RE: DHCP works but no internet to clients

Figured it out, re running the fog installer after messing with the passwords etc reset my option routers in the dhcpd.conf file.

and now my routing has stopped working again. did’nt notice it because i had to step away for a bit, but the test machine that just imaged has no network access. I also tried another machine that is a known good one and its not getting network either. I can ping the 192.168.1.1 just fine, PXE booting still works, its just now not routing. I mean its better than nothing we can get by with out network on this if it comes down to it. Thank you to every one who has helped me so far.

@george1421 okay so setting that to NO seems to have done the trick. I can log in to ftp now, and the image capture successfully put the finished image in the images dir. I am now doing my first image restore to a test machine, its looking promising ^_^

@george1421 Fedora 30

@george1421

tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN

thats what that gave me.

and this

ftp> open ***.***.215.106
Connected to ***.***.215.106.
500 OOPS: tcp_wrappers is set to YES but no tcp wrapper support compiled in
Connection closed by remote host.

@george1421 I went into all the config files and changed it. didnt realize it was a big deal. But it was messing up even before I did that. do I need to run the fog installer again ?

I’ve got two NICs one is 192.168.1.1 for DHCP on an isolated network the other is ..215.106 this one has access to the rest of the schools network and assigned by my sysadmin. I needed to be able to remote into the server and supply intert the clients at the same time, so I have it configured to route the traffic from 192.168.1.1 through IP tables and NAT to the 215.106 interface.

My sysadmin does not want DHCP to the rest of the network, hence the utterly complex setup i’m trying to pull off. I’ve tryed to explain to him that FOG wants to be part of the main network, and is expecting a DHCP server to already be setup, etc. But at this time he don’t want that. Its a whole other rant for another time… (we are manually updating everything, not using SCCM or any thing…)

@george1421 I’ve changed that password in all its locations to a custom password. (but it was messing up before I did that though) and no it doesn’t connect.

Okay so I changed it to port 21 and got this

Connect socket #1760 to ***.***.215.106, port 21...
500 OOPS: tcp_wrappers is set to YES but no tcp wrapper support compiled in  
Can't establish connection --> ***.***.215.106:21 @ Tue Nov 05 15:12:53 2019   (0-

the 192.168.1.1 is my DHCP pool the server IP is different. it ends in 215.106

@Sebastian-Roth 22 is just was in the blank be default. I’m not sure what port it should be.

@Sebastian-Roth when I try to connect using an ftp client (coreftp) it gives me this:```

Connect socket #1904 to ***.***.215.106, port 22...
Can't establish connection --> ***.***.215.106:22 @ Tue Nov 05 14:38:50 2019   (0-38)
Connection Failed

I started out the first part of my IP as that is a a private IP for our school.

@george1421 I get that right after it gets done cloning. I recored that as a video its on my google drive https://drive.google.com/open?id=18fwBwbhZ34qPPnrlWwQA_EDyTevForsg I’ve got a couple guys on k-12 Technition suport group discord looking at with me too. (I found out about from the network admin at another school. I work at a college I’m trying to show my sysadmin we need to use FOG lol.)

@george1421 Yes NAT got involved. lol.

now I’m having issues with capturing the images. all signs are pointing to tftp but nothing I’ve tried has worked.) Its saving the images to /images/dev using the client MAC as the folder name. It just never finishes the process so it wont restore the images.

I got it figured out. had to setup routes through iptable etc. Thanks.

okay I got fog set up, DHCP is giving out IP and booting to the fog menu. I’m using a server with two NICs
one is connected to my work network for internet, the second is on a separate switch to provide imaging and internet to client machines ( we use an isolated network for imaging of new machines)
I can ping from and remote in tothe server so I know its getting a network connection, just for whatever reason its not serving the connection through the second NIC along with the DHCP. I Feel like there needs to be something else in the DHCP config file, I just cant figure out what to put in there. This is on Fedora 30 with the latest Fogserver from github. (as of Oct 25 2019)

This is my current DHCPD config

# DHCP Server Configuration file\n#see /usr/share/doc/dhcp*/dhcpd.conf.sample
# This file was created by FOG
#Definition of PXE-specific options
# Code 1: Multicast IP Address of bootfile
# Code 2: UDP Port that client should monitor for MTFTP Responses
# Code 3: UDP Port that MTFTP servers are using to listen for MTFTP requests
# Code 4: Number of seconds a client must listen for activity before trying
#         to start a new MTFTP transfer
# Code 5: Number of seconds a client must listen before trying to restart
#         a MTFTP transfer
option space PXE;
option PXE.mtftp-ip code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
option arch code 93 = unsigned integer 16;
use-host-decl-names on;
ddns-update-style interim;
ignore client-updates;
# Specify subnet of ether device you do NOT want service.
# For systems with two or more ethernet devices.
# subnet 136.165.0.0 netmask 255.255.0.0 {}
subnet 192.168.1.0 netmask 255.255.255.0{
    option subnet-mask 255.255.255.0;
    range dynamic-bootp 192.168.1.10 192.168.1.254;
    default-lease-time 21600;
    max-lease-time 43200;
   # option routers 192.168.1.1
    option domain-name-servers 8.8.8.8;
    next-server 192.168.1.1;
    class "Legacy" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:>
        filename "undionly.kkpxe";
    }
    class "UEFI-32-2" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:>
        filename "i386-efi/ipxe.efi";
 }
    class "UEFI-32-1" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:>
        filename "i386-efi/ipxe.efi";
    }
    class "UEFI-64-1" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:>
        filename "ipxe.efi";
    }
    class "UEFI-64-2" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:>
        filename "ipxe.efi";
    }
    class "UEFI-64-3" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:>
        filename "ipxe.efi";
    }
    class "SURFACE-PRO-4" {
        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:>
        filename "ipxe.efi";
 }
    class "Apple-Intel-Netboot" {
        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/>
        option dhcp-parameter-request-list 1,3,17,43,60;
        if (option dhcp-message-type = 8) {
            option vendor-class-identifier "AAPLBSDPC";
            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01)>
                # BSDP List
                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:8>
                filename "ipxe.efi";
            }
        }
    }
}
#END OF DHCPD.conf

#AND this is my current NIC config(I stared out part of the IP because its my works IP from our ISP and you know, I don’t want to be the guy that gave the IP to the world.)

#This is the connection that gets internet from the network and allows remote connection for managing the server

eno1: connected to eno1
        "Intel 82579V"
        ethernet (e1000e), *C:*2:*9:20:CE:B0, hw, mtu 1500
        ip4 default
        inet4 ***.***.215.106/24
        route4 ***.***.215.0/24
        route4 0.0.0.0/0
        inet6 fe80::c**f:c9dd:**6f:d2bd/64
        route6 fe80::/64
        route6 ff00::/8

#This is the connection that DHCP is served to

enp3s0: connected to enp3s0
        "Intel 82574L"
        ethernet (e1000e), **:0*:CA:2C:5D:45, hw, mtu 1500
        inet4 192.168.1.1/24
        route4 192.168.1.0/24
        inet6 fe80::f111:****:3679:****/64
        route6 fe80::/64
        route6 ff00::/8

lo: unmanaged
        "lo"
        loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536

DNS configuration:
        servers: ***.***.37.20
        interface: eno1

        servers: ***.***.37.20
        interface: enp3s0

@Sebastian-Roth I think you and George1421 gave me the idea to check. I didnt think to select the EFI option on Virtualbox when I made the VM. So I’m going to try that, and also try a newer tower. The one I’m using is an older intel DH67BL with a BIOS that has CSM for EFI compatibility.

@george1421 The machine i’m testing on has an intel DH67BL motherboard, I think it uses a BIOS with a compatiblity layer for EFI. We have a newer machine can test on also. The VM i made is just a standard virtualbox VM I didnt think to try the efi option (duh) but the reboot thing it just keeps rebooting the machine, never gets to windows at all. I’ll make a new image and be sure to check the efi option on VM.

Title says it all. I have set up the latest FOG server from GIT on a Debian virtual machine using VirtualBox, (the actual OS running the main system is CentOS7 if that matters) I have captured a syspreped image of windows 10 Pro 1903 with all windows updates applied.

I used this tutorial to get started https://www.ceos3c.com/sysadmin/create-generalized-windows-10-image-deploy-fog-server/

and that lead me to this tutorial: https://www.windowscentral.com/how-create-unattended-media-do-automated-installation-windows-10

I can boot and start the restore process from a networked computer, and it looks good, starts the restore process, goes through the motions, reboots, and then just keeps rebooting. I used a Linux mint USB stick to check the partitions and it shows the boot and windows partitions. Shouldn’t there be 4 partitions?

As a test I made a new VM and restored the same image to it and it worked 100% no issue.

Am i missing a step or something? We had been using clonezilla but it got to where it wont work very well on the newest windows 10 and hardware we are getting.

So I got tasked with trying to figure out FOG. (i’m doing this on an isolated network so no risk of hurting any of our live machines in student labs or offices. This is just an experimentation phase)

I’m going to a conference in oct that has a two hour training session on imaging with FOG and windows 10 so maybe that will help. I’d rather we just use SCCM but we are a smaller community college and its just not in the cards evidently…any ways Thanks for any info,insight, or ideas.