09-04-2007 07:29 PM - edited 03-03-2019 06:36 PM
When a server starts sending the file, i see a random port being used. Now how are we supposed to write a proper ACL for this...accept everything from the host? Modify the tftp server source code?
Please help.
09-04-2007 10:53 PM
Session initiation will use the well-known ports (69 for tftp). You should check for that in your acl and only permit the hosts you want. When you can deny the request you also have control over the session, even when all other udp ports are permitted on the last line of your acl.
Regards,
Leo
09-05-2007 04:34 AM
James
When a client initiates TFTP to a server it will use the well known port UDP 69 as the destination port and will choose some high number port as the source port. So to write a proper access list you can examine for the TFTP server address and can examine for port 69 (it will be source port or destination port depending on where the access list is applied and its direction). I would suggest not attempting to examine the other port since it is not predictable.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide