Clients cannot contact the ADS Controller or they receive no PXE response from the ADS Controller during the PXE startup process (883396)
The information in this article applies to:
- Microsoft Windows Server 2003, Enterprise Edition
SYMPTOMSDuring a Pre-Boot eXecution Environment (PXE) startup process, you may experience the following behavior: - Client computers may not be able to contact the Microsoft Windows Server 2003 Automated Deployment Services (ADS) Controller.
- Client computers receive no PXE response from the ADS Controller.
This behavior may occur if the client computers try to contact an ADS Controller that has Internet Protocol security (IPSec) enabled. CAUSEThis behavior occurs if the Require Security IPSec policy is configured on the computer that is running the ADS Controller.
When the Require Security IPSec policy is configured, the ADS Controller helps secure both directions of traffic by requesting IPSec security from the clients.
When a non-IPSec-aware client tries to communicate with an IPSec-aware server, the Require Security IPSec policy prevents any communication between the client and the server.
When a non-IPSec-aware client contacts an ADS Controller during the PXE startup process, the ADS services do not respond to the PXE requests because the Require Security IPSec policy prevents any communication between the client and the controller.RESOLUTIONTo resolve this behavior, use one of the following methods on the computer that is running the ADS Controller: - Disable IPSec.
- Change the IPSec policy from Require Security to Request Security.
| Modification Type: | Major | Last Reviewed: | 10/27/2004 |
|---|
| Keywords: | kbtshoot KB883396 kbAudITPRO |
|---|
|