symantec and fog on the same network issue



  • So, we have a Symantec altiris server that was just put on our network and now when I pxe boot, it only show’s us Symantec Altiris boot menu, how can I get it to show fogs pxe menu again?


  • Moderator

    @george1421 This is just a very bad guess since I can’t test this at all.

    net0.dhcp/43:hex = 6010B080FAAAA03C0A802C8C0A80368C0A8016600
    net0.dhcp/60:string = PXEClient
    

    I’m more confident that net0.dhcp/60:string = PXEClient will work than the the option 43 one.

    net0.dhcp/43:hex = 6010B080FAAAA03C0A802C8C0A80368C0A8016600
    net0.dhcp/60:string = PXEClient
    set altiris-server:ipv4 10.96.50.15
    set net0/next-server ${altiris-server}
    cpuid --ext 29 && set arch x64 || set arch x86pc
    iseq ${platform} efi && set plat efi || set plat 0
    chain -ar tftp://${altiris-server}/BStrap\\${arch}\\BStrap.${plat} 
    boot || goto MENU
    

  • Moderator

    @quazz I would have to say, I don’t know… Never really wanted to look back on altiris.

    But I might suspect a ipxe boot menu might look like this.

    set altiris-server:ipv4 192.168.1.10
    set net0/next-server ${altiris-server}
    cpuid --ext 29 && set arch x64 || set arch x86pc
    iseq ${platform} efi && set plat efi || set plat 0
    chain -ar tftp://${altiris-server}/BStrap\\${arch}\\BStrap.${plat}
    boot || goto MENU
    

    There is still some bits to work out like setting these options with ipxe.

    >> dhcp server set optionvalue 43 BINARY 6010B080FAAAA03C0A802C8C0A80368C0A8016600 
    >> dhcp server set optionvalue 60 STRING PXEClient 
    dhcp server set optionvalue 66 STRING 192.168.1.102 
    dhcp server set optionvalue 67 STRING BStrap\X86pc\BStrap.0 
    

    Ref: https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/TUTORIALS/5000/HOWTO5000/en_US/PXE Modes of Operation White Paper_V1.0.pdf?gda=1527910192_dc3523ce1bb29c678cdbc41758dd8092



  • @quazz How would I go about creating that menu and where is it located?


  • Moderator

    @george1421 Would it be possible to disable the ProxyDHCP and then create a menu item in FOG to chain to the Altiris server? (I know next to nothing about Altiris)


  • Moderator

    @fredlwal where did that IP address come from?

    The pxe client surely didn’t just invent it.

    If you want to find the culprit I have a tutorial for debugging pxe booting. https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue

    But in your case I would stick wireshark on a computer on the same subnet as where this pxe booting computer gave you that foreign IP address. Use the capture filter of port 67 or port 68

    What you should see is a Discover packet from your pxe booting client then on or more Offer packets from your dhcp servers. One of those offer packets will be giving you this alien IP address.



  • @george1421 picture of tftp

    Now that I did that , I get another IP address that is not on this network.


  • Moderator

    @fredlwal For 7.1 there are 2 services.

    “Symantec Network Boot Service (PXE and BSDP)”
    and
    “Symantec Network Boot Service (TFTP)”

    The first one is the one responsible for proxydhcp.

    For earlier than 7.0 the names were at the top of the list and started with Altiris boot services or something like that. My memory is fading of the 6.9 era stuff.

    Just stop the services and set them to manual, so you can restart them when you start altiris imaging.



  • @george1421 Yes let me know which services that I need to turn off, that would help out.


  • Moderator

    <snicker> Turn off Altiris and remove key</snicker>

    Oh man, why are you moving to altiris?

    But to answer your question (yes I’m familiar with Altiris). Altiris is configured as a dhcp proxy server. It is overriding your dhcp options 66 and 67 settings needed so the client can find the FOG server. If you were running SCCM or WDS for imaging you would have the same issue. If you want to continue using FOG, you will have to create a dedicated imaging network so that the dhcp boot requests are not seen by the Altiris server. I can tell you the specific services in altiris you need to shut off to stop the proxy dhcp services if need to know that too.


Log in to reply
 

451
Online

6.2k
Users

13.6k
Topics

128.0k
Posts