Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
237
Views
0
Helpful
0
Replies

Allow outbound TFTP traffic through Cisco ZBFW

DAVID
Level 3
Level 3

‎06-22-2017 06:22 AM - edited ‎03-12-2019 02:37 AM

I have a ZBFW that I need to allow a tftp client to access a tftp server through.  I have the zones all working but I cannot get the tftp client to connect to the tftp server on udp 69.  I do not even see attempted connections or even drops when I run a sh logging on the router. My class-maps and policy maps are below.

1. class-map type inspect match-any camera-to-wan
 match access-group name camera-to-wan

2. policy-map type inspect camera-to-wan
 class type inspect camera-to-wan
  inspect
 class class-default
  drop log

3. zone-pair security camera-to-wan source camera destination wan
 service-policy type inspect camera-to-wan

4. Extended IP access list camera-to-wan
    10 permit tcp any host 10.1.150.158 eq tftp

Should I inspect TFTP traffic or allow it to pass?  I am thinking my problem is with the policy map but I am not seeing any drops on the logs to the destination IP 10.1.150.158

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card