PXE-E32: TFTP OPEN TIMEOUT error when attempting to PXE boot.
Article ID: 177090
Deployment SolutionGhost Solution Suite
Attempting to PXE Boot results in Error: PXE-E32: TFTP OPEN TIMEOUT
Deployment Solution 7.x and 8.x all versions Ghost Solution Suite 3.x
Verify the Altiris eXpress PXE Server Service is running. If it is not running, start it.
Check to see if Vendor Specific mode is enabled. Reference KB HOWTO7071
(GSS) It is normal to see the Altiris eXpress PXE MTFTP service not running and set to manual when looking at the services management console. Verify that under the Altiris eXpress PXE SERVER service, if you right-click it and go to the Dependencies tab, that the “Altiris eXpress PXE MTFTP” service is listed under These services depend on "Altiris eXpress PXE Server".
Verify that there are no other PXE servers running on the network. This is something that can be accomplished using a network sniffer. With the network sniffer verify that no other PXE server is responding to the client computer. The existence of another PXE server on the network could cause the PXE client to receive invalid TFTP server information.
If the the three above steps check out, verify that PXE/TFTP server is listening on port 69. This can be done by running the utility TCPView from www.sysinternals.com and verifying the existence of ports 69, 1758, and 1759 (GSS) in the Local Address section. DS 7/8 will only show port port 69
(GSS) If the services are running in the service manager, but there are no services showing up in the tcpview other than on the pxe configuration service, look in the task manager on the pxe server (remote or ds local) to see if there are a large number of processes in the task manager. If there are, use the following command line in a command prompt: taskkill /Im process.exe /F This will stop the processes and free up resources so that the pxemtftp and the pxe service can run. This can be verified in the tcpview after running the command line.
(GSS) If you are crossing subnets/VLANs/VPN, make sure that ports 69, 1758, and 1759 are allowed and that the network infrastructure is configured properly to allow the client computer to connect to the server via port 69, 1758, and 1759.
DS 7/8 will only show port port 69
(GSS) If your network is not properly configured to allow Multicasting, or you are not sure if it is, disable multicasting for the bootfile transfer by following the instructions in the document “Disabling Multicast for the PXE Boot File Transfer”. (For disabling Multicasting Deployment Solution 6.5: If the routers/switches have been configured to pass multicast broadcast packets and the error is still occurring, go the PXE Configuration Utility in the DS console under Tools > PXE Configuration and the Multicast tab. You can disable the “Use Multicast for Boot File Transfer” (in Deployment Solution 6.5 the option is "Enable MTFTP") and then send the job out again. This disables the use of multicast and then the settings on the routers/switches will no longer be a factor.)
Check to make sure that teamed NICs on the Deployment Solution are functioning correctly. Removing the team and re-creating it has resolved this issue for HP DL380 servers.
Another issue that has been discovered is if the machine that is PXE booting is assigned an IP address of the form xxx.xxx.xxx.255. The tftp server treats this as a broadcast and ignores it. To resolve this, an IP reservation needs to be made so that the .255 address is not assigned.
IPsecurity policies can also cause this error. To test this disable the IPSEC service and try pxe booting the client. If the client is able to PXE boot then you will need to make a boundary box exception in the IPSEC policy to allow communication over tcp/ip port 68 and 69 to the deployment server.
If all of the above check out and you are still seeing the error, collect all of the PXE Logs, as well as sniffer traces from the PXE server. Make sure that the sniffer traces are not filtered and capture all traffic. Also make sure to include any event viewer logs that might relate to PXE.
(DS 6.9/GSS) Make sure the box 'Enable response to computers with active DS job assignments only' in the DS tab of the PXE configuration utility is NOT checked. It will cause a PXE E32 TFTP Open timeout error as well.
For testing purposes. Disable windows firewall on the pxe\mtftp server