cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5575
Views
0
Helpful
5
Replies

TFTP issue, can't connect to server

swieduwilt
Level 1
Level 1

I just received my replacment ASA5550 firewalls from Cisco and they onlt have an IOS loaded on  DISK0:  (723-K8.bin)

I want to load the latest IOS (8.22-K8) and ASDM (asdm-631.bin) on DISK0:

I configured the port GI0/2 with an IP (192.168.4.1)

I am using TFTPD32 also solarwinds TFTP app. on my laptop (192.168.4.51)

I try to ping the x.x.4.51 from the firewall and do not get a response, I get a response from 4.1 (the FW Port)

From the laptop I can ping the FW.

Where am I going wrong in the firewall setup?

I added the lines

tftp-server "gi0/2 name" 192.168.4.51 asdm-631.bin

the interface gi0/2 is up / up and Security level is 100

5 Replies 5

mirober2
Cisco Employee
Cisco Employee

Hello,

Can you please post the output of 'show run interface'? You should have something like this:

int g0/2

   nameif inside

   security-level 100

   ip address 192.168.4.1 255.255.255.0

   no shut

Also, double check your server to make sure there is no host-based firewall enabled that would block this traffic.

Hope that helps.

-Mike

interface GigabitEthernet0/2
nameif ITVI
security-level 100
ip address 192.168.4.1 255.255.255.0


Interface GigabitEthernet0/2 "ITVI", is up, line protocol is up
  Hardware is i82546GB rev03, BW 1000 Mbps
        Auto-Duplex, Auto-Speed
        MAC address 0023.33cf.24e6, MTU 1500
        IP address 192.168.4.1, subnet mask 255.255.255.0
        25130 packets input, 1716810 bytes, 0 no buffer
        Received 5937 broadcasts, 0 runts, 0 giants
        0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
        0 L2 decode drops
        492 packets output, 31812 bytes, 0 underruns
        0 output errors, 0 collisions, 1 interface resets
        0 late collisions, 0 deferred
        0 input reset drops, 0 output reset drops
        input queue (curr/max packets): hardware (0/17) software (0/0)
        output queue (curr/max packets): hardware (0/0) software (0/0)
  Traffic Statistics for "ITVI":
        25130 packets input, 1264470 bytes
        492 packets output, 14529 bytes
        19436 packets dropped
      1 minute input rate 0 pkts/sec,  0 bytes/sec
      1 minute output rate 0 pkts/sec,  0 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 0 pkts/sec,  0 bytes/sec
      5 minute output rate 0 pkts/sec,  0 bytes/sec
      5 minute drop rate, 0 pkts/sec

Hello,

Did you check your server configuration to make sure there is no host-based firewall configured there? Can you ping the server from the ASA? Does the 'show arp' output on the ASA show the correct MAC address for the server after you try to ping it?

-Mike

192.168.4.51  00-15-C5-37-24-93 (My Laptop)

Sh ARP --   ITVI 192.168.4.51 0015.c537.2493

192.168.4.1  00-19-B9-E8-E9-31 (Firewall port)

No firewall on the Laptop. and I can't Ping the Server from the ASA.

See Attachment for screen shot of TFTP Config

Forget it, I used the External Flash card to install the files

, then set the BOOT to Boot System disk0:/asa822-k8.bin

and set the ASDM to asdm image disk0:/asdm-631.bin

and all works now. I am not sure why I could not ping the TFTP Server from inside the firewall but I could from outside.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: