Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 42 subscribers
  • Views 8996 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to enter special-characters like '&' to DHCP-option string-values ?

bat-attack

Hi All,

does anyone know how to enter characters like '&' to dhcp-string option vlaues ?

console> system dhcp dhcp-options binding add dhcpname DHCP_LTE-Router optionname Vendor_Encapsulated_Options(43) value "antenna&apn=internet&pin="
% Error: Unknown Parameter 'antenna&apn=internet.provider&pin=1234'

thx in advance



This thread was automatically locked due to age.
  • 0

    Having the same problem here in XG115w SFOS 17.0.6 MR-6 trying to use semicolon delimiters in option 43 string for mitel phones which is working fine in Cisco equipment being replaced by XG and also in Windows servers with the same setup.  This is the error:

     

    console> system dhcp dhcp-options binding add dhcpname Default_DHCP_Server optionname Vendor_Encapsulated_Options(43) value 'id:ipphone.mitel.com;sw_tftp=1.2.3.4;call_srv=1.2.3.4;vlan=1;l2p=6;dscp=46'
    % Error: Unknown Parameter 'id:ipphone.mitel.com;sw_tftp=1.2.3.4;call_srv=1.2.3.4;vlan=1;l2p=6;dscp=46'

     

    The option is successfully applied if the semicolons are replaced with commas only as a test but I don't think that will give the necessary result for the phones.  Another similar unanswered question @ https://community.sophos.com/products/xg-firewall/f/initial-setup/82857/using-special-characters-pipe-in-dhcp-option-value-fields

    Suggestions are appreciated

  • +1

    I HATE when people don't come back to answer the question they initially asked. So much more work for me, and I always come back to update to spare others the same pain as me.

    I resolved this issue (mine specifically was trying to use option 125 or option 43 with Mitel Phones) by converting the string to HEX. BUT you have to convert it very specifically.

    After following here: https://community.sophos.com/kb/en-us/123529 Reading the Sophos XG CLI Guide, Googling my issue, and even opening a ticket with Sophos support. EVERYTHING was a dead end! But I still figured it out.

    A few things need to be noted on that page:

    1. HEX is allowed when the optiontype is set as a string. I couldn't find info on this VERY important information in the CLI admin guide OR online in various Sophos KB Articles.
    2. HEX needs to be entered as a value as follows 00:00:04:03:67 NO QUOTES, NO SPACES, USE : TO SEPARATE VALUES IN 2 DIGIT BLOCKS, NO ENTERING VALUES IN WITHOUT AS A DELIMITER.

    Here's a step by step to use Option 43. I assume you already know how to get to the device console if Google lead you to this thread and you know your DHCP server name:

    1. Create your string (in WORDpad or something you know won't do any funny business with the text), mine is (DO NOT forget the ; on the end if you are doing this to use with Mitel, and don't forget to apply to both DHCP server ranges if you are using a VLAN like me):    id:ipphone.mitel.com;sw_tftp=192.168.7.1;call_srv=192.168.7.1;vlan=20;l2p=6;dscp=46;ipa_srv=192.168.7.1;
    2. I went here: www.rapidtables.com/.../ascii-hex-bin-dec-converter.html
    3. Number Delimiter needs to be set to "User Defined" and the character needs to be : 
    4. Copy and paste the string you made into the ASCII Text box
    5. Copy your HEX CODE from that website into WORDpad BE CAREFUL as NOTEpad loves to add line breaks. Edit it as follows in step 6 and copy it from word pad and paste it into your XG console.
    6. system dhcp dhcp-options binding add dhcpname Default_DHCP_Server optionname Vendor_Encapsulated_Options(43) value 69:64:3A:69:70:70:68:6F:6E:65:2E:6D:69:74:65:6C:2E:63:6F:6D:3B:73:77:5F:74:66:74:70:3D:31:39:32:2E:31:36:38:2E:37:2E:31:3B:63:61:6C:6C:5F:73:72:76:3D:31:39:32:2E:31:36:38:2E:37:2E:31:3B:76:6C:61:6E:3D:32:30:3B:6C:32:70:3D:36:3B:64:73:63:70:3D:34:36:3B:69:70:61:5F:73:72:76:3D:31:39:32:2E:31:36:38:2E:37:2E:31:3B

    If for some reason you want to use Option 125 with Mitel, you need to create the option with the following command:

    system dhcp dhcp-options add optioncode 125 optionname mitel optiontype string

    Then you do everything above, but on the hex code you generated, you have to preface it with 00:00:04:03:67: so in my case it was 00:00:04:03:67:69:64:3A:69:70... (and all the rest from above).

    I hope this helps the next person with a question like this.

  • 0 in reply to LeetJN

    Thank you for this, it helped me out enormously, my Mitel phones are now working behind a Sophos RED tunnel to Head Office where the Mitel box is located.

     

    Christian

Unfiltered HTML