• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8025
  • Last Modified:

WDS on Windows Server 2012 PXE errors

I setup the WDS on server 2012 and it also has dhcp service running with no scopes setup yet.

When I try to pxe boot a laptop it gets to PXE-E55 Proxydhcp service did not reply to request on port 4011.

PXE-MOF Exiting Intel Boot Agent
Selected boot device failed . Press any key to reboot.

There is no 60,67 options in the DHCP server
0
AGenAdmin
Asked:
AGenAdmin
  • 10
  • 9
  • 3
1 Solution
 
Netman66Commented:
If you have no scopes, what is the server going to respond with?  You need a scope to assign IPs to the client.

You probably need option 60, but test it with a scope first.
0
 
AGenAdminAuthor Commented:
Added the 60 option to the dhcp server and still get the Proxy Dhcp did not reply  to request on port 4011

pxe m0f exiting intel boot agent.  The laptop does get a valid ip from the dhcp server
0
 
Netman66Commented:
Is your wds server pxe role working?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
AGenAdminAuthor Commented:
Were using server 2012 and windows deployment workbench to deploy endpoints with windows 7
0
 
Netman66Commented:
OK, but if you don't have a PXE service running there is no PXE booting going to happen.
0
 
vivigattCommented:
Check my article:

http://www.experts-exchange.com/Networking/Misc/A_2978-PXEClient-what-is-it-for-Can-I-use-PXE-without-it.html

AFAIK, PXE-E55 Proxydhcp service did not reply to request on port 4011 means that the PXE client received a DHCP answer with Option 60 set to "PXEClient", which indicates that it must send "PXE" requests to UDP port 4011 on the same server that runs DHCP service, and thus that the PXE service MUST run on this server and be bound to UDP 4011.
If your PXE service runs on another host than the DHCP server, then you must NOT set dhcp Opt 60. Then, the PXE service will get DHCP DISCOVER packets sent by the client on standard DHCP port to broadcast address and will add its magic PXE sauce to the DHCPINFORM packets that the client receives.
IOW: if your PXE and DHCP servcie do not run on the same host, no DHCP opt 60.
Furthermore:
if you have a true PXE SErvice, no DHCP OPT 66 or 67 (PXE service role is exactly to provide this information, dynamically).
If your clients and DHCP/PXE servers are not on the same subnet, you need to setup a dhcp-relay/ip-helper so that dhcp broadcasts sent by clients are forwarded to the correct dhcp/pxe server(s).
If you have all that checked, then you may have a PXE issue. Check for PXE/BIOS updates for your clients.
0
 
AGenAdminAuthor Commented:
I removed the dhcp role off the server that hosts the WDS and have the dhcp boxes now unchecked under the Windows deployment services server options.

I also checked to be sure the option 60 is removed off the remote dhcp server.

Same issue when pxe booting the laptop so I then started the wds workbench from scratch to start over and no luck
wds.PNG
wds1.PNG
0
 
vivigattCommented:
You MUST authorize this WDS server in AD. This is not the same as assigning a DHCP role to your WDS server. WDS/PXE SErvices are using the same ports (bootpc, UDP 68) as the DHCP servers (unless they are running on a host that already runs DHCP/BOOTP service).
0
 
AGenAdminAuthor Commented:
Set authorize wds server in AD and now when I boot a laptop Im seeing PXE-E53 - No boot filename received.
0
 
vivigattCommented:
MUCH better.
Now you have your DHCP/PXE system working, at least for the first phase.

Check that you DO NOT have any of the DHCP option 60, 66 nor 67

Check that WDS/PXE is configured to serve your clients.
0
 
AGenAdminAuthor Commented:
Checked and have no options on dhcp server for 60, 67,66. Checked and the pxe is set to serve both known and unknown clients
pxe-tab.PNG
boottab.PNG
dhcptab.PNG
0
 
vivigattCommented:
This config seems OK to me.

Have you restarted the WDS server?

Isn't there another WDS/PXE server on your network?
Are the WDS server and clients on the same subnet? If not, you need to set a DHCP-relay/ip-helper.

Can you run a packet monitor (Wireshark or MS Netmon), filter on UDP 67 and 68 and send the captured packets?
0
 
AGenAdminAuthor Commented:
Just restarted the wds server and this is the only WDS server active on our network same subnet.

On the WDS event viewer I see this under operational however I still get the No boot filename received on the laptop.

 An endpoint was opened by provider WDSPXE.

Type: UDP
Address: 4011
0
 
vivigattCommented:
could it be that the WDS/PXE server is bound only to UDP 4011?

Easy to check. Run the following command on the server:
netstat -ba -p UDP -n

you should see a list of connections.
There should be one line ending with :4011 (proxy DHCP) and another line ending with :67  (bootps, the port that DHCP/BOOTP/PXE services are bound to).

Can you copy these lines, each one along with the line just below which states the exe name that created the binding?
0
 
AGenAdminAuthor Commented:
See document attached
could-it-be-that-the-WDS.docx
0
 
vivigattCommented:
WDS server is correctly bound to UDP 67 (DHCP server), UDP 69 (TFTP server) and 4011 (ProxyDHCP server).
Please check any firewall/access rule, on the server or on the switch/routing device(s).
Also try to grab WDS logs if you can.
You may also do a simple test: connect a laptop to the cable that your client is usually using, check that you get an IP address and that you can ping the WDS server.

If nothing works, a packet trace will help us identifying the issue, if seems that the client does not receive boot file information. You can also double check the DHCP option( server option, scope option, reservations etc).
0
 
AGenAdminAuthor Commented:
This is the only error I see under event viewer Deployment services

[WDSServer] [base\eco\wds\wdsmgmt\src\wdsdirectoryservicesusepolicy.cpp:295] Expression: , Win32 Error=0x2
0
 
vivigattCommented:
No reference to this error anywhere I could find.
Win32 error 2 is "file not found". It must refer to "directory service use policy" and certainly tells us that the WDS does not use any AD policy. I don't think this is a real error.

Please run the ping test. I think it will succeed, but it is worth checking.

Then, well, a packet capture might be the best tool for me to help you.
0
 
AGenAdminAuthor Commented:
rename to .pcapng
testcapture.txt
0
 
vivigattCommented:
The capture was captured on the WDS server right?
it does NOT receive any of the DHCP broadcast that the client sends, thus it does not answer...

Have you checked access rules on the switches, firewall etc? DHCP snooping maybe?

A test to consider would be to connect a client and the WDS server to the same switch as the DHCP server and see if this is any better.
0
 
AGenAdminAuthor Commented:
Im thinking it is due to the wds server being on Server 2012 and the dhcp server on 2008 but may be wrong. Going to start fresh and follow everything to a t and see if this works
0
 
vivigattCommented:
Nope, this is not a problem of this kind. Your WDS/PXE server does NOT receive the DHCPDISCOVER messages from the clients that are the start of everything in PXE boot process.
If your WDS server is not on the same subnet as the clients, you must configure a DHCP-RELAY (ip-helper address in Cisco word) so that the DHCP packets sent to broadcast address by the clients are forwarded to your WDS server.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 10
  • 9
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now