Solved: Restrict tftp client

danildafreeland · ‎08-02-2011

I am a newbie to advanced configuration of a switch, so please excuse my ignorance. I would like to restrict where my tftp server can connect to. Can anyone provide me with some guidance. I am using a Catalyst 3750 v2 switch in a lab environment.

Thanks -- Dee

Latchum Naidu · ‎08-02-2011

Hi Dee,

I am presuming the vlan7 address is 10.10.2.1 and tftp server is 10.10.3.2
Please choose the below config according to your ip address...

ip access-list extended tftp_restrict
deny ip 10.10.2.0 0.0.0.255 host 10.10.30.2

int vlan 7
ip access-group tftp_restrict in

Please rate the helpfull posts.
Regards,
Naidu.

View solution in original post

Latchum Naidu · ‎08-02-2011

Hi Danilda,

You can surely restrict the tftp server by creating access-lists.
To provide you like where to configure and where to apply, we need to know from which network you want restrict the tftp server access.

Do you have any VLAN'S on the 3750 switch? or it is flat network?

If you are unable to find the above info, give us the complete "sh running config" of the 3750 switch in order to help you in this regard.

Please rate the helpfull posts.
Regards,
Naidu.

danildafreeland · ‎08-02-2011

Naidu:

Thanks for your quick response. I want to restrict to my management network which is VLAN 7. The IP address of the client is 10.10.2.20.

dee

Latchum Naidu · ‎08-02-2011

Hi Dee,

I am presuming the vlan7 address is 10.10.2.1 and tftp server is 10.10.3.2
Please choose the below config according to your ip address...

ip access-list extended tftp_restrict
deny ip 10.10.2.0 0.0.0.255 host 10.10.30.2

int vlan 7
ip access-group tftp_restrict in

Please rate the helpfull posts.
Regards,
Naidu.