Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
705
Views
0
Helpful
1
Replies

TFTP OACK rejected by CBAC

cminard
Level 1
Level 1

‎03-16-2006 06:33 AM - edited ‎03-09-2019 02:17 PM

Hi

I have a cisco router running ios fw.

An equipment tries to download a file by TFTP through the router. This equipement sends a TFTP read request frame to the server. The server answers with a TFTP Option Acknowledgment (opcode 6) frame which is dropped by the inspect module. Reason : illegal TFTP code.

When disabling "inspect tftp", the transfer is OK.

The TFTP OACK is an option extention of the RFC1782.

It seems that this option is not supported by cisco ios fw tftp inspect.

Can somebody confirm that ?

Labels:
0 Helpful
1 Reply 1

thomas.chen
Level 6
Level 6

‎03-22-2006 07:08 AM

To the best of my knowledge, the TFTP OACK is not supported by Cisco in "inspect tftp" of Cisco IOS FW image.

0 Helpful
Customers Also Viewed These Support Documents