Using UEFI HTTP Boot with pfSense

About a year ago I started working with HTTP boot. It’s great that we no longer need a TFTP server for network booting, but there are also a few less than ideal challenges with the newer method. The biggest one is lack of documentation and simple configuration with DHCP servers. There are some examples available for the isc-dhcp-server used in many Linux/Unix systems, but if you’re using something like Ubiquiti or pfSense, good luck! It’s been a while since I’ve looked at an enterprise IPAM setup, but I fully expect support to be lacking there as well.

New-PfSense-Logo - Intelequest LLC

I opened a bug on this issue and was really impressed with how quickly the team jumped on it. Now if you’re running the 2.6.0 release, which is the latest as I write this, it’s pretty simple to get this up and running. Basically they added a field for UEFI HTTPBoot. It sounds simple enough right?

But adding it wasn’t working on either of my systems. I did a little packet sniffing and compared the response I was getting from my pfSense system vs a working dhcpd config in RHEL. In short, pfSense wasn’t sending option vendor-class-identifier “HTTPClient” with the response so my systems weren’t responding to the URL. Luckily it’s super simple to add this in the UI. Basically just add an additional option w/ the number 60, Type Text, and HTTPClient in the Value section. As seen here:

And that’s pretty much it. My network now offers up both PXE and HTTP boot to clients and it works really well. Hopefully this will help someone until this option is provided by default when the “UEF

Now all that’s left is to come up with a menu system that’s as powerful as syslinux that works with HTTP Boot. To date, I’ve only used GRUB and ……it really makes me miss the menu system from syslinux. It’s superior in every way IMO.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.