested this with less components so you know that the pxe server is working ?

..the problem is, that i have 2 different networks. on network 1 the dns is the same as the gateway. but on the second network i cant set the dns because the dhcp option is not enable... here my config;

config system interface
 
     edit " wan1" 
         set vdom " Flex-ICT" 
         set mode dhcp
         set allowaccess ping https http fgfm capwap
         set type physical
         set alias " ISP GAW" 
         set snmp-index 1
 
     edit " port4" 
         set vdom " Flex-ICT" 
         set ip 172.16.0.1 255.255.252.0
         set allowaccess ping https ssh snmp http telnet fgfm 
 
     edit " port6" 
         set vdom " Flex-ICT" 
         set ip 10.39.0.6 255.255.248.0
         set allowaccess ping https http fgfm capwap
         set type physical
         set alias " RES/EGS" 
         set snmp-index 28
 
 config system dhcp server
     edit 1
         set default-gateway 172.16.0.1
         set dns-service default
         set interface " port4" 
             config ip-range
                 edit 1
                     set end-ip 172.16.0.254
                     set start-ip 172.16.0.10
                 next
             end
         set netmask 255.255.252.0
         set next-server 10.39.0.124
         set option1 67 ' 736d73626f6f745c7838365c7764736e62702e636f6d' 
         set option2 66 ' 31302e33392e302e313234' 
     next
 
 config router static
     edit 1
         set device " wan1" 
         set gateway 77.239.32.1
     next
 
 config firewall policy
     edit 1
         set srcintf " port4" 
         set dstintf " wan1" 
         set srcaddr " all" 
         set dstaddr " all" 
         set action accept
         set schedule " always" 
         set service " ALL" 
         set nat enable
     next
     edit 4
         set srcintf " port4" 
         set dstintf " port6" 
         set srcaddr " all" 
         set dstaddr " all" 
         set action accept
         set schedule " always" 
         set service " ALL" 
         set nat enable
     next
     edit 5
         set srcintf " port6" 
         set dstintf " port4" 
         set srcaddr " all" 
         set dstaddr " all" 
         set action accept
         set schedule " always" 
         set service " ALL" 
         set nat enable

" i cant set the dns because the dhcp option is not enable..." You can use " Use system setting" or " Specify" in the webgui and you should use Specify and then enter your dns servers. In CLI set dns-service default use system DNS settings specify specify DNS servers