Update 2022-08-15: Added PowerShell commands to configure a Windows DHCP server for PXE boot.
Update 2018-04-28: I’ve added the information in this post to a new one completely re-written for Windows Server 2016 here
In a previous post PXE Booting for Microsoft Deployment Toolkit I mentioned that I would talk about how to set up PXE to deal with VLANs. To be honest I forgot all about it until someone on twitter reminded me - many thanks for the reminder!
A lot of what I’m going to go through in this post I learned from this YouTube video from BranchCache Bob, here’s the video. There are some differences, which I’ll point out below.
You have multiple VLANs, and have a mixture of devices with BIOS and UEFI and need to boot them from the network using PXE from a WDS server.
- A Windows Deployment Server
- A Microsoft DHCP server (does not have to be running on the same server as WDS)
- Have the DHCP server’s IP as a helper address on your network switch for each VLAN you want to boot
Defining DHCP Vendor Classes
The first thing to do is to define the vendor classes for the BIOS PXE Client x84 and x64 and the UEFI PXEClient x86 and x64. To do this:
- Go to “DHCP”, right-click on IPv4
- In the “DHCP Vendor Classes” window, click Add
- For the Name enter “PXEClient (UEFI x86)”
- For the “Description” enter whatever you want
- Under the ASCII text enter
PXEClient:Arch:00006(you will not be able to paste this text, and it’s also case-sensitive
- Click OK to add it to the list
- Now repeat steps 2 - 6 for “PXEClient (UEFI x64)” with
PXEClient:Arch:00007as the ASCII value
- Finally, repeat steps 2 - 6 for “PXEClient (BIOS x86 & x64)” with
PXEClient:Arch:00000(five zero’s) as the ASCII value
or using PowerShell:
You should now have three additional vendor classes.
Creating the DHCP Policies
Now we’re going to create policies in DHCP so that the correct files are served to the correct clients. You will need to do this for each DHCP scope.
- Go to DHCP and expand the scope you wish to create a policy for
- Right-click on “Policies” and choose “New Policy”
- Enter “PXEClient (UEFI x64)” for the name
- Enter a “Description”, or leave it blank. Click Next
- On the “Configure Conditions for the policy” screen, click Add
- In the “Add/Edit Condition” window, click the “Value:” drop down menu
- Choose the “PXEClient (UEFI x64)” vendor class you created earlier
- Tick the “Append wildcard” check box and then click Add and finally OK
- Click Next on the “Configure Conditions for the policy” screen
- On the “Configure settings for the policy” screen, click No for the “Do you want to configure an IP address range for the policy”. Click Next
- Please Note: if DHCP is on the same server as WDS, you will need to set option 060, if WDS is on a different server, you do not need to set option 060
- On the “Configure settings for the policy” screen, scroll down until you see options “060” (if applicable), “066” and “067”
- Tick option “060” and enter “PXEClient” if applicable
- Tick option “066” and enter either the FQDN or the IP address of the WDS server
- Tick option “067” and enter
boot\x64\wdsmgfw.efi- this is the x64 UEFI boot file for WDS. Click Next
- On the “Summary” screen, if all the details are correct, click “Finish”
- Now repeat steps 2 - 14 for “PXEClient (UEFI x86)” with
boot\x86\wdsmgfw.efias option “067”
- Finally, repeat steps 2 - 14 once again for “PXEClient (BIOS x86 & x64)” with
boot\x64\wdsnbp.comas option “067” and leave option “060” empty
or using PowerShell:
The -ScopeId should be the IP range of the DHCP scope you want to add the policy to.
Don’t forget to repeat the above for each DHCP scope you wish to PXE boot from. In DHCP if you expand the “Scope Options” folder you should see the new options you just created and under “Policy Name” should be the names of the policies you just created.
You should be able to boot both a UEFI and BIOS devices from the network. Please note, if DHCP is installed on the same server as WDS, you will need to check both the “Do not listen on DHCP ports” and “Configure DHCP options to indicate that this is also a PXE server” options. I do not currently have DHCP and WDS on the same server, so I cannot reliably test this on a multi VLAN network.
On my production network, I had previously added a helper address for the WDS server along with the DHCP server, so I have two helper addresses. I have not added policies for anything except PXEClient (UEFI x64) as my standard BIOS devices booted without issue, but my UEFI devices wouldn’t boot at all. I haven’t added PXEClient (UEFI x86) as all my devices boot x64 images and use x64 Task Sequences. So I have only one Policy in DHCP/IPv4/Scope x.x.x.x/Policies. My WDS server is running Windows Server 2016 and my DHCP server is Windows Server 2012 R2. An issue I currently have is that I cannot perform more than 2 or 3 PXE boots at a time, but no doubt it’s something to do with the “unique” configuration of my network. I guess your mileage may vary, but hopefully this post helps you out in some way.
Support My Work
If you would like to support me, please check out the links below.
If you have any questions or comments please use the comments below or join the Discord.