Troubleshoot methods for PXE errors

These error codes will be visible only if you boot your computer in legacy mode. List of errors addressed in this document:

PXE-E32: TFTP open timeout/PXE-E35: TFTP read timeout
NBP filesize is 0 bytes PXE-E23: Client received TFTP error from server
PXE-E53: No boot filename received PXE-M0F: Exiting Intel PXE ROM.
PXE-E16: No valid offer received

Problem

Open timeout error occurs when the TFTP open request to read the boot file goes unacknowledged. Read timeout error occurs when the TFTP data packet is not received by the client server.

Solution

To solve this issue follow the steps mentioned below:

Check if the ManageEngine OS Deployer PXE Server is running
Check Windows Defender Firewall
Check Antivirus exclusions (for remote offices)
Check the DHCP configurations
Check network reachability

Check if the Manage Engine OS Deployer PXE Server is running

Go to Windows Start -> Run -> Type Services.msc
Select Manage Engine OS Deployer PXE Server. Verify if the service is running under status.
If the service is not running, try to restart the service by clicking on the Restart service. Refresh and check again if the service is running.
If the service is still not running, verify if any other PXE service is running in port 69.
Note: PXE service by default runs on port 69, which might result in a conflict of services.
- To verify, run the following command in Command Prompt,
  netstat -naop UDP | findStr "69"
- You will receive a response with the PID in the far right.
  UDP 0.0.0.0:<portnumber> *:* <PID>
  
  Example:UDP 0.0.0.0:69 *:* 11235
- Go to Task Manager -->Services tab and search for the PID under PID tab.
- If any other PXE service (eg., WDS PXE) is running in that port, stop/uninstall the service. And start ManageEngine OS Deployer PXE service.
This applies to both local and distribution server wherever ManageEngine OS Deployer PXE server is installed.

Check Windows Defender Firewall

This is applicable to both local and distribution server wherever ManageEngine OS Deployer PXE server is installed.

Go to Control Panel --> System and Security --> Windows Firewall. (If it is turned off skip the steps given below.)
If Windows Firewall is turned on in your computer, from the left pane click on Advance settings --> Inbound Rules
Click New Rule --> Rule Type --> Choose port --> Next.
Under Protocols and ports, choose UDP and select specific local ports. Enter the following values - 69, 4011 and click Next.
Under Action, select "Allow the connection if it is secure" and click Next.
Under Users, click Next. Under Computers, click Next.
Under Profile, select all options- Domain, Private and Public, and click Next.
Under Name, add a name for the rule for eg., ManageEngine OS Deployer PXE Service Ports and click Finish.

Antivirus exclusions (for remote offices)

For remote offices, exclude the following files and folders in the antivirus application running in your remote office. Exclude the following folder, OS Deployer Server -<OS Drive>\Program Files(x86)\Zohocorp. If you do not want to exclude the folder from Antivirus, you can exclude the following EXEs.

In the Distribution server installed machine,

The following files located under <OS Drive>\Program Files(x86)\Zohocorp\OSDPXEComponent\PXEService\bin directory:

wrapper.exe
osd-tftp.bat

The following files located under <OS Drive>\Program Files(x86)\Zohocorp\OSDPXEComponent\PXEService\jre\bin directory:

java.exe

Refer this document to know more about antivirus exclusions.

Check if the DHCP configurations

To verify the boot file names and servers, refer this document.

Verify if the applicable server or Distribution Server's IP address and the correct boot file name are configured in the DHCP and boot the client computer again.
On the occasion of product server migration (if you have shifted the product server from one computer to another),
- Verify if the new IP address of the product server is configured in the DHCP server.
- Create a new PXE media and publish again.
Whenever a new remote office is created, the PXE media should be published again and configured in the respective DHCP server.
Check if any other Deployment software settings are configured in your DHCP server. This might interrupt the ManageEngine OS Deployer PXE server. Remove other PXE configurations and continue. Example: If WDS was used previously, the DHCP configurations would have been automatically added in the DHCP server. So it is required to remove properties like bootfile(option 67), bootserver(option 66), and PXEClient(option 60).

Network reachability.

Check if the product server, DHCP and the target computer are connected in the same network and are also able to communicate across VLANs.

Problem

This error occurs when DHCP option is configured for legacy in single boot mode and the target machine boots in UEFI boot sequence.

Solution

Execute any one of the following step.

If you have Windows DHCP server, create policies for multiple boot mode. This enables your machine to acquire the correct boot file based on boot mode. Refer this document to create policies for multiple boot mode.
If you are booting in UEFI boot mode, change the boot file name to EFI\Boot\bootx64.efi for 64 Bit and EFI\Boot\bootia32.efi for 32 Bit in your DHCP server. Or else boot your computer in legacy mode.

Problem

This error occurs when the client computer tries to boot using PXE but does not receive enough instruction to perform the boot. The basic PXE process starts with a DHCP request. The DHCP response is expected to have the following,

an IP address for the target machine
the address of the PXE server
the boot file name.

If the response contains only the IP address of the target machine and not the boot file name and boot server IP, an E53 error is displayed.

Solution

To solve this issue follow the steps mentioned below:

Check if the ManageEngine OS Deployer PXE Server is running
Check Windows Defender Firewall
Check Antivirus exclusions (for remote offices)
Check the DHCP configurations
Check network reachability

Check if the Manage Engine OS Deployer PXE Server is running

Go to Windows Start -> Run -> Type Services.msc
Select Manage Engine OS Deployer PXE Server. Verify if the service is running under status.
If the service is not running, try to restart the service by clicking on the Restart service. Refresh and check again if the service is running.
If the service is still not running, verify if any other PXE service is running in port 69.
Note: PXE service by default runs on port 69, which might result in a conflict of services.
- To verify, run the following command in Command Prompt,
  netstat -naop UDP | findStr "69"
- You will receive a response with the PID in the far right.
  UDP 0.0.0.0:<portnumber> *:* <PID>
  
  Example:UDP 0.0.0.0:69 *:* 11235
- Go to Task Manager -->Services tab and search for the PID under PID tab.
- If any other PXE service (eg., WDS PXE) is running in that port, stop/uninstall the service. And start ManageEngine OS Deployer PXE service.
This applies to both local and distribution server wherever ManageEngine OS Deployer PXE server is installed.

Check Windows Defender Firewall

This is applicable to both local and distribution server wherever ManageEngine OS Deployer PXE server is installed.

Go to Control Panel --> System and Security --> Windows Firewall. (If it is turned off skip the steps given below.)
If Windows Firewall is turned on in your computer, from the left pane click on Advance settings --> Inbound Rules
Click New Rule --> Rule Type --> Choose port --> Next.
Under Protocols and ports, choose UDP and select specific local ports. Enter the following values - 69, 4011 and click Next.
Under Action, select "Allow the connection if it is secure" and click Next.
Under Users, click Next. Under Computers, click Next.
Under Profile, select all options- Domain, Private and Public, and click Next.
Under Name, add a name for the rule for eg., ManageEngine OS Deployer PXE Service Ports and click Finish.

Antivirus exclusions (for remote offices)

In the Distribution server installed machine,

The following files located under <OS Drive>\Program Files(x86)\Zohocorp\OSDPXEComponent\PXEService\bin directory:

wrapper.exe
osd-tftp.bat

The following files located under <OS Drive>\Program Files(x86)\Zohocorp\OSDPXEComponent\PXEService\jre\bin directory:

java.exe

Refer this document to know more about antivirus exclusions.

Check if the DHCP configurations

To verify the boot file names and servers, refer this document.

Verify if the applicable server or Distribution Server's IP address and the correct boot file name are configured in the DHCP and boot the client computer again.
On the occasion of product server migration (if you have shifted the product server from one computer to another),
- Verify if the new IP address of the product server is configured in the DHCP server.
- Create a new PXE media and publish again.
Whenever a new remote office is created, the PXE media should be published again and configured in the respective DHCP server.
Check if any other Deployment software settings are configured in your DHCP server. This might interrupt the ManageEngine OS Deployer PXE server. Remove other PXE configurations and continue. Example: If WDS was used previously, the DHCP configurations would have been automatically added in the DHCP server. So it is required to remove properties like bootfile(option 67), bootserver(option 66), and PXEClient(option 60).

Network reachability.

Check if the product server, DHCP and the target computer are connected in the same network and are also able to communicate across VLANs.

Problem

This problem occurs when you have configured 060 option as PXEClient in DHCP server.

Solution

060 option configured in DHCP

To resolve this problem you need to remove option 060 as PXEClient in DHCP server.