TFTP 'state' failing

Unanswered Question
Jul 6th, 2010

Hi all,

We are running a PIX 515e with  Cisco PIX Security Appliance Software Version 8.0(4). When running TFTP session through the firewall the firewall doesn't recognise the return traffic as part of the TFTP connection.  I understand how the TFTP  protocol works so I don't need any info on that but has anyone else experienced this.  Is there a particular setting that needs to be enabled or is there a work-around?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jennifer Halim Tue, 07/06/2010 - 22:49

Yes, you can enable "inspect tftp" under your global_policy and that would allow the return tftp traffic.

Hope that helps.

neil_titchener Wed, 07/07/2010 - 20:46

Thanks for the quick reply.  Where would I find Global-policy in ASDM 6

.1?  I've checked the Inspect Maps but there isn't one for tftp.


Jennifer Halim Wed, 07/07/2010 - 21:09

From ASDM:

Configuration --> Firewall --> Service Policy Rules --> highlight inspection_default --> click Edit --> Rule Actions tab --> scroll down and tick/enable TFTP

Hope that helps.


This Discussion

Related Content