04-03-2009 11:48 AM - edited 03-06-2019 04:58 AM
I attached the sanatized config for a cisco-2821 router. This router is connected to a Juniper firewall for Internet on its gig0/0 port and to a metronet for voicemail on its gig0/1 port. The network uses OSPF routing. Gig port 0/0/0 is connected to a 3750 switch that is in IP routing mode. That switch then connects to 2960 switches to inside network: 10.13.0.0/16.
Here is the problem:
I cannot tftp copy files to sweeden-2821-02 from either the LAN side or the Internet side of the router.
For example, I have a tftp server on 10.13.60.10. If I issue the following command from sweeden-2821-02, the connection times out:
Copy tftp://10.13.60.10/sweeden.txt sweeden.txt
If I try to ping 10.13.60.10 from the 2821, the pings time out. If I traceroute 10.13.60.10, the router tries to go out the metronet interface.
I can ping sweeden-2821-02 from 10.13.60.10.
As well, from the corporate office to the site, I have an IPSEC tunnel (between our firewall and the site's firewall) and rules that allow my workstation to connect to sweeden-2821-02.
I can ping and telnet to sweeden-2821-02 from our corporate office. However, I get the same behavior if I issue the following from the 2821:
Copy tftp://10.1.150.8/sweeden.txt sweeden.txt
In addition, my tftp server logs an attempt to read the sweeden.txt file, but it appears to be trying to send the file back through 192.168.102.1, the metronet router's IP that faces the metronet interface of the 2821.
Here is the route table of the 2821:
sweeden-2821-02#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.102.2 to network 0.0.0.0
192.168.102.0/30 is subnetted, 1 subnets
C 192.168.102.0 is directly connected, GigabitEthernet0/1
S* 0.0.0.0/0 [1/0] via 192.168.102.2
sweeden-2821-02#
Here are the interfaces:
sweeden-2821-02#sh ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 192.168.102.5 YES NVRAM up up
GigabitEthernet0/1 192.168.102.1 YES NVRAM up up
GigabitEthernet0/0/0 192.168.102.10 YES NVRAM up up
Tunnel1 192.168.200.77 YES NVRAM up up
sweeden-2821-02#
How come the interface giga0/0 is not showing up in the routing table?
If I do a traceroute from 10.13.60.10 to 4.2.2.2, the traceroute goes out interface 0/0, the business internet interface, which is what is expected.
Very, very confusing.
What do I have to do to be able to use copy tftp from the router? The reason that I am trying to do this is that I have config changes that are service disrupting. I want to tftp those changes to the 2821 and then issue the command; copy sweeden.txt runing-config. As well, I cannot do this locally on site since the device is 1000 kms away from our corporate office.
Solved! Go to Solution.
04-03-2009 06:59 PM
Hi,
It's normal because your router can reach your tftp server only via a VRF.
So the copy command will use the GRT by default to find out the outgoing interface.
TFTP is vrf aware since 12.3(6) and 12.3(7)T. To change the default behavior, just add the following command:
ip tftp source-interface GigabitEthernet0/0/0
Let me know if it works.
Laurent.
04-03-2009 06:59 PM
Hi,
It's normal because your router can reach your tftp server only via a VRF.
So the copy command will use the GRT by default to find out the outgoing interface.
TFTP is vrf aware since 12.3(6) and 12.3(7)T. To change the default behavior, just add the following command:
ip tftp source-interface GigabitEthernet0/0/0
Let me know if it works.
Laurent.
04-04-2009 09:06 AM
Thank you, Laurent.
That was the solution. Your explanation also helped remove the mystery of why it was trying to go out the MetroNet tunnel. I will now be able to copy tftp to all my remote routers.
Regards and thanks again,
04-04-2009 09:17 AM
Hi, one other thing:
Does GRT stand for: global routing table?
Thank you,
04-06-2009 05:55 AM
Yes.
Laurent.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: