PXE boot configuration Fortigate help
-
I don’t know much about converting to hex but a sight I tried said it was C0A81416 for a 192.168.20.22 Ip address
I used this sight
[url]http://www.kloth.net/services/iplocate.php[/url]I also tried this sight
[url]http://www.silisoftware.com/tools/ipconverter.php?convert_from=192.168.20.22[/url]
and it throws a 0x in the front I don’t know what that is about, it has been a long time since I had to convert anything to Hex my selfBut I used this sight
[url]http://www.swingnote.com/tools/texttohex.php[/url]
and it gives the Hex string you got, so there must be something different about converting strings and converting IP addresses. -
I don’t know much about converting to hex but a sight I tried said it was C0A81416 for a 192.168.20.22 Ip address
I used this sight
[url]http://www.kloth.net/services/iplocate.php[/url]I also tried this sight
[url]http://www.silisoftware.com/tools/ipconverter.php?convert_from=192.168.20.22[/url]
and it throws a 0x in the front I don’t know what that is about, it has been a long time since I had to convert anything to Hex my selfBut I used this sight
[url]http://www.swingnote.com/tools/texttohex.php[/url]
and it gives the Hex string you got, so there must be something different about converting strings and converting IP addresses. -
You need to set the next-server for the DHCP through the CLI in fortigate.
From the CLI:
FORT-310B # config vdom
FORT-310B (vdom) # edit <vdom name>
FORT-310B (<vdom name>) # config system dhcp server
FORT-310B (server) # edit 1 //Replace 1 with the number of the DHCP server id on the fortigate if more than one configured
FORT-310B (1) # [COLOR=#ff0000][B]set next-server 192.168.X.X[/B][/COLOR]
FORT-310B (1) # end -
[quote=“PeterDoobes, post: 3161, member: 1024”]You need to set the next-server for the DHCP through the CLI in fortigate.
From the CLI:
FORT-310B # config vdom
FORT-310B (vdom) # edit <vdom name>
FORT-310B (<vdom name>) # config system dhcp server
FORT-310B (server) # edit 1 //Replace 1 with the number of the DHCP server id on the fortigate if more than one configured
FORT-310B (1) # [COLOR=#ff0000][B]set next-server 192.168.X.X[/B][/COLOR]
FORT-310B (1) # end[/quote]I really hope this works. In the past I have tried to get this working with my Fortinet units and have not had any luck. The support people at Fortinet were also not able to help me despite opening multiple tickets.
-
[quote=“jeffpuxx, post: 3426, member: 1114”]I really hope this works. In the past I have tried to get this working with my Fortinet units and have not had any luck. The support people at Fortinet were also not able to help me despite opening multiple tickets.[/quote]
Any luck? -
Has anybody had any luck with this? I’ve got the same Fortigate/FOG setup and have been banging my head against it all week.
Thanks!
-
[quote=“PeterDoobes, post: 3161, member: 1024”]You need to set the next-server for the DHCP through the CLI in fortigate.
From the CLI:
FORT-310B # config vdom
FORT-310B (vdom) # edit <vdom name>
FORT-310B (<vdom name>) # config system dhcp server
FORT-310B (server) # edit 1 //Replace 1 with the number of the DHCP server id on the fortigate if more than one configured
FORT-310B (1) # [COLOR=#ff0000][B]set next-server 192.168.X.X[/B][/COLOR]
FORT-310B (1) # end[/quote]Peter -
How are you setting the filename – pxelinix.0 ??
-
Finally Working !!!
edit 2
set auto-configuration disable
set default-gateway 192.168.111.1
set interface “dmz”
config ip-range
edit 1
set end-ip 192.168.111.250
set start-ip 192.168.111.100
next
end
set lease-time 1209600
set netmask 255.255.255.0
set next-server 192.168.111.7
set option1 67 ‘7078656c696e75782e30’
set dns-server1 8.8.8.8
set dns-server2 4.2.2.2
next -
Hi,
sorry but I have the same problem but… in CLI command there isn’t “set next-server” in DHCP setting:
config system dhcp server
edit <server_index_int>
set auto-configuration {enable | disable}
set conflicted-ip-timeout <timeout_int>
set default-gateway <address_ipv4>
set dns-service {default | specify}
set domain <domain_name_str>
set enable {enable | disable}
set interface <interface_name>
set lease-time <seconds>
set netmask <mask>
set option1 <option_code> [<option_hex>]
set option2 <option_code> [<option_hex>]
set option3 <option_code> [<option_hex>]
set server-type {ipsec | regular}
set start-ip <address_ipv4>
set wins-server1 <wins_ipv4>
set wins-server2 <wins_ipv4>
set wins-server3 <wins_ipv4>
set dns-server1 <address_ipv4>
set dns-server2 <address_ipv4>
set dns-server3 <address_ipv4>
set ip-mode {range | usrgrp}
set ipsec-lease-hold <release_seconds>
set vci-match {enable | disable}
set vci-string <string>
config exclude-range
edit <excl_range_int>
set end-ip <end_ipv4>
set start-ip <start_ipv4>
config ip-range
edit <ip_range_int>
set end-ip <end_ipv4>
set start-ip <start_ipv4>
config reserved-address
edit <id_int>
set ip <ipv4_addr>
set mac <mac_addr>
end
end…and then?
Thanks
-
Check your device manual to see if it supports that option. You might also have a firmware update available that adds or fixes that option. If you just can’t get it to work, consider installing FOG in proxyDHCP mode so that it intercepts pxe boot requests and gives the next server and filename info but lets your existing DHCP server still hand out IP addresses.
-
What firmware version are you running ?
You need to upgrade your firmware.
The “set next-server” option was added to the DHCP configuration options with a firware release but I am not sure which one.
-
After a couple of years of struggling with the very same problem, I have finally found a solution without a next-server, if such an option simply doesn’t exist in fortigate.
Yes, you need 66 and 67 options in fortigate in a hex format, that’s alright.
What helped me was set two Virtual IPs:- For Both Virtual IPs You choose external interface as your client subnet, external ip your gateway, mapped ip is your PXE server IP, and external service port in the first VIP is 69, and 4011 in the second.
- You create two Fireall policies for machines to go freely to those Virtual IPs you just created.
-
Hi Mantvydas,
Would you mind posting your fortigate config ?Thanks!