VM Client can't PXE boot
-
Are the FOG server and the VM on the same subnet?
-
From everything I can tell, yes.
I have a FOG server plugged into the Cisco switch and a separate machine running Windows 7 plugged into the same switch. That W7 machine is running VMware Workstation, receiving its IP via DHCP. Everything looks good networking wise. I can also PXE boot with that very same W7 machine.
-
Is your VM configured for a bridged network adapter or NAT’ed?
-
It is configured for a bridged network. I had also tried NAT just to see if that would make a difference.
-
This may have to do with portfast or spanning tree protocol. Can you ask you network guys to monitor the port while you try to pxe boot and analyze the traffic?
-
Are you familiar with what I should be seeing? I do notice that when the VM is attempting to get an IP, there are repeated errors regarding port security. I’m no longer in the office but I can paste the error message here when I’m back in the office. When I’m attempting to boot the VM, I see the same error message over and over.
I’m logged onto the switch on the same machine so I can see it happening.
I’d ask my networking guy but to be completely honest, I’m actually studying for CCENT/CCNA and I’d like to see if I can’t figure this out. Additionally, when I saw him configuring this switch he was using Cisco SDM (or whatever GUI you can use to configure these switches).
Thanks for your help chad.
-
Here’s the error message I see when the VM is attempting to PXE boot.
%PORT_SECURITY-2-PSECURE_VIOLATION: Security Violation occurred, caused by MAC address 000c.2994.8afd on port FastEthernet0/2
It says this repeatedly.
Here’s the configuration on the port, just like every other port:
interface FastEthernet0/2
switchport mode access
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
macro description cisco-desktop
spanning-tree portfast
spanning-tree bpduguard enable -
Tell me if I’m understanding this correctly.
You have a VM inside a Windows 7 workstation, connected directly to a Cisco 2960 with no other switching/networking gear between the Workstation and the Switch (other than patch panel/patch cables)?
-
There’s also the Linksys WRT54G router attached to this Cisco switch. This thing is completely off of the production network so nothing else attached besides that and other workstations getting imaged.
I guess if I could draw it out it would look like this:
Linksys Router -> Cisco 2960 24 port PoE switch -> Workstations
-
That WRT54G is a wireless router/ap, and shouldn’t have anything at all to do with FOG. Is your Win7 machine wired to the cisco 2960 and is the FOG server wired to the 2960 also?
-
Yep, that’s correct.
-
You might try adjusting the portfast or security settings then. The Cisco 2960 may be complaining that it has what looks to be an edge port (single device, no chance of looping) with multiple MAC addresses trying to use that port. This is just a hunch.
-
Thanks, I’ll give this a look. I also found a guide on enabling SPAN/RSPAN to monitor the port. I’ll try this and post what I find.
Also, I don’t believe the FOG server is set up as a DHCP server (I believe that was an option during initial setup?) so the WRT is actually providing DHCP if I remember my setup correctly.
-
OK. Does the WRT54G allow you to specify the Option 66/67 or next-server-name, filename that is needed to pxe boot or do you have FOG running ProxyDHCP to handle that?
-
I do have that specified and actually, I just figured this thing out. I was going through the steps of enabling SPAN on the port and as I was setting the destination port, the switch didn’t like the port security being on if I was going to monitor it. I disabled switchport security on both ports and bam, the VM boots into the PXE menu.
I don’t know that I really need this feature on anyhow but then again I’m only studying for the CCENT, i’m no network engineer
![😕](https://forums.fogproject.org/assets/plugins/nodebb-plugin-emoji/emoji/android/1f615.png?v=i84e1j9s46s ":\")
Thanks for the follow up and support chad. Now if you can spare some time to help me with my other issue
-
I’ll do what I can. Link me to the other thread.
-
It’s the licensing thing – [url]http://fogproject.org/forum/threads/how-do-you-deal-with-licensing.5560/[/url]
-
Hi Adrian,
Did you ever get this fixed? If not… I think I know what’s going on.The new switch has port security enabled. By default, port security on Cisco switches only allows one mac address per port. The port is allowing the windows 7 machine to connect initially, but blocks your VM when it attempts to connect because the VM has a different mac address.
Try this. On your switch, enter these commands.
en (enter enable mode)
conf t (configure from the terminal)
interface f0/2 (tell it which interface you want to work with)
switchport port-security maximum 2This tells the switch that you will have 2 mac addresses using this port. You’ll come across this command at some point in your CCNA studies
Let us know if this works!