PXE, TFTP, Sophos UTM
-
First of all I’d like to thank Tom and all those invested in this project. It has been SOOO helpful and has saved me a lot of time and energy. I’m excited for 1.0 and I’ve started to test it. I’m struggling in trying to get it up and running though so I’m here with a question. First off here is my environment.
Ubuntu 14.10 (fresh install, fully updated as of 05-05-2014)
Fog 1.0.0 (pulled via SVN)
Ubuntu is a VM running on ESX.
Sophos UTM 9 is my DHCP, DNS and Firewall
In Sophos UTM I’ve enabled option 66 and 67. Attached is what those settings are set at currently (I’m assuming the issue is in here somewhere)
I’ve also attached my TFTP settings in the web guiI’m having a PXE boot issue, or TFTP issue. I can get the computers to boot up and pull an IP, but I get a PXE-E32: TFTP open Timeout error.
I’ve tried the following:
On your ubuntu server type:
Code:
tftp -v X.X.X.X-c get undionly.kpxe
Where X.X.X.X is your FOG servers IP.You should get something like this:
[INDENT]Connected to X.X.X.X(X.X.X.X), port 69
getting from X.X.X.X:undionly.kpxe to undionly.kpxe [netascii]
Received 101962 bytes in 0.1 seconds [11316553 bit/s][/INDENT]
This does come back correctly.Any help would be very much appreciated!
Thanks in advance
WARNING I’m a novice at linux.[url=“/_imported_xf_attachments/0/709_option66.JPG?:”]option66.JPG[/url][url=“/_imported_xf_attachments/0/710_option67.JPG?:”]option67.JPG[/url][url=“/_imported_xf_attachments/0/711_tftpsettings.JPG?:”]tftpsettings.JPG[/url]
-
What revision are you on? I was on release 1594 and didn’t notice until this morning that TFTP was completely borked for me. Tried a bunch of things, but in the end updating to release 1601 fixed it.
EDIT: Would have posted about this in bugs but I never figured out what exactly the problem was and it looks like Tom fixed it. Looks like I need to stay on revisions that he posts about in the Fog 1.0.0 thread.
-
have you tried setting the option 66 to the ip instead of the name?
-
Tim, for what it’s worth, my recommendation is as follows.
Don’t use Ubuntu 14.10, there area lot of documented issues with it. I use ubuntu 12.04 on virtual box.
There is a Wiki here
[url]http://fogproject.org/forum/threads/ubuntu-installation-for-fog-12-04.9338/[/url]
Set up your server on a Natted lan, so the server can see the outside world to download the packages and updates.
Set it up so that your Fog server not is the DHCP.
Change you Virtual lan to an internal network.
Rerun the install which will pick up the previous settings, let the Fog server provide the DHCP.Set up your client NICs as an Intel card, others, realtek, in my case don’t play well with IPXE. This is a virtual problem, it is OK with real cards.
Set yourself up a virtual client, on the internal network LAN, build in with Windows 7 or even xp which is quicker, and you can just image and restore for a test, W7 needs a bit of sysprep/fogprep stuff, even just to image and restore successfully.You now have Fog server and client setup on it’s own isolated network.
2 real PCs and a hub or switch would achieve the same, and takes VMware out of the mix.Once you have this working you can rerun the install, this time without the fog server doing the DHCP.
Change the network back to bridged or whatever it is called on VMware.
Now you only have the Sophos UTM to configure.Hope this helps
-
[quote=“need2, post: 26632, member: 21891”]What revision are you on? I was on release 1594 and didn’t notice until this morning that TFTP was completely borked for me. Tried a bunch of things, but in the end updating to release 1601 fixed it.
EDIT: Would have posted about this in bugs but I never figured out what exactly the problem was and it looks like Tom fixed it. Looks like I need to stay on revisions that he posts about in the Fog 1.0.0 thread.[/quote]
Seriously though, your issue sounds exactly like mine which I encountered on a completely different setup. An update is probably your best fix.
-
Just wanted to give an update. I’ve tried changing the hostname to the IP in Sophos and that didn’t work. I did the bysync to try and update but that hasn’t worked. If there is another way to run the update I’d like to try it. I’m currently redoing everything by installing Ubuntu 13.10 and reinstalling. I’ll post some new information as soon as I get that done.
Thank you guys so much for the help! -
UPDATE: I’ve installed Ubuntu 13.10, installed the latest release of Fog 1602 and I’m getting the same error. I then shut down the fog server and tried to pxe boot and got the same issue. So the issue is with Sophos UTM, i’m unsure how to get it to work but at least I know where to focus my attention. I’ll keep this post updated just in case someone else has the same setup and problems.
Thanks
-
does your DHCP server need to be reset before changes apply?
-
[quote=“Tim Heckaman, post: 26647, member: 24003”]UPDATE: I’ve installed Ubuntu 13.10, installed the latest release of Fog 1602 and I’m getting the same error. I then shut down the fog server and tried to pxe boot and got the same issue. So the issue is with Sophos UTM, i’m unsure how to get it to work but at least I know where to focus my attention. I’ll keep this post updated just in case someone else has the same setup and problems.
Thanks[/quote]
I ran into issues with getting my boot file to my machines. I could run the command and it would complete as expected but during pxe boot the file never completely reached the destination.
I use DNSMASQ as a proxy DHCP service when pxe booting, it helps to resolve my tftp sever and supply the bootfile so I can pxe boot my machines. I know that my issue stems from the fact that there are “too many cooks in the kitchen” and one of my team mates set up some helper ip address that wreak havoc on our DHCP server but are necessary in our environment with our current infrastructure setup to pxe boot the WDS server in multiple locations.
I would look into the DNSMASQ service, it is quick and easy to set up.
[URL=‘http://fogproject.org/wiki/index.php/Using_FOG_with_an_unmodifiable_DHCP_server/_Using_FOG_with_no_DHCP_server’]http://fogproject.org/wiki/index.php/Using_FOG_with_an_unmodifiable_DHCP_server/_Using_FOG_with_no_DHCP_server#DNSMASQ_settings_for_iPXE[/URL]
-
I’ve reinstalled ubuntu 14.10, 1603 fog and configured Fog to do the DHCP and it’s working. I’ll keep looking into using Sophos as the DHCP and why it isn’t forwarding the pxe request to fog.
Thanks for the tips -
I’ve still been working on this. So far this is what I’ve done.
In Sophos I needed to add: bootfile-name (code 67), next-server (no code), tftp-server-name (code 66). The PXE boot now works and I can run memtext86 but none of the other options work. I’ll keep this thread updated. -
Is the firewall blocking internal request to http?
You may need to allow (from the firewall) port forward for port 80 to point at your FOG Server IP address.
-
I got it working, I needed to restart mysql server. It seems to shut down randomly. I think because I keep making a lot of changes? At any rate it’s all working now. If anyone would like I can write down all the issues I had and the steps I took to fix them.
Thanks for all the help!
-
Ubuntu 14.10 fully updated
Fog 1.0.0 (current version is 1603 I think)
Sophos UTM 9
Sophos is running DHCP, DNS.In sophos I added:
[FONT=Calibri]Code: 67 (bootfile-name)
Name: bootfile-name
Text: undionly.kpxe
Scope: GlobalCode: next-server
Name: next-server
Address: ::IP OF SERVER::
Scope: GlobalCode: 66 (tftp-server-name)
Name: tftp-server-name
Text: ::IP OF SERVER::[/FONT]
[FONT=Calibri]Scope: Global[/FONT]The only on going problem so far is I need to restart the mysql service every once in awhile and I’m not sure why.
sudo stop mysql
sudo start mysql -
If you created the ubuntu VM without a swap partition, that would explain MySQL faltering (assuming it’s running out of memory). The mysql logs under /var/log/mysql will help more than my best guess though.
