load ios via tftp

Unanswered Question
Aug 31st, 2008
User Badges:

Hi,

i load the IOS on a 2621 via tftp(from a tftp server running on a win2003 server) due to memory issues(image too large). this works well with an unmanaged generic switch.

but if i try the same with a catalyst 2950, tftp seems to not pass from the win2k through the 2950 to the 2621


there are no access lists on the 2950,

and the 2950 can ping the tftp server.


any thoughts on this?

i've explored helper-address, tftp server address, and a few other obvious(to me)options...


thx

LM





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Sun, 08/31/2008 - 14:19
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

If the 2621 and the Windows 2003 server are connected back-to-back (or through a layer 2 switch like the 2950) this should just work provided you do not have the Windows firewall enabled. If you do, make sure port udp/69 is open. Once the initial read request comes in from the router to the server on udp/69, the actual TFTP transfer will happen over arbitrary high UDP ports. So make sure all of the ephemeral UDP ports are open as well.


The same thing applies if you have any intermediate hops between the router and the server. Make sure udp/69 and high UDP ports are allowed to pass.


Another thing to check is make sure the 2621 port is in the same VLAN as the Windows 2003 server.

lmarx Sun, 08/31/2008 - 14:37
User Badges:

thank you for the Really fast reply!


this does work with a generic switch, just not with the 2950.


i'm not sure what is is about the 2950 that's

different...

win2k/tftp server, 2621, and 2950 are all on the same vlan.


since these are all local lan devices, i have no access list on internal interfaces

(the only access list are on outside facing wan interfaces and should have no effect on

local lan stuff)... so i believe there are no

ports blocked... correct me if i'm wrong :)


sorry for the lengthy explanation...

LM, (ccna, eventually ccie :) )



Joe Clarke Sun, 08/31/2008 - 14:48
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

What error do you get trying to copy the image from he Windows server to the router? You could also fire up a sniffer on the Windows server to see if the TFTP read request is making it.


The 2950 is a layer 2 switch, so if both ports are in the same VLAN, and both configured as access ports, then there should be nothing blocking the layer 3-7 traffic. The port configs should be similar to:


switchport mode access

switchport access vlan 1

spanning-tree portfast

lmarx Sun, 08/31/2008 - 15:59
User Badges:

you were absolutley correct

i had some confusion in the vlan and swithchport settings.


works as expected now.


thank you!

L


lmarx Sun, 08/31/2008 - 15:38
User Badges:

OK, let me check that i've follewed your

switchport settings...


then i'll try wireshark, which i've been procrastinating about :)

there are no error messages; the 2621 simply loads the flash resident image instead of the

(desired) tftp image.




________________________

boot-start-marker

boot system tftp c2600-ik9o3s3-mz.123-15b.bin 172.16.39.22

boot system flash

boot-end-marker


i'll let you know

thx!

L


______________________

Actions

This Discussion