Imaging over WAN



  • Hello, My situation is same as this post but we do have site to site tunnel in place and option 66 & 67 setup at site. we tried to pxe boot one lenovo desktop to see if it will connect to FOG server which is in our main branch. the computer does get DHCP IP settings but than it gets stuck at TFTP time out. not sure why it isn’t connecting to FOG.

    https://forums.fogproject.org/topic/4488/remote-imaging-will-fog-work

    please guide us.


  • Developer

    @mpatel said in Imaging over WAN:

    now how do i go about transferring my exiting fog setup to new box including images that i have.

    May I ask you to open a fresh topic on this question just so don’t mix things up too much and people can find things more easily in the forums. Take a look at export/import the image definitions and we’ll give you more of the details in the other topic.

    Marking this as solved.



  • so we have decided not go with this option as it might cause bandwidth issue if we send image over WAN. we are going to setup another fog server and will move it around our remote offices for imaging. now how do i go about transferring my exiting fog setup to new box including images that i have.


  • Developer

    @mpatel Did you know that TFTP uses random TCP ports for the data transfer. That is quite tricky through firewalls that don’t forward just any port…


  • Moderator

    @mpatel Off the top of my head I’m going to say the router is not behaving as we might expect. Is there any way to get a pcap of the dhcp process as I’ve outlined?

    Also, how many remote offices do you have? And on average how many computers at each site?



  • Yes local Firewall (also does routing) is our DHCP server.the setup is same at all our remote offices.all our offices are than connected to our Main branch (where FOG server is) thru VPN tunnels.

    Ping from this remote office to FOG server works.


  • Moderator

    @mpatel Is your dhcp server the local router on the 10.10.91.0/x subnet or do you have a main dhcp server at your HQ? The reason why I ask is if your router 10.10.91.1 is supplying dhcp information it may not be properly setting up the pxe boot process. We’ve seen this with meraki and home (soho) routers in particular. There is the potential if you have a centralized dhcp server that you don’t have the settings enabled in the proper scope.

    A not so quick way to tell is to install wireshark on a computer on the 10.10.91.0/24 subnet and setup a capture filter of port 67 or port 68. Start wireshark capture then pxe boot the target computer to failure. Upload that pcap to a file share service (so you are in control of the file’s existence) and either post the link to the file share here or IM either Sebastian or myself. We’ll take a look at the pcap and tell you the next route.



  • Hi Sebastian, Here is info you have requested. our FOG server IP is 10.10.30.80. FOG server is in our main branch.
    tftp timeout.png Option 66&67.PNG


  • Developer

    @mpatel We need more information to be able to help you. Please take a picture of the TFTP timeout on screen and post here. As well let us know the IP addresses of your FOG servers and the exact DHCP options you have at the remote site.


Log in to reply
 

486
Online

6.2k
Users

13.6k
Topics

128.3k
Posts