This chapter describes how to perform a WAN boot installation on a SPARC based client. For information about how to prepare for a WAN boot installation, see Chapter 11, Installing With WAN Boot (Tasks).This chapter describes the following tasks.Preparing the Client for a WAN Boot Installation Installing the Client The following table lists the tasks you need to perform to install a client over a WAN.Task Description For Instructions Prepare the network for a WAN boot installation. Set up the servers and files that are required to perform a WAN boot installation. Chapter 11, Installing With WAN Boot (Tasks) Verify that the net device alias is set correctly in the client OBP. Use the devalias command to verify that the net device alias is set to the primary network interface. To Check the net Device Alias in the Client OBP Provide keys to the client Provide keys to the client by setting OBP variables or entering key values during the installation.This task is required for secure installation configurations. For insecure installations that check data integrity, complete this task to provide the HMAC SHA1 hashing key to the client. Installing Keys on the Client Install the client over a wide area network. Choose the appropriate method to install your client. To Perform a Noninteractive WAN Boot InstallationTo Perform an Interactive WAN Boot Installation To Perform a WAN Boot Installation With a DHCP Server To Perform a WAN Boot Installation With Local CD Media Before you install the client system, prepare the client by performing the following tasks.To Check the net Device Alias in the Client OBP Installing Keys on the Client To boot the client from the WAN with the boot net, the net device alias must be set to the client's primary network device. On most systems, this alias is already set correctly. However, if the alias is not set to the network device you want to use, you must change the alias.For more information about setting device aliases, see “The Device Tree” in OpenBoot 3.x Command Reference Manual.Follow these steps to check the net device alias on the client. Become superuser or assume an equivalent role on the client. Bring the system to run level 0. # init 0The ok prompt is displayed. At the ok prompt, check device aliases that are set in the OBP.ok devaliasThe devalias command outputs information that is similar to the following example.screen /pci@1f,0/pci@1,1/SUNW,m64B@2 net /pci@1f,0/pci@1,1/network@c,1 net2 /pci@1f,0/pci@1,1/network@5,1 disk /pci@1f,0/pci@1/scsi@8/disk@0,0 cdrom /pci@1f,0/pci@1,1/ide@d/cdrom@0,0:f keyboard /pci@1f,0/pci@1,1/ebus@1/su@14,3083f8 mouse /pci@1f,0/pci@1,1/ebus@1/su@14,3062f8If the net alias is set to the network device you wan to use during the installation, you do not need to reset the alias. Go to Installing Keys on the Client to continue your installation. If the net alias is not set to the network device you want to use, you must reset the alias. Continue. Set the net device alias.Choose one of the following commands to set the net device alias.To set the net device alias for this installation only, use the devalias command.ok devalias net device-pathnet device-pathAssigns the device device-path to the net alias To permanently set the net device alias, use the nvalias command.ok nvalias net device-pathnet device-pathAssigns the device device-path to the net alias The following commands show how to check and reset the net device alias.Check the device aliases.ok devalias screen /pci@1f,0/pci@1,1/SUNW,m64B@2 net /pci@1f,0/pci@1,1/network@c,1 net2 /pci@1f,0/pci@1,1/network@5,1 disk /pci@1f,0/pci@1/scsi@8/disk@0,0 cdrom /pci@1f,0/pci@1,1/ide@d/cdrom@0,0:f keyboard /pci@1f,0/pci@1,1/ebus@1/su@14,3083f8 mouse /pci@1f,0/pci@1,1/ebus@1/su@14,3062f8If you want to use the /pci@1f,0/pci@1,1/network@5,1 network device, type the following command.ok devalias net /pci@1f,0/pci@1,1/network@5,1 After you check the net device alias, see the appropriate section to continue the installation.If you are using a hashing key and an encryption key in your installation, see Installing Keys on the Client. If you are performing a less secure installation without keys, see Installing the Client. For a more secure WAN boot installation or an insecure installation with data integrity checking, you must install keys on the client. By using a hashing key and an encryption key, you can protect the data that is transmitted to the client. You can install these keys in the following ways.Set OBP variables – You can assign key values to OBP network boot argument variables before you boot the client. These keys can then be used for future WAN boot installations of the client. Enter the key values during the boot process – You can set key values at the wanboot program boot> prompt. If you use this method to install keys, the keys are only used for the current WAN boot installation. You can also install keys in the OBP of a running client. If you want to install keys on a running client, the system must be running the Solaris 9 12/03 OS, or compatible version.When you install keys on your client, ensure that the key values are not transmitted over an insecure connection. Follow your site's security policies to ensure the privacy of the key values.For instructions about how to assign key values to OBP network boot argument variables, see To Install Keys in the Client OBP. For instructions about how to install keys during the boot process, see To Perform an Interactive WAN Boot Installation. For instructions about how to install keys in the OBP of a running client, see To Install a Hashing Key and an Encryption Key on a Running Client. You can assign key values to OBP network boot argument variables before you boot the client. These keys can then be used for future WAN boot installations of the client.To install keys in the client OBP, follow these steps.If you want to assign key values to OBP network boot argument variables, follow these steps. Assume the same user role as the web server user on the WAN boot server. Display the key value for each client key.# wanbootutil keygen -d -c -o net=net-ip,cid=client-ID,type=key-typenet-ipThe IP address of the client's subnet. client-IDThe ID of the client you want to install. The client ID can be a user-defined ID or the DHCP client ID. key-typeThe key type you want to install on the client. Valid key types are 3des, aes, or sha1. The hexadecimal value for the key is displayed. Repeat the previous step for each type of client key you want to install. Bring the client system to run level 0.# init 0The ok prompt is displayed. At the client ok prompt, set the value for the hashing key.ok set-security-key wanboot-hmac-sha1 key-valueset-security-keyInstalls the key on the client wanboot-hmac-sha1Instructs OBP to install a HMAC SHA1 hashing key key-valueSpecifies the hexadecimal string that is displayed in Step 2. The HMAC SHA1 hashing key is installed in the client OBP. At the client ok prompt, install the encryption key.ok set-security-key wanboot-3des key-valueset-security-keyInstalls the key on the client wanboot-3desInstructs OBP to install a 3DES encryption key. If you want to use an AES encryption key, set this value to wanboot-aes. key-valueSpecifies the hexadecimal string that represents the encryption key. The 3DES encryption key is installed in the client OBP.After you install the keys, you are ready to install the client. See Installing the Client for instructions about how to install the client system. Verify that the keys are set in the client OBP.ok list-security-keys Security Keys: wanboot-hmac-sha1 wanboot-3des If you need to delete a key, type the following command.ok set-security-key key-typekey-typeSpecifies the type of key you need to delete. Use the value wanboot-hmac-sha1, wanboot-3des, or wanboot-aes. The following example shows how to install a hashing key and an encryption key in the client OBP.Display the key values on the WAN boot server.# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 # wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04The previous example uses the following information.net=192.168.198.0Specifies the IP address of the client's subnet cid=010003BA152A42Specifies the client's ID b482aaab82cb8d5631e16d51478c90079cc1d463Specifies the value of the client's HMAC SHA1 hashing key 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04Specifies the value of the client's 3DES encryption keyIf you use an AES encryption key in your installation, change wanboot-3des to wanboot-aes to display the encryption key value. Install the keys on the client system.ok set-security-key wanboot-hmac-sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 ok set-security-key wanboot-3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04The previous commands perform the following tasks.Installs the HMAC SHA1 hashing key with a value of b482aaab82cb8d5631e16d51478c90079cc1d463 on the client Installs the 3DES encryption key with a value of 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 on the clientIf you use an AES encryption key in your installation, change wanboot-3des to wanboot-aes. After you install keys on your client, you are ready to install the client over the WAN. For instructions, see Installing the Client. For more information about how to display key values, see the man page wanbootutil1M. You can set key values at the wanboot program boot> prompt on a running system. If you use this method to install keys, the keys are only used for the current WAN boot installation.If you want to install a hashing key and an encryption key in the OBP of a running client, follow these steps. This procedure makes the following assumptions.The client system is powered on. The client is accessible over a secure connection, such as a secure shell (ssh). Assume the same user role as the web server user on the WAN boot server. Display the key value for the client keys.# wanbootutil keygen -d -c -o net=net-ip,cid=client-ID,type=key-typenet-ipThe IP address of the client's subnet. client-IDThe ID of the client you want to install. The client ID can be a user-defined ID or the DHCP client ID. key-typeThe key type you want to install on the client. Valid key types are 3des, aes, or sha1. The hexadecimal value for the key is displayed. Repeat the previous step for each type of client key you want to install. Become superuser or assume an equivalent role on the client machine. Install the necessary keys on the running client machine.# /usr/lib/inet/wanboot/ickey -o type=key-type > key-valuekey-typeSpecifies the key type you want to install on the client. Valid key types are 3des, aes, or sha1. key-valueSpecifies the hexadecimal string that is displayed in Step 2. Repeat the previous step for each type of client key you want to install.After you install the keys, you are ready to install the client. See Installing the Client for instructions about how to install the client system. The following example shows how to install keys in the OBP of a running client.Display the key values on the WAN boot server.# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 # wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04The previous example uses the following information.net=192.168.198.0Specifies the IP address of the client's subnet cid=010003BA152A42Specifies the client's ID b482aaab82cb8d5631e16d51478c90079cc1d463Specifies the value of the client's HMAC SHA1 hashing key 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04Specifies the value of the client's 3DES encryption keyIf you use an AES encryption key in your installation, change type=3des to type=aes to display the encryption key value. Install the keys in the OBP of the running client.# /usr/lib/inet/wanboot/ickey -o type=sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 # /usr/lib/inet/wanboot/ickey -o type=3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04The previous commands perform the following tasks.Installs a HMAC SHA1 hashing key with a value of b482aaab82cb8d5631e16d51478c90079cc1d463 on the client Installs a 3DES encryption key with a value of 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 on the client After you install keys on your client, you are ready to install the client over the WAN. For instructions, see Installing the Client. For more information about how to display key values, see the man page wanbootutil1M.For additional information about how to install keys on a running system, see ickey1M. When you finish preparing your network for a WAN boot installation, you can choose from the following ways to install the system.Method Description Instructions Noninteractive installation Use this installation method if you want to install keys on the client and set the client configuration information before you boot the client. To install keys on the client before the installation, see Installing Keys on the Client. To perform a noninteractive installation, see To Perform a Noninteractive WAN Boot Installation. Interactive installation Use this installation method if you want to set the client configuration information during the boot process. To Perform an Interactive WAN Boot Installation Installing with a DHCP server Use this installation method if you configured the network DHCP server to provide client configuration information during the installation. To configure a DHCP server to support a WAN boot installation, see (Optional) Providing Configuration Information With a DHCP Server. To use a DHCP server during your installation, see To Perform a WAN Boot Installation With a DHCP Server. Installing with local CD media If your client OBP does not support WAN boot, boot the client from a local copy of the Solaris Software CD. To determine if the client OBP supports WAN boot, see To Check the Client OBP for WAN Boot Support. To install the client with a local copy of the Solaris Software CD, see To Perform a WAN Boot Installation With Local CD Media. Use this installation method if you prefer to install keys and set client configuration information before you install the client. You can then boot the client from the WAN and perform an unattended installation.This procedure assumes that you have either installed keys in the client's OBP, or that you are performing an insecure installation. For information about installing keys on the client before your installation, see Installing Keys on the Client. If the client system is currently running, bring the system to run level 0.# init 0The ok prompt is displayed. At the ok prompt on the client system, set the network boot argument variables in OBP.ok setenv network-boot-arguments host-ip=client-IP, router-ip=router-ip,subnet-mask=mask-value, hostname=client-name,http-proxy=proxy-ip:port, file=wanbootCGI-URLThe line breaks in this command sample are included for formatting purposes only. Do not enter a carriage return until you finish typing the command. setenv network-boot-argumentsInstructs the OBP to set the following boot arguments host-ip=client-IPSpecifies the IP address of the client router-ip=router-ipSpecifies the IP address of the network router subnet-mask=mask-valueSpecifies the subnet mask value hostname=client-nameSpecifies the host name of the client (Optional) http-proxy=proxy-ip:portSpecifies the IP address and port of the network's proxy server file=wanbootCGI-URLSpecifies the URL of the wanboot-cgi program on the web server Boot the client.ok boot net - installnet - installInstructs the client to use the network boot argument variables to boot from the WAN The client installs over the WAN. If the WAN boot programs do not find all the necessary installation information, the wanboot program prompts to provide the missing information. Type the additional information at the prompt. In the following example, the network boot argument variables for the client system myclient are set before the machine is booted. This example assumes that a hashing key and encryption key are already installed on the client. For information about installing keys before you boot from the WAN, see Installing Keys on the Client.ok setenv network-boot-arguments host-ip=192.168.198.136, router-ip=192.168.198.129,subnet-mask=255.255.255.192 hostname=myclient,file=http://192.168.198.135/cgi-bin/wanboot-cgi ok boot net - install Resetting ... Sun Blade 100 (UltraSPARC-IIe), No Keyboard Copyright 1998-2003 Sun Microsystems, Inc. All rights reserved. OpenBoot 4.x.build_28, 512 MB memory installed, Serial #50335475. Ethernet address 0:3:ba:e:f3:75, Host ID: 83000ef3. Rebooting with command: boot net - install Boot device: /pci@1f,0/network@c,1 File and args: - installThe following variables are set.The client IP address is set to 192.168.198.136. The client's router IP address is set to 192.168.198.129. The client's subnet mask is set to 255.255.255.192. The client's host name is set to seahag. The wanboot-cgi program is located at http://192.168.198.135/cgi-bin/wanboot-cgi. For more information about how to set network boot arguments, see set1.For more information about how to boot a system, see boot1M. Use this installation method if you want to install keys and set client configuration information at the command line during the installation.This procedure assumes that you are using HTTPS in your WAN installation. If you are performing an insecure installation that does not use keys, do not display or install the client keys. Assume the same user role as the web server user on the WAN boot server. Display the key value for each client key.# wanbootutil keygen -d -c -o net=net-ip,cid=client-ID,type=key-typenet-ipThe IP address of the subnet for the client you want to install. client-IDThe ID of the client you want to install. The client ID can be a user-defined ID or the DHCP client ID. key-typeThe key type you want to install on the client. Valid key types are 3des, aes, or sha1. The hexadecimal value for the key is displayed. Repeat the previous step for each type of client key you are installing. If the client system is currently running, bring the client to run level 0. At the ok prompt on the client system, set the network boot argument variables in OBP.ok setenv network-boot-arguments host-ip=client-IP,router-ip=router-ip, subnet-mask=mask-value,hostname=client-name, http-proxy=proxy-ip:port,bootserver=wanbootCGI-URLThe line breaks in this command sample are included for formatting purposes only. Do not enter a carriage return until you finish typing the command. setenv network-boot-argumentsInstructs the OBP to set the following boot arguments host-ip=client-IPSpecifies the IP address of the client router-ip=router-ipSpecifies the IP address of the network router subnet-mask=mask-valueSpecifies the subnet mask value hostname=client-nameSpecifies the host name of the client (Optional) http-proxy=proxy-ip:portSpecifies the IP address and port of the network's proxy server bootserver=wanbootCGI-URLSpecifies the URL of the wanboot-cgi program on the web serverThe URL value for thebootserver variable must not be an HTTPS URL. The URL must start with http://. At the client ok prompt, boot the system.ok boot net -o prompt - installnet -o prompt - installInstructs the client to boot and install from the network. The wanboot program prompts the user to enter client configuration information at the boot> prompt. The boot> prompt is displayed. Install the encryption key.boot> 3des=key-value3des=key-valueSpecifies the hexadecimal string of the 3DES key that is displayed in Step 2.If you use an AES encryption key, use the following format for this command.boot> aes=key-value Install the hashing key.boot> sha1=key-valuesha1=key-valueSpecifies the hashing key value that is displayed in Step 2. Type the following command to continue the boot process.boot> goThe client installs over the WAN. If prompted, type client configuration information on the command line.If the WAN boot programs do not find all the necessary installation information, the wanboot program prompts to provide the missing information. Type the additional information at the prompt. In the following example, the wanboot program prompts you to set the key values for the client system during the installation.Display the key values on the WAN boot server.# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 # wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04The previous example uses the following information.net=192.168.198.0Specifies the IP address of the client's subnet cid=010003BA152A42Specifies the client's ID b482aaab82cb8d5631e16d51478c90079cc1d463Specifies the value of the client's HMAC SHA1 hashing key 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04Specifies the value of the client's 3DES encryption keyIf you use an AES encryption key in your installation, change type=3des to type=aes to display the encryption key value. Set the network boot argument variables in the OBP on the client.ok setenv network-boot-arguments host-ip=192.168.198.136, router-ip=192.168.198.129,subnet-mask=255.255.255.192,hostname=myclient, bootserver=http://192.168.198.135/cgi-bin/wanboot-cgiThe following variables are set.The client IP address is set to 192.168.198.136. The client's router IP address is set to 192.168.198.129. The client's subnet mask is set to 255.255.255.192. The client's host name is set to myclient. The wanboot-cgi program is located at http://192.168.198.135/cgi-bin/wanboot-cgi. Boot and install the client.ok boot net -o prompt - install Resetting ... Sun Blade 100 (UltraSPARC-IIe), No Keyboard Copyright 1998-2003 Sun Microsystems, Inc. All rights reserved. OpenBoot 4.x.build_28, 512 MB memory installed, Serial #50335475. Ethernet address 0:3:ba:e:f3:75, Host ID: 83000ef3. Rebooting with command: boot net -o prompt Boot device: /pci@1f,0/network@c,1 File and args: -o prompt boot> 3des=9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 boot> sha1=b482aaab82cb8d5631e16d51478c90079cc1d463 boot> goThe previous commands perform the following tasks.Installs the 3DES encryption key with the value 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 on the client Installs the HMAC SHA1 hashing key with the value b482aaab82cb8d5631e16d51478c90079cc1d463 on the client Starts the installation For more information about how to display key values, see wanbootutil1M.For more information about how to set network boot arguments, see set1.For more information about how to boot a system, see boot1M. If you configured a DHCP server to support WAN boot options, you can use the DHCP server to provide client configuration information during the installation. For more information about configuring a DHCP server to support a WAN boot installation, see (Optional) Providing Configuration Information With a DHCP Server.This procedure makes the following assumptions.The client system is running. You have either installed keys on the client, or you are performing an insecure installation.For information about installing keys on the client before your installation, see Installing Keys on the Client. You have configured your DHCP server to support the SbootURI and SHTTPproxy WAN boot options.These options enable the DHCP server to provide the configuration information that is required by WAN boot.For information about how to set installation options on your DHCP server, see Preconfiguring System Configuration Information With the DHCP Service (Tasks). If the client system is currently running, bring the system to run level 0.# init 0The ok prompt is displayed. At the ok prompt on the client system, set the network boot argument variables in OBP.ok setenv network-boot-arguments dhcp,hostname=client-namesetenv network-boot-argumentsInstructs the OBP to set the following boot arguments dhcpInstructs the OBP to use the DHCP server to configure the client hostname=client-nameSpecifies the host name you want to assign to the client Boot the client from the network.ok boot net - installnet - installInstructs the client to use the network boot argument variables to boot from the WAN The client installs over the WAN. If the WAN boot programs do not find all the necessary installation information, the wanboot program prompts to provide the missing information. Type the additional information at the prompt. In the following example, the DHCP server on the network provides client configuration information. This sample requests the host name myclient for the client.ok setenv network-boot-arguments dhcp, hostname=myclient ok boot net - install Resetting ... Sun Blade 100 (UltraSPARC-IIe), No Keyboard Copyright 1998-2003 Sun Microsystems, Inc. All rights reserved. OpenBoot 4.x.build_28, 512 MB memory installed, Serial #50335475. Ethernet address 0:3:ba:e:f3:75, Host ID: 83000ef3. Rebooting with command: boot net - install Boot device: /pci@1f,0/network@c,1 File and args: - install For more information about how to set network boot arguments, see set1.For more information about how to boot a system, see boot1M.For more information about how to configure a DHCP server, see (Optional) Providing Configuration Information With a DHCP Server. If your client's OBP does not support WAN boot, you can install with a Solaris Software - 1 CD inserted in the client's CD-ROM drive. When you use a local CD, the client retrieves the wanboot program from the local media, rather than from the WAN boot server.This procedure assumes that you are using HTTPS in your WAN installation. If you are performing an insecure installation, do not display or install the client keys.Follow these steps to perform a WAN boot installation from a local CD. Assume the same user role as the web server user on the WAN boot server. Display the key value for each client key.# wanbootutil keygen -d -c -o net=net-ip,cid=client-ID,type=key-typenet-ipThe network IP address for the client you are installing. client-IDThe ID of the client you are installing. The client ID can be a user-defined ID or the DHCP client ID. key-typeThe key type you are installing on the client. Valid key types are 3des, aes, or sha1. The hexadecimal value for the key is displayed. Repeat the previous step for each type of client key you are installing. On the client system, insert the Solaris Software - 1 CD in the CD-ROM drive. Power on the client system. Boot the client from the CD.ok boot cdrom -o prompt -F wanboot - installcdromInstructs the OBP to boot from the local CD-ROM -o promptInstructs the wanboot program to prompt the user to enter client configuration information -F wanbootInstructs the OBP to load the wanboot program from the CD-ROM - installInstructs the client to perform a WAN boot installation The client's OBP loads the wanboot program from the Solaris Software - 1 CD. The wanboot program boots the system, and the boot> prompt is displayed. Type the encryption key value.boot> 3des=key-value3des=key-valueSpecifies the hexadecimal string of the 3DES key that is displayed in step Step 2.If you use an AES encryption key, use the following format for this command.boot> aes=key-value Type the hashing key value.boot> sha1=key-valuesha1=key-valueSpecifies the hexadecimal string that represents the hashing key value that is displayed in step Step 2. Set the network interface variables.boot> variable=value[,variable=value*]Type the following variable and value pairs at the boot> prompt.host-ip=client-IPSpecifies the IP address of the client. router-ip=router-ipSpecifies the IP address of the network router. subnet-mask=mask-valueSpecifies the subnet mask value. hostname=client-nameSpecifies the host name of the client. (Optional) http-proxy=proxy-ip:portSpecifies the IP address and port number of the network's proxy server. bootserver=wanbootCGI-URLSpecifies the URL of the wanboot-cgi program on the web server.The URL value for thebootserver variable must not be an HTTPS URL. The URL must start with http://. You can enter these variables in the following ways.Type one variable and value pair at the boot> prompt, then press the Return key.boot> host-ip=client-IP boot> subnet-mask=mask-value Type all the variable and value pairs on one boot> prompt line, then press the Return key. Type commas to separate each variable and value pair.boot> host-ip=client-IP,subnet-mask=mask-value, router-ip=router-ip,hostname=client-name, http-proxy=proxy-ip:port,bootserver=wanbootCGI-URL Type the following command to continue the boot process.boot> goThe client installs over the WAN. If the WAN boot programs do not find all the necessary installation information, the wanboot program prompts to provide the missing information. Type the additional information at the prompt. In the following example, the wanboot program on a local CD prompts you to set the network interface variables for the client during the installation.Display the key values on the WAN boot server.# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 # wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04The previous example uses the following information.net=192.168.198.0Specifies the IP address of the client's subnet cid=010003BA152A42Specifies the client's ID b482aaab82cb8d5631e16d51478c90079cc1d463Specifies the value of the client's HMAC SHA1 hashing key 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04Specifies the value of the client's 3DES encryption keyIf you use an AES encryption key in your installation, change type=3des to type=aes to display the encryption key value. Boot and install the client.ok boot cdrom -o prompt -F wanboot - install Resetting ... Sun Blade 100 (UltraSPARC-IIe), No Keyboard Copyright 1998-2003 Sun Microsystems, Inc. All rights reserved. OpenBoot 4.x.build_28, 512 MB memory installed, Serial #50335475. Ethernet address 0:3:ba:e:f3:75, Host ID: 83000ef3. Rebooting with command: boot cdrom -F wanboot - install Boot device: /pci@1f,0/network@c,1 File and args: -o prompt boot> 3des=9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 boot> sha1=b482aaab82cb8d5631e16d51478c90079cc1d463 boot> host-ip=192.168.198.124 boot> subnet-mask=255.255.255.128 boot> router-ip=192.168.198.1 boot> hostname=myclient boot> client-id=010003BA152A42 boot> bootserver=http://192.168.198.135/cgi-bin/wanboot-cgi boot> goThe previous commands perform the following tasks.Enters the 3DES encryption key with the value 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 on the client Enters the HMAC SHA1 hashing key with the value b482aaab82cb8d5631e16d51478c90079cc1d463 on the client Sets the client IP address to 192.168.198.124 Sets the client's subnet mask to 255.255.255.128 Sets the client's router IP address to 192.168.198.1 Sets the client's host name to myclient Sets the client ID to 010003BA152A42 Sets the location of the wanboot-cgi program to http://192.168.198.135/cgi-bin/wanboot-cgi/ For more information about how to display key values, see wanbootutil1M.For more information about how to set network boot arguments, see set1.For more information about how to boot a system, see boot1M.