So after finally figuring out how to add the DHCP options 66 and 67 to my DHCP Scope on the Sophos XG Firewall I am now having trouble with how it's presenting the values. I know ip helpers are the preferred way of doing things but my setup doesn't allow for that. Here's what I have and what's happening:
Sophos XG - VLAN 1 - 172.30.1.1
I then have sub interfaces defined for the other VLANs, VLAN 10, 20 and 30 (172.30.10.0, 172.30.20.0, 172.30.30.0 etc.).
The WDS server is on 172.30.10.0 and the workstation is on 172.30.20.0. For testing within Sophos I have unrestricted access between all VLANs so nothing is blocked.
Running Wireshark I can see that the PC sends out DHCP Discover, Offer, Request and finally the ACK and get's the IP address. I see this also in Sophos, so I know the DHCP part is working. Drilling down I can see the DHCP options that it's sending and this is where I think things are going wrong.
Depending on the version of the NIC (I'm using a Hyper-V VM for testing) option 66 wont get sent at all (Generation 1 using Legacy NIC for PXE boot). Generation 2 does receive option 66. Option 66 being the IP address of the WDS server.
However, option 67 which is the bootfile name which should be boot\x64\wdsnbp.com will always remove the '\' character, no matter how many times I try and escape it. When I add this option in the CLI I enter it as boot\\\\x64\\\\wdsnbp.com and when I list the bindings it shows 'boot\x64\wdsnbp.com' which is correct but that's not what it's sending to the client.
That's kind of a long winded way of saying I don't think the DHCP options are being sent correctly from Sophos or I am doing something really really wrong. However, I have also added boot options for my VOiP phones and that works perfectly for auto-provisioning them (again on a different VLAN) so that piece works.
This thread was automatically locked due to age.
