RE: UEFI PXE Boot - Pain

@george1421 bingo it’s started fine now

@george1421 i can just create a new image for a 256gb drive though right? I guess I can then apply that to either a 256gb or 500gb drive and it wont matter?

@george1421 I LOVE YOU!!! It’s working
@brakcounty thanks for your help also

I have a new problem where it wont apply the image because it says the disk is too big but I’m sure it’s because I captured the image from a 500gb SSD and i’m trying to apply it to a 256gb SSD but I’m happy as hell because the actual PXE is working!!!

@brakcounty Chill man, it’s all good… Not everyones setup is gonna be the same. Unfortunately i’ve inherited this network from someone who was far more technical than me but why he set the Watchguard as the DHCP server rather than… oh IDK… an actual DHCP server is beyond me. Meh, it is what it is (I hate that saying but it’s true I guess)

Will try PXE tomorrow and see what happens… It is strange though that dnsmasq was already there and configured but when we first set this up it just fell on its face and wouldn’t PXE any machine hence the need to add the options 66 and 67 to at least get it to PXE so I could put an image out. Fucking manufacturers removing the option for legacy boot is fine and I guess the nature of the IT beast is that nothing stands still for long but it is a proper pain in the arse unpicking stuff to make it work based on them.

@george1421 bingo it’s started fine now

@george1421 My ltsp file:

# Don't function as a DNS server:
port=0

# Log lots of extra information about DHCP transactions.
log-dhcp

# Enable TFTP 
enable-tftp <<<<<<I added this bit as per @brakcounty suggested from his config

# Set the root directory for files available via FTP.
tftp-root=/tftpboot

# The boot filename, Server name, Server Ip Address
dhcp-boot=undionly.kpxe,,192.168.15.251

# Disable re-use of the DHCP servername and filename fields as extra
# option space. That's to avoid confusing some old or broken DHCP clients.
dhcp-no-override

# inspect the vendor class string and match the text to set the tag
dhcp-vendorclass=BIOS,PXEClient:Arch:00000
dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
dhcp-vendorclass=UEFI,PXEClient:Arch:00007
dhcp-vendorclass=UEFI64,PXEClient:Arch:00009

# Set the boot file name based on the matching tag from the vendor class (above)
dhcp-boot=net:UEFI32,i386-efi/ipxe.efi,,192.168.15.251
dhcp-boot=net:UEFI,ipxe.efi,,192.168.15.251
dhcp-boot=net:UEFI64,ipxe.efi,,192.168.15.251

# PXE menu.  The first part is the text displayed to the user.  The second is the timeout, in seconds.
pxe-prompt="Booting FOG Client", 1

# The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86,
# Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
# This option is first and will be the default if there is no input from the user.
pxe-service=X86PC, "Boot to FOG", undionly.kpxe
pxe-service=X86-64_EFI, "Boot to FOG UEFI", ipxe.efi
pxe-service=BC_EFI, "Boot to FOG UEFI PXE-BC", ipxe.efi

dhcp-range=192.168.15.251,proxy

@brakcounty Okay makes sense… dnsmasq was already installed and configured… Weird that it wouldnt boot before (hence we had to go the legacy option I believe) however now when I try and start dnsmasq it tells me to piss off because 69 is already in use?

"[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server…
[624]: dnsmasq: syntax check OK.
[678]: dnsmasq: failed to create listening socket for port 69: Address already >
[678]: failed to create listening socket for port 69: Address already in use
[678]: FAILED to start up
[1]: dnsmasq.service: Control process exited, code=exited, status=2/INVALIDARGU>
[1]: dnsmasq.service: Failed with result ‘exit-code’.
[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.

@brakcounty You mention you had to disable tftpd.service and yet your line in that code says “enable-tftp” Are they different things? (Yes I’m a noob to all this but up until recently FOG was a mint replacement to the shitty MDT box we had - Just damn manufacturers now stopping legacy option in bios means i’m forced to change this to UEFI)

@brakcounty Thats my question really, do I need to leave a setting in (66 67 or 150) to tell the Watchguard to send the PXE request to FOG? I presume I need to put a setting in somewhere or the client wont know where to go for it’s PXE boot

@george1421 So in effect, I just leave the Watchguard as a DHCP server, set option 66 and 150 to point to my FOG box, remove option 67 and then install DNSMasq? Or do I remove ALL options from my Watchguard and install DNSMasq?

Forgive my lack of knowledge on the subject lol. How does the PXE request then get to the FOG server? Does the client, send a DHCP request to the Watchguard and then a broadcast for PXE or do I need to leave something in the Watchguard to tell the client to go to FOG?

@george1421 @brakcounty

So the DHCP server runs off our Watchguard and is a separate network (we have one for our production lan and one for our build lab)

I can change the Watchguard interface from a DHCP server to a relay server but that would mean it wouldnt hand out DHCP leases right?