How to configure pfSense for netbooting

george1421

If you use a pfSense router as your primary dhcp server you can configure it to provide dynamic PXE booting information to your target computers that you wish to image.

To configure PXE (Network) Booting with pfSense please do the following.

1. Edit your DHCP Server configuration for the subnet where you require pxe booting.
2. At the top of the DHCP Server conifugration page for the network interface (LAN in this example). Make sure that you have the DHCP server enabled and Ignore Bootp queries disabled.
   
3. Scroll down the page until you see the Network Booting section and press the Display Advanced button.
   
4. Tick the checkbox for Enable network booting and then enter the IP address of the FOG server (netboot server) in the Next Server field.
5. Complete the form as below
   
6. Make sure you don’t have any value populated for the TFTP server field
   
7. As well as under the Additional Bootp/DHCP options section. Make sure you are not populating dhcp options 60, 66, or 67.
   
8. Save the configuration and then restart the dhcp server.
   9, Be aware that you might need to enable some additional firewall rules if you have the LAN inteface locked down. Net/PXE booting requires access to the TFTP server on udp port 69 on the FOG server.

Note: If you are running pfSense as a VM, you may need to configure promiscuous mode on the network interface for your hypervisor. You would only need this option if your external target computer’s can’t pick up an IP address from pfSense. This promiscuous mode is a requirement of dhcp and not network booting.