PFSense and Synology TFTP & PXE Boot

I’ve been meaning to update my home lab for a while now and I finally found some time to begin working on this project. The upgrade for my lab will configuring TFTP on my Synology and configuring my PFsense firewall to handout the necessary DHCP parameters to support PXE Boot.

First we’re going to start with the Synology and configure TFTP. So connect to your Synology server and configure TFTP settings:
Go to Control Panel > File Services > TFTP and select Enable TFTP service. In the TFTP root folder field, specify which folder on the Synology NAS can be accessed by TFTP clients. For this, I created a folder in the root of my Synology called tftp.

Click Advanced Settings to configure the following settings:
Enable TFTP file transfer log: Keep track of data transferred via TFTP.
TFTP Client Permission: you need to decide

TFTP client permissions:
Read only: TFTP clients can only view contents of the root folder.
Writeable: TFTP clients can modify the contents of the root folder.
I went with Read only.

Allowed clients: Choose which clients are allowed to connect via TFTP:

All connections: All clients can connect via TFTP.
Only allow the following IP address range: Only clients in the specified IP range can connect via TFTP.

Here you’re going to want to restrict which networks can connect and use TFTP for this I used my network range from .0 to .254

Timeout: If the TFTP server (i.e. your Synology NAS) remains unresponsive over the specified time lapse, the TFTP connection will be stopped.
Click Apply to save the settings.

Once I had the above configured I moved on to pfsense. This is how I configured PfSense to support PXE boot. In this scenario, I wanted some Linux devices and ESXi hosts to boot to an imaging environment. So Connect to your PfSense server and configure PXE Boot, go to Services > dhcp server.

Specify the following options :

IP Address of TFTP server (this is the IP address of my Synology Server)
Enable network booting yes

Now you need to create a static mapping for your server using the mac address and complete the following field Netboot filename (= filename of legacy of UEFI bootfile name, in my case esxi67/mboot.efi or ubuntu/pxelinux.0)

Click Apply to save the settings.

I used the Ubuntu NetBoot image for my Linux system. After you’ve saved your setting in pfsense, I powered on my first host and chose network boot and viola after about 20-30 seconds I got a Ubuntu boot screen.