Sophos Firewall + DHCP with Fog Server


  • Hi again,

    i read that 2 options 66 + 67 for extern DHCP Server should be added.

    I use the latest Fog Server on Ubuntu and i am very gladly if you could help me, which Changing i should do for this Situation.

    I wanna user Sophos xg Firewall + Dhcp for my Fog Server on Ubuntu.

    I dont know surely how i can do it clearly.

    What Is the boot-file name ?

    thanks for all your help


  • @sebastian-roth Thanks, i did it with rename.

    I am not expert so i wanted give the options by instalation. Thats why i just renamed the .fogsettings file.


  • @george1421 thanks. i just remane the file and rerun the installer. So i could give the new values.

  • Moderator

    @lerne-nie-aus said in Sophos Firewall + DHCP with Fog Server:

    BTW, i wanted reinstall the Fog Server with installer but i can not change the install settings.

    Just edit the /opt/fog/.fogsettings file and re-run the installer. It will use the settings from this file. Be aware that there are several options related to DHCP…

  • Moderator

    @lerne-nie-aus said in Sophos Firewall + DHCP with Fog Server:

    BTW, i wanted reinstall the Fog Server with installer but i can not change the install settings.

    The answers you give the first time you run the installer are saved in a hidden file /opt/fog/.fogsettings Hint: for linux the dot at the beginning of the file name makes it hidden. You can edit the values in that file directly then rerun FOG. Or if you want to make a clean reinstall just rename that file and rerun the fog installer.

    By first Installation i can give Router Adresse or DHCP Adrese.
    Must i give this informations for Sophos Firewall by Fog installation?
    Or is it better to reinstall or change the settings on fog Server, like Router Address oder DHCP Server?

    Normally you only set these values when your FOG server is dhcp server running ISC DHCP. If you are not using isc then the answers you given are ignored by FOG installer.


  • @george1421 thanks, you are realy great and i get quick answer, so i never lose my motivation to keep working on fog server:)

    BTW, i wanted reinstall the Fog Server with installer but i can not change the install settings.

    By first Installation i can give Router Adresse or DHCP Adrese.
    Must i give this informations for Sophos Firewall by Fog installation?

    Or is it better to reinstall or change the settings on fog Server, like Router Address oder DHCP Server?

    Thanks again.

  • Moderator

    @lerne-nie-aus said in Sophos Firewall + DHCP with Fog Server:

    but now i should change it

    No this is not what I suggest.

    1. You can use sophos firewall. We just see problems with other firewalls and pxe booting. I don’t know if sophos work or not work since I have not tried myself. Try it with the info I give you before. If it not work then we have option #2
    2. Use DNSMASQ on fog server to give ONLY pxe boot information, your main dhcp server is still giving out IP addresses to client computers, dnsmasq will only provide dynamic pxe boot information.

    dnsmasq install instructions: https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server

    It takes maybe 10 minutes to install and configure dnsmasq. If you have only one IP subnet then you are done, pxe booting should work. If you have multiple IP subnets then you must add the FOG server IP address to your list of dhcp serves in the firewall/router dhcp-helper / dhcp-relay service. Add the fog server IP as last server in the list.


  • @george1421 so it means, i schould not use Sophos Firewall as DHCP Server for Fog Server?

    The Problem is, i will have to use this 😞 It was not my choose.
    I was happy with my fog dhcp (isc) but now i should change it.

  • Moderator

    @lerne-nie-aus I will tell you that we see no joy when working with most routers/firewalls as dhcp server for pxe booting. pfSense does work as it should.

    Most routers do not support dynamic pxe booting. Dynamic meaning that they will send the proper boot file if the target computer is bios or uefi based.

    To answer your question. DHCP option 66 must be the ip address of the fog server and for bios computer undionly.kpxe for bios computer ipxe.efi.

    I would recommend that you look at a different solution for providing pxe boot info that is provided by your fog server.

345
Online

9.0k
Users

15.6k
Topics

145.1k
Posts