Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TFTP PROBLEM MALFORMED PACKET

I have net like in net-diagram. Vpn is working correctly. Thanks to command

sysopt connection permit-ipsec on pix

all traffic is permitted.(from 10.1.0.0/16 to 10.40.1.0/24)

Every aplication is working OK excetp one. I using Avaya Ip office(inside 10.1.1.38) to manage sites Ip PBX (like 10.40.1.100). And I'm using tftp to recive and send configuration from Avaya Ip office to 10.40.1.100 and I can read (as you can see on tftp_packet.jpg) but I cant send any tftp data to 10.41.1.100. I sniff packet on 10.1.1.38 and I noticed MALFORMED PACKET :TFTP.

PIX can malformed packet during Ipsec coding??? Or it can be a IoS BUG??

Please help

THX Laptom

1 REPLY

Re: TFTP PROBLEM MALFORMED PACKET

What is your Voice setup in the PIX, you need to enable special commands that is works (option 150 and 66).

example:

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol tftp 69

dhcpd address a.b.c.11-a.b.c.99 voip

dhcpd dns DNSIP

dhcpd wins WinsIP

dhcpd lease 3000

dhcpd ping_timeout 750

dhcpd domain ville.terrebonne.qc.ca

dhcpd option 150 ip VoipRemoteGate11 VoipRemoteGate10

dhcpd option 66 ascii VoipRemoteGate11

dhcpd enable voip

See also:

Handle VoIP Traffic with the PIX Firewall

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_configuration_example09186a00801fc74a.shtml

sincerely

Patrick

627
Views
0
Helpful
1
Replies
CreatePlease login to create content