Thread Info
  • Locked Locked
  • Replies 12 replies
  • Subscribers 44 subscribers
  • Views 17762 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PXE Boot DONE!

Panagiotis Vakerlis

Hello everyone!

Since documentation on pxe booting on XG is (at least) gray, I've finally found a solution that works for me and opened this discussion to share ideas or success stories if it's working for others.

First of all, we'll need to login to the console of the XG.  There are 2 ways for that:

1) On the webpage of the XG, click on your name(probably admin) on the top right corner and click console. It will ask for password and then to press enter to show the console menu

2) Via SSH(eg. putty). Remember your username is not root if you're used to it, it's admin!

After that, we get to the same menu for both. A list with numbers to select for settings. We press 4 to enter Device Console.

Once we're in the Console, we'll need to know 3 things. The name of the DHCP server(the default is Default_DHCP_Server, the Tftp-server IP and the bootfile. My case let's say it's Default_DHCP_Server, tftp ip is10.10.10.148 and the bootfile is pxelinux.0 
You can find the name of the DHCP Server clicking Network->DHCP on the sfos web page.
We enter these 2 commands:

system dhcp dhcp-options binding add dhcpname Default_DHCP_Server optionname TFTP_Server_Name(66) value 10.10.10.148

system dhcp dhcp-options binding add dhcpname Default_DHCP_Server optionname Bootfile_Name(67) value pxelinux.0

Notice that although all the manuals and other people used brackets on the values(eg. 'pxelinux.0'), I didn't. Don't know if it's better, but since it's working this way, I didn't touch it!

Close the console. At this point, you should get an ip address when you try to boot from lan, but will not boot to the environment, although you should. I believe the problem lies the XG doesnt like to forward to another server, although it now knows there's a pxe boot.

Next step is to go to the web page of the XG and go to Firewall -> Add Firewall Rule ->Business Application Rule

Application Template "Full Nat/DNAT/Load Balancing"

Position "Top"

Enter the rule name you want (eg. TFTP)

Source "LAN" - Allowed Client Networks "ANY"

Destination "10.10.10.1" (Your routers address. DO NOT use the ones with a # in front. We'll need it for later! Probably you don't have it, so create one. Name it Sophos and put its address)

Services add one with port UDP 69 and one with port UDP 4011

Protected Servers "10.10.10.148" (your pxe servers address. add it if you don't have it)

Protected Zone "Lan"

Next click Rewrite Source Address "Masquerading" and click the one with the rules name(in my case it was #TFTP). Do not use MASQ

Finally click create reflexive rule and save the rule.

Voila! For me anyways.

I tested this with Clonedeploy and FOG and it boots.



This thread was automatically locked due to age.
Parents Reply
  • in reply to FloSupport

    You're very welcome! :)

    Actually, I'd rather for the community to test it first so we can be sure it's a global solution rather than a personal one before posting a KB, but sure.

    Enterprise-wise though, it should already be implemented on the web adminstration page. In my opinion, being able to backup and deploy machines on demand and remotely is a crucial feature for an IT who wants his head not sweating! With PXE we can set which machines will we backed up on next boot and if a machine breaks down, we can program to deploy the previous machine's image to the new pc without the need to go back and forth to the companies. It will make our lives a lot easier!

Children
Unfiltered HTML