Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1291
Views
0
Helpful
1
Replies

TFTP PROBLEM MALFORMED PACKET

CSCO10685980
Level 1
Level 1

‎10-20-2005 01:07 PM - edited ‎03-09-2019 12:46 PM

I have net like in net-diagram. Vpn is working correctly. Thanks to command

sysopt connection permit-ipsec on pix

all traffic is permitted.(from 10.1.0.0/16 to 10.40.1.0/24)

Every aplication is working OK excetp one. I using Avaya Ip office(inside 10.1.1.38) to manage sites Ip PBX (like 10.40.1.100). And I'm using tftp to recive and send configuration from Avaya Ip office to 10.40.1.100 and I can read (as you can see on tftp_packet.jpg) but I cant send any tftp data to 10.41.1.100. I sniff packet on 10.1.1.38 and I noticed MALFORMED PACKET :TFTP.

PIX can malformed packet during Ipsec coding??? Or it can be a IoS BUG??

Please help

THX Laptom

Labels:
Preview file
315 KB
Preview file
60 KB
Preview file
60 KB
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎10-21-2005 04:42 AM

What is your Voice setup in the PIX, you need to enable special commands that is works (option 150 and 66).

example:

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol tftp 69

dhcpd address a.b.c.11-a.b.c.99 voip

dhcpd dns DNSIP

dhcpd wins WinsIP

dhcpd lease 3000

dhcpd ping_timeout 750

dhcpd domain ville.terrebonne.qc.ca

dhcpd option 150 ip VoipRemoteGate11 VoipRemoteGate10

dhcpd option 66 ascii VoipRemoteGate11

dhcpd enable voip

See also:

Handle VoIP Traffic with the PIX Firewall

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_configuration_example09186a00801fc74a.shtml

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents