• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    PXE boot configuration Fortigate help

    Scheduled Pinned Locked Moved
    General
    10
    14
    22.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Catsrules
      last edited by

      I don’t know much about converting to hex but a sight I tried said it was C0A81416 for a 192.168.20.22 Ip address
      I used this sight
      [url]http://www.kloth.net/services/iplocate.php[/url]

      I also tried this sight
      [url]http://www.silisoftware.com/tools/ipconverter.php?convert_from=192.168.20.22[/url]
      and it throws a 0x in the front I don’t know what that is about, it has been a long time since I had to convert anything to Hex my self 🙂

      But I used this sight
      [url]http://www.swingnote.com/tools/texttohex.php[/url]
      and it gives the Hex string you got, so there must be something different about converting strings and converting IP addresses.

      1 Reply Last reply Reply Quote 0
      • C
        Catsrules
        last edited by

        I don’t know much about converting to hex but a sight I tried said it was C0A81416 for a 192.168.20.22 Ip address
        I used this sight
        [url]http://www.kloth.net/services/iplocate.php[/url]

        I also tried this sight
        [url]http://www.silisoftware.com/tools/ipconverter.php?convert_from=192.168.20.22[/url]
        and it throws a 0x in the front I don’t know what that is about, it has been a long time since I had to convert anything to Hex my self 🙂

        But I used this sight
        [url]http://www.swingnote.com/tools/texttohex.php[/url]
        and it gives the Hex string you got, so there must be something different about converting strings and converting IP addresses.

        1 Reply Last reply Reply Quote 0
        • P
          PeterDoobes
          last edited by

          You need to set the next-server for the DHCP through the CLI in fortigate.

          From the CLI:

          FORT-310B # config vdom
          FORT-310B (vdom) # edit <vdom name>
          FORT-310B (<vdom name>) # config system dhcp server
          FORT-310B (server) # edit 1 //Replace 1 with the number of the DHCP server id on the fortigate if more than one configured
          FORT-310B (1) # [COLOR=#ff0000][B]set next-server 192.168.X.X[/B][/COLOR]
          FORT-310B (1) # end

          1 Reply Last reply Reply Quote 0
          • J
            jeffpuxx
            last edited by

            [quote=“PeterDoobes, post: 3161, member: 1024”]You need to set the next-server for the DHCP through the CLI in fortigate.

            From the CLI:

            FORT-310B # config vdom
            FORT-310B (vdom) # edit <vdom name>
            FORT-310B (<vdom name>) # config system dhcp server
            FORT-310B (server) # edit 1 //Replace 1 with the number of the DHCP server id on the fortigate if more than one configured
            FORT-310B (1) # [COLOR=#ff0000][B]set next-server 192.168.X.X[/B][/COLOR]
            FORT-310B (1) # end[/quote]

            I really hope this works. In the past I have tried to get this working with my Fortinet units and have not had any luck. The support people at Fortinet were also not able to help me despite opening multiple tickets.

            1 Reply Last reply Reply Quote 0
            • B
              boon
              last edited by

              [quote=“jeffpuxx, post: 3426, member: 1114”]I really hope this works. In the past I have tried to get this working with my Fortinet units and have not had any luck. The support people at Fortinet were also not able to help me despite opening multiple tickets.[/quote]
              Any luck?

              1 Reply Last reply Reply Quote 0
              • C
                chrisayala
                last edited by

                Has anybody had any luck with this? I’ve got the same Fortigate/FOG setup and have been banging my head against it all week.

                Thanks!

                1 Reply Last reply Reply Quote 0
                • J
                  jeffpuxx
                  last edited by

                  [quote=“PeterDoobes, post: 3161, member: 1024”]You need to set the next-server for the DHCP through the CLI in fortigate.

                  From the CLI:

                  FORT-310B # config vdom
                  FORT-310B (vdom) # edit <vdom name>
                  FORT-310B (<vdom name>) # config system dhcp server
                  FORT-310B (server) # edit 1 //Replace 1 with the number of the DHCP server id on the fortigate if more than one configured
                  FORT-310B (1) # [COLOR=#ff0000][B]set next-server 192.168.X.X[/B][/COLOR]
                  FORT-310B (1) # end[/quote]

                  Peter -

                  How are you setting the filename – pxelinix.0 ??

                  1 Reply Last reply Reply Quote 0
                  • J
                    jeffpuxx
                    last edited by

                    Finally Working !!!

                    edit 2
                    set auto-configuration disable
                    set default-gateway 192.168.111.1
                    set interface “dmz”
                    config ip-range
                    edit 1
                    set end-ip 192.168.111.250
                    set start-ip 192.168.111.100
                    next
                    end
                    set lease-time 1209600
                    set netmask 255.255.255.0
                    set next-server 192.168.111.7
                    set option1 67 ‘7078656c696e75782e30’
                    set dns-server1 8.8.8.8
                    set dns-server2 4.2.2.2
                    next

                    1 Reply Last reply Reply Quote 0
                    • T
                      Tecno
                      last edited by

                      Hi,

                      sorry but I have the same problem but… in CLI command there isn’t “set next-server” in DHCP setting:
                      config system dhcp server
                      edit <server_index_int>
                      set auto-configuration {enable | disable}
                      set conflicted-ip-timeout <timeout_int>
                      set default-gateway <address_ipv4>
                      set dns-service {default | specify}
                      set domain <domain_name_str>
                      set enable {enable | disable}
                      set interface <interface_name>
                      set lease-time <seconds>
                      set netmask <mask>
                      set option1 <option_code> [<option_hex>]
                      set option2 <option_code> [<option_hex>]
                      set option3 <option_code> [<option_hex>]
                      set server-type {ipsec | regular}
                      set start-ip <address_ipv4>
                      set wins-server1 <wins_ipv4>
                      set wins-server2 <wins_ipv4>
                      set wins-server3 <wins_ipv4>
                      set dns-server1 <address_ipv4>
                      set dns-server2 <address_ipv4>
                      set dns-server3 <address_ipv4>
                      set ip-mode {range | usrgrp}
                      set ipsec-lease-hold <release_seconds>
                      set vci-match {enable | disable}
                      set vci-string <string>
                      config exclude-range
                      edit <excl_range_int>
                      set end-ip <end_ipv4>
                      set start-ip <start_ipv4>
                      config ip-range
                      edit <ip_range_int>
                      set end-ip <end_ipv4>
                      set start-ip <start_ipv4>
                      config reserved-address
                      edit <id_int>
                      set ip <ipv4_addr>
                      set mac <mac_addr>
                      end
                      end

                      …and then?

                      Thanks

                      1 Reply Last reply Reply Quote 0
                      • C
                        chad-bisd Moderator
                        last edited by

                        Check your device manual to see if it supports that option. You might also have a firmware update available that adds or fixes that option. If you just can’t get it to work, consider installing FOG in proxyDHCP mode so that it intercepts pxe boot requests and gives the next server and filename info but lets your existing DHCP server still hand out IP addresses.


                        If you would like to make a donation to the Fog project, please do so [U][COLOR=#0000ff][URL='http://sourceforge.net/dona…

                        1 Reply Last reply Reply Quote 0
                        • J
                          jeffpuxx
                          last edited by

                          What firmware version are you running ?

                          You need to upgrade your firmware.

                          The “set next-server” option was added to the DHCP configuration options with a firware release but I am not sure which one.

                          1 Reply Last reply Reply Quote 0
                          • M
                            Mantvydas
                            last edited by

                            After a couple of years of struggling with the very same problem, I have finally found a solution without a next-server, if such an option simply doesn’t exist in fortigate.
                            Yes, you need 66 and 67 options in fortigate in a hex format, that’s alright.
                            What helped me was set two Virtual IPs:

                            1. For Both Virtual IPs You choose external interface as your client subnet, external ip your gateway, mapped ip is your PXE server IP, and external service port in the first VIP is 69, and 4011 in the second.
                            2. You create two Fireall policies for machines to go freely to those Virtual IPs you just created.
                            1 Reply Last reply Reply Quote 0
                            • S
                              SomeOne
                              last edited by

                              Hi Mantvydas,
                              Would you mind posting your fortigate config ?

                              Thanks!

                              1 Reply Last reply Reply Quote 0
                              • 1 / 1
                              • First post
                                Last post

                              219

                              Online

                              12.0k

                              Users

                              17.3k

                              Topics

                              155.2k

                              Posts
                              Copyright © 2012-2024 FOG Project