04-29-2014 12:32 PM - edited 03-11-2019 09:08 PM
Hello! I'm trying to set up a firewall rule to allow TFTP traffic to come from my switches in my DMZ so as to do proper configuration backups. Ideally I'd like to allow ONLY these 2 IP's for TFTP traffic and nothing else. I set up the below rule for one of them but had no luck.
Any thoughts on what I may be missing?
access-list dmz1_access_in extended permit udp host 10.1.61.20 host 10.1.80.220 eq tftp
10.1.61.20 = DMZ Switch
10.1.80.220 = TFTP Server
04-30-2014 12:16 AM
Hello,
TFTP requires high ports range 1024 - 65535 also needs to be allowed... Also some cases it requires bi-directional flows.
So i request you to try by allowing 1024-65535 1st and the try for the bi-directional port allow for the same if 1st method doesn't works.
Regards
Karthik
05-11-2014 03:26 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: