iPXE discussion forum
How do I chain through VPN? - Printable Version

+- iPXE discussion forum (https://forum.ipxe.org)
+-- Forum: iPXE user forums (/forumdisplay.php?fid=1)
+--- Forum: General (/forumdisplay.php?fid=2)
+--- Thread: How do I chain through VPN? (/showthread.php?tid=10078)



How do I chain through VPN? - Benjamin_D - 2017-06-22 17:52

Hello,

I currently have a test network setup comprised of a VPN server on one physical network, and two VPN clients on a different physical network. I need to be able to chain a file from the VPN server from a VPN client.

At the moment, my ipxe file looks like this:
Code:
#!ipxe
cpuid --ext 29 && set arch x86_64 || set arch i386
params
param mac0 ${net0/mac}
param arch ${arch}
param platform ${platform}
param product ${product}
param manufacturer ${product}
param ipxever ${version}
param filename ${filename}
isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
:bootme
chain http://10.8.0.1/fog/service/ipxe/boot.php##params

That last line uses a VPN IP. When the computer gets to the OS, the VPN tunnel does exist, so that is not an issue. I temporarily replaced the above code with the script to find all network adapters (https://gist.github.com/robinsmidsrod/3871687) but that only shows net0. Pinging the IP address in PXE results in a timeout.

I'm assuming I need to specify the VPN network adapter and set it, right? If so, how do I do that?


RE: How do I chain through VPN? - robinsmidsrod - 2017-06-27 10:05

iPXE has no specific support for VPN protocols. If you need to connect through a VPN, you need to set up the VPN connection in the router/gateway for the network where your iPXE clients live. Your iPXE clients then need to connect to an IP address that the router sends through the VPN to your secured network.

iPXE runs before any operating system is loaded, so it doesn't have access to any network adapters provided by your operating system. I would recommend you browse around on http://networkboot.org/ if you need to understand more of the fundamentals of both booting an x86 computer in general and network booting.