This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
hcampuzano
Participant
‎2023-08-30 03:55 PM

How to configure DHCP for PXE Booting

Is it possible to configure Checkpoint as DHCP server to forward PXE requests to a Distribution Point for Windows imaging?
The PXE server and the firewall are on the same subnet and the firewall is the DHCP server.
The new clients that request the image installation cannot communicate with the Distribution Point (PXE server) because the DHCP server (the firewall) is not sending the PXE requests.

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2023-08-30 06:41 PM

Sounds like this should be configured on the PXE server itself, not via DHCP.
See the following: https://techcommunity.microsoft.com/t5/configuration-manager-blog/you-want-to-pxe-boot-don-t-use-dhc... 

0 Kudos
(1)
six
Explorer
‎2024-01-16 01:13 AM

Checkpoints are useless at this - you have to go into the operating system files and manually edit them. https://askubuntu.com/questions/874648/setting-options-66-and-67-for-isc-dhcp-server

The fact there is no way of doing this from the management server or Gaia in 2024 is pretty damning.

0 Kudos
_Val_
Admin
Admin
‎2024-01-16 03:12 AM
In response to six

Hey @six, putting aside your unprofessional and disrespectful tone, are you aware that Gaia is not based on Ubuntu?

0 Kudos
six
Explorer
‎2024-05-17 06:16 AM
In response to _Val_

Good afternoon. I am sorry you feel this is unprofessional but we all must accept that there are flaws with Check Point and this is one them. The solution I linked to is the correct fix for this issue -  it's a Linux operating system so it doesn't matter if it's Ubuntu or Gaia.

0 Kudos
Bob_Zimmerman
Authority
Authority
‎2024-05-17 07:37 AM
In response to six

Strictly, it can be done from the management server. A tool called cprid_util can be used to push files to, pull files from, or run arbitrary non-interactive commands on a firewall which reports to a given management. cprid_util can also be used via the /run-script Gaia API call.

Sure, it's less convenient than proper support for DHCP options in clish and via the Gaia API would be, but it's at least possible.

I do wish Check Point would give up on clish. I understand the goal: it's nice to have a single "configuration" rather than state spread across dozens of files. Greatly simplifies change management, auditing, and so on. It just doesn't work well. It's consistently the worst part of interacting with a firewall or management server. Useless for troubleshooting (no pipes for grep, awk, etc.; no loop constructs; no file I/O), incredibly irritating on VSX, there's all kinds of missing functionality like the ability to set DHCP options. And it's more than a little ridiculous that Check Point's own article on using DHCP options (sk92473) acknowledges that clish will muck up this config so you need to set the immutable flag to prevent it from undoing your work.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events