Can't TFTP through remote access VPN

Answered Question
May 30th, 2008

I am accessing a remote site with a client VPN. I am trying to download the router's config to this remote laptop with a tftp server on it.


This is not working, and I believe it is because it is sourcing from the outside interface. Is this correct? If so how to remedy?


Thanks for helping.

Correct Answer by Richard Burts about 8 years 9 months ago

Antony


To fix this problem configure the router with ip tftp source-interface

This will get the router to use the specified interface address as the source for TFTP.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Correct Answer
Richard Burts Sun, 06/01/2008 - 12:02

Antony


To fix this problem configure the router with ip tftp source-interface

This will get the router to use the specified interface address as the source for TFTP.


HTH


Rick

aciscolook Sun, 06/01/2008 - 16:19

Thanks.


Just wondering if this is an issue with FTP as well, and if so is there a similar command?


Thanks again.

Richard Burts Sun, 06/01/2008 - 18:10

Antony


The issue is that TFTP (and FTP also) default to using the address of the outbound interface as the source address. But if the packet is sourced from the outside interface it probably will not match the access list to identify traffic to be protected by IPSec VPN. Specifying the source interface as an inside interface will mean that the address does match the access list and the traffic will go through the IPSec VPN.


And yes there is a similar command for FTP.


Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that they will read a response which did resolve the question.


The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.


HTH


Rick

Actions

This Discussion