TFTP for PXE - answer from TFTP Server is blocked



  • Hi,
    here is a short explanation of my setup. I am booting a set of machines within a LAN with PXE. PXE uses TFTP to fetch the OS.
    The machines and the Server are seperated by a pfSense firewall:
    [Machine 1...n] <----> FIREWALL <----> Server

    The Server is responsible for DHCP and is also the TFTP Server for PXE (https://fogproject.org/).
    There is no NAT in between. The Firewall is configured to be a Bridge.

    What works:
    DHCP. The Machines are getting IP addresses from the DHCP Server.
    TFTP Request from Client to Server.

    What does not work:
    TFTP Response from server is blocked by Firewall.

    Firewall Rules:
    DHCP Ports are opened.
    TFTP (69) is opened on the Machines side.

    For my understanding, the pfSense is a stateful firewall. So it should see the TFTP requests from the machines and automatically allow the response from the Server.
    Why is the response from the server blocked by the default deny rule?


Log in to reply