symantec and fog on the same network issue
-
So, we have a Symantec altiris server that was just put on our network and now when I pxe boot, it only show’s us Symantec Altiris boot menu, how can I get it to show fogs pxe menu again?
-
<snicker> Turn off Altiris and remove key</snicker>
Oh man, why are you moving to altiris?
But to answer your question (yes I’m familiar with Altiris). Altiris is configured as a dhcp proxy server. It is overriding your dhcp options 66 and 67 settings needed so the client can find the FOG server. If you were running SCCM or WDS for imaging you would have the same issue. If you want to continue using FOG, you will have to create a dedicated imaging network so that the dhcp boot requests are not seen by the Altiris server. I can tell you the specific services in altiris you need to shut off to stop the proxy dhcp services if need to know that too.
-
@george1421 Yes let me know which services that I need to turn off, that would help out.
-
@fredlwal For 7.1 there are 2 services.
“Symantec Network Boot Service (PXE and BSDP)”
and
“Symantec Network Boot Service (TFTP)”The first one is the one responsible for proxydhcp.
For earlier than 7.0 the names were at the top of the list and started with Altiris boot services or something like that. My memory is fading of the 6.9 era stuff.
Just stop the services and set them to manual, so you can restart them when you start altiris imaging.
-
Now that I did that , I get another IP address that is not on this network.
-
@fredlwal where did that IP address come from?
The pxe client surely didn’t just invent it.
If you want to find the culprit I have a tutorial for debugging pxe booting. https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue
But in your case I would stick wireshark on a computer on the same subnet as where this pxe booting computer gave you that foreign IP address. Use the capture filter of
port 67 or port 68
What you should see is a Discover packet from your pxe booting client then on or more Offer packets from your dhcp servers. One of those offer packets will be giving you this alien IP address.
-
@george1421 Would it be possible to disable the ProxyDHCP and then create a menu item in FOG to chain to the Altiris server? (I know next to nothing about Altiris)
-
@quazz How would I go about creating that menu and where is it located?
-
@quazz I would have to say, I don’t know… Never really wanted to look back on altiris.
But I might suspect a ipxe boot menu might look like this.
set altiris-server:ipv4 192.168.1.10 set net0/next-server ${altiris-server} cpuid --ext 29 && set arch x64 || set arch x86pc iseq ${platform} efi && set plat efi || set plat 0 chain -ar tftp://${altiris-server}/BStrap\\${arch}\\BStrap.${plat} boot || goto MENU
There is still some bits to work out like setting these options with ipxe.
>> dhcp server set optionvalue 43 BINARY 6010B080FAAAA03C0A802C8C0A80368C0A8016600 >> dhcp server set optionvalue 60 STRING PXEClient dhcp server set optionvalue 66 STRING 192.168.1.102 dhcp server set optionvalue 67 STRING BStrap\X86pc\BStrap.0
Ref: https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/TUTORIALS/5000/HOWTO5000/en_US/PXE Modes of Operation White Paper_V1.0.pdf?gda=1527910192_dc3523ce1bb29c678cdbc41758dd8092
-
@george1421 This is just a very bad guess since I can’t test this at all.
net0.dhcp/43:hex = 6010B080FAAAA03C0A802C8C0A80368C0A8016600 net0.dhcp/60:string = PXEClient
I’m more confident that
net0.dhcp/60:string = PXEClient
will work than the the option 43 one.net0.dhcp/43:hex = 6010B080FAAAA03C0A802C8C0A80368C0A8016600 net0.dhcp/60:string = PXEClient set altiris-server:ipv4 10.96.50.15 set net0/next-server ${altiris-server} cpuid --ext 29 && set arch x64 || set arch x86pc iseq ${platform} efi && set plat efi || set plat 0 chain -ar tftp://${altiris-server}/BStrap\\${arch}\\BStrap.${plat} boot || goto MENU