IPXE "Could not boot" error after upgrade to 1.0.1
-
Hello,
We just upgraded from FOG 0.32 to 1.0.1. We changed our DHCP boot file option to “undionly.kpxe” and clients boot using IPXE now as expected. However, our test client consistently gets a DHCP address, boots from the FOG server via IPXE, and then shows the following error:
[B]Could not boot: Permission denied ([url]http://ipxe.org/0216eb3c[/url])[/B]
This only happens if a task is queued for the client in FOG. If I go to [url]http://ipxe.org/0216eb3c[/url] in a browser, I get redirected to [url]http://ipxe.org/err/0216eb[/url] and the page says:
[B]Error: No usable certificates[/B]
[B](Error code 0216eb)[/B]Does anyone know what this is all about? My Google searches have not shed any light on the problem, so others don’t seem to be having this issue. Any help would be greatly appreciated!
-
is this happening only on one client, or on multiple models of computers?
-
I just tested on a different model PC and this did not happen, so it seems to be limited to the client we’re testing with. We actually upgraded to FOG 1.0.1 because the PXE boot would fail on this box with a “more than 8 outputs were detected” error under 0.32. The PC is a custom build and has an ASRock motherboard, but unfortunately I don’t know much more about it. The person who built it will be back next week so I can try to get more information later. Our help desk is looking to image a large number of these custom-built PCs, though, so it would be great if we could get it to work with FOG.
-
i would check bios settings, make sure anything regarding uefi or secureboot are disabled. also check for any bios updates.
-
Thanks, I’ll check that out.
-
I just wanted to follow up and say that we figured out this problem. There was a network policy in place which prevented the test client from accessing the Internet, although it was able to reach the FOG server. Apparently IPXE requires internet access. We removed the policy from the test client’s network port, and suddenly everything worked fine.
-
ipxe does not require internet access. exactly what did that policy block/prevent?
-
Our network engineer is out today so we’re not sure about the details. All we could see was that a “no internet” policy was applied to that port via our NAC, and when we disabled it, FOG suddenly worked fine. The box was booting from the FOG server via IPXE so it seems that internal network access wasn’t blocked, but again, we don’t know any specifics.