RE: PXE boot problems, TFTP, No configuration methods succeeded

@george1421 I found a solution. I am not totally sure why the problem occur, but now i know what i have to do to get the PXE boot running. There is selfbulid captive portal running on 10.0.2.2 that uses IPTABELS to allow access to the internet. By logging on captive portal an other rule is added to the IPTABELS PREROUTING nat chain

ACCEPT	all	--	anywhere	anywhere	MAC	44:37:E6:B8:85:78

In this chain there are some standard rules on top and bottom.

DNAT	tcp	--	anywhere	anywhere	tcp	dpt:domain to:10.0.2.2
DNAT	tcp	--	anywhere	anywhere	tcp	dpt:domain to:10.0.2.2

ACCEPT	all	--	anywhere	anywhere	MAC	44:37:E6:B8:85:78

ACCEPT	all	--	anywhere	10.255.255.255				
ACCEPT	all	--	anywhere	224.0.0.252		
NFLOG	all	--	anywhere	anywhere		
DOCKER	all	--	anywhere	anywhere	ADD	RTYPE match dst-type LOCAL
ACCEPT	tcp	--	anywhere	anywhere	tcp	dpt:ssh
DNAT	tcp	--	anywhere	anywhere	tcp	dpt:https to:10.0.2.2:443
DNAT	tcp	--	anywhere	anywhere	to:	10.0.2.2:80
DNAT	udp	--	anywhere	anywhere	to:	10.0.2.2:42

Usually it is not a problem to reach IP addresses in the LAN if you are not logged in to the captive portal. I explicitly tested it today. If I am in windows and am not logged in to the captive portal, I can access all other websites in the LAN in the browser, except the FOG management portal on 10.0.32.180.

It looks the same with the boot process. If the computer is logged on to the captive portal then the PXE boot works without any problems.
If the computer is not registered on the captive portal then I always get the “TFTP timend out” message.

I just didn’t get the captive portal to play a role in this.

Many thanks to george1421 und Sebsatian Roth for the help.

@george1421 I found a solution. I am not totally sure why the problem occur, but now i know what i have to do to get the PXE boot running. There is selfbulid captive portal running on 10.0.2.2 that uses IPTABELS to allow access to the internet. By logging on captive portal an other rule is added to the IPTABELS PREROUTING nat chain

ACCEPT	all	--	anywhere	anywhere	MAC	44:37:E6:B8:85:78

In this chain there are some standard rules on top and bottom.

DNAT	tcp	--	anywhere	anywhere	tcp	dpt:domain to:10.0.2.2
DNAT	tcp	--	anywhere	anywhere	tcp	dpt:domain to:10.0.2.2

ACCEPT	all	--	anywhere	anywhere	MAC	44:37:E6:B8:85:78

ACCEPT	all	--	anywhere	10.255.255.255				
ACCEPT	all	--	anywhere	224.0.0.252		
NFLOG	all	--	anywhere	anywhere		
DOCKER	all	--	anywhere	anywhere	ADD	RTYPE match dst-type LOCAL
ACCEPT	tcp	--	anywhere	anywhere	tcp	dpt:ssh
DNAT	tcp	--	anywhere	anywhere	tcp	dpt:https to:10.0.2.2:443
DNAT	tcp	--	anywhere	anywhere	to:	10.0.2.2:80
DNAT	udp	--	anywhere	anywhere	to:	10.0.2.2:42

Usually it is not a problem to reach IP addresses in the LAN if you are not logged in to the captive portal. I explicitly tested it today. If I am in windows and am not logged in to the captive portal, I can access all other websites in the LAN in the browser, except the FOG management portal on 10.0.32.180.

It looks the same with the boot process. If the computer is logged on to the captive portal then the PXE boot works without any problems.
If the computer is not registered on the captive portal then I always get the “TFTP timend out” message.

I just didn’t get the captive portal to play a role in this.

Many thanks to george1421 und Sebsatian Roth for the help.

@george1421
I followed the instructions and captured with command tcpdump -w output.pcap port 67 or port 68 or port 69 or port 4011 on the fog server

pcap from power on till “TFTP open timeout” on PC05 (it is empty)
output05.pcap

pcap from power on till “TFTP open timeout” on PC24
output24.pcap

pcap from power on till FOG menu on PC18 (this is a working one)
output18a.pcap

10.0.2.5 is also the same device as 10.0.2.1; 10.0.2.2, 10.0.2.3.

@george1421
Yes i have removed that WiFi AP, but the Timeout is still there.

@george1421
I found the 10.10.0.1 device it was a bad configured WiFi access point.
PC24 and PC05, PC21 has still the “TFTP open timeout” problem

This problem no longer occurs today:

And now the interesting part: When i put a dumb switch in between. The normally working and direct to the building switch attached PCs like PC08,12,13,18 get the “No configuration methods succeeded” error.

@george1421
Your are right 10.0.2.1 10.0.2.2 and 10.0.2.3 is the same Server/device.

I have no clue what device the 10.10.0.1 is. But i will find out.
Thank you for diving deep in the pcap.

@george1421
All Computers are set to BIOS mode. I set everywhere the same BIOS settings.
i used wireshark during boot of PC05.
44:37:e6:b8:8b:7c and IP: 10.0.5.5 is the PC05 who is trying to PXE boot.
10.0.2.2 is DHCP Server
10.0.32.180 FOG Server
PC05PXEboot_faild.pcap

@Sebastian-Roth said in PXE boot problems, TFTP, No configuration methods succeeded:

What model is the building switch? Maybe it detects an intermediate switch and shuts down the port??? Don’t think I have seen this before but you never know.
Make sure you don’t have any loops in your network setup!!!
We use three Enterasys B5G124-48P2 and one Netgear GS724Tv4. I check every networkjack in the building but coundn´t find any loop. I hope didn’t missed one.

@george1421
I updated to the latest BIOS version. -->no change on the Problems

I enabled RSTP on all Switches. PC12 and PC08 work now properly. The “No configuration methods succeeded” is gone also “TFTP open timeout” on PC12.

But PC24 and PC05, PC21 has still the “TFTP open timeout” problem. PC01-PC28 are all the same model and now have all the same BIOS version. I testet them on ports where other machines (PC13,PC18) of the same type work. I got the same error.

And now the interesting part: When i put a dumb switch in between. The normally working and direct to the building switch attached PCs like PC08,12,13,18 get the “No configuration methods succeeded” error.

I think i have a network problem.

Thanks for your replay!

1. yes all ~40 are M92p.
2. no. 3 differnt models, 5 differnt BIOS versions (so far, i only touched 21 of 40)

• I had working PXE boot with all 3 models and all 5 BIOS verions.
• PC12 and PC08 were PXE booting but now they dont PXE boot anymore.

I will only use BIOS boot so far.
Tomorrow is will try to update all the BIOS version to latest version. It is the same BIOS for all three models.

To avoid spanning tree issue i already used sometime a dump switch and disabeld all STP features, but i will investigate this is little bit more tomorrow.

Hello,
there are some problems i have and i am getting crazy.
My setup:
UCS Univention server: DHCP, DNS with some virtual machines (10.0.2.2)
Debian based FOG Server 1.5.8 running as VM on the UCS Server (10.0.32.180)
Spanning Tree disabled on all switches.

My Task: Capture Images from ~40 Lenovo ThinkCentre M92p(windows 7) and deploy windows 10 Images to all of them.

I am working on this several days and read a lot on this forum but things getting confusing.
I get it easily to work on some machines like: PC01, PC04, PC08, PC12, PC18, PC43. I Captured an Images and deployed an other on and let them join the domain.
But there are some strange behavior like

1. PC24: This Machine stuck on “TFTP open timeout”, I tested tftp on the same machine with windows 7 and it couldn’t connect either. But at the same time PC43 PXE boot works perfectly and PC08 as well under windows 10. I had this problem before and a BIOS update worked mostly but not here (and on 2 computers). I tried to use an USB boot drive to get in iPXE but this ended with “No configuration methods succeeded”. The USB boot drive worked perfect an PC43

2. PC08: as mentioned before PXE boot capture and deploy with FOG worked perfect but now this machine stuck on: “No configuration methods succeeded”. I had this problem before and i rid of by take an other network jack/disabling STP.

3. PC12: as mentioned before PXE boot capture and deploy with FOG worked perfect. Then i captured an new image for the machine and after the task finished successful. On reboot he always gets “TFTP open timeout”. i didn´t change anythink in the meantime.

For troubleshooting i restarted: Fog Server VM ,clients, services. checked: tftp, dhcp config files. Firewalls are disabled, file permissions on /tftpboot. I compared the BIOS settings and tested different ones.

Does someone have any clue whats going wrong with my setup?
Thank you for any advise.