Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Trouble upgrading switch IOS inside my DMZ

Over the last couple of weeks, I have successfully upgraded the IOS on all my 2950's inside my LAN. Now I am moving on to a couple of switches inside my DMZ and I have run into a problem.

I can't do any kind of a tftp transfer.

I have configured the tftp service on my PIX 515e (ver. 6.3(3))

>tftp-server dmz x.x.x.x c:\tftp

But, I have not configured my LocalDirector tftp service.

Any ideas?

Thanks, Ben

2 REPLIES
Bronze

Re: Trouble upgrading switch IOS inside my DMZ

The problem may due to firewall on the work station.

Disable the firewall on the workstation.

New Member

Re: Trouble upgrading switch IOS inside my DMZ

It sounds like you have not allowed the tftp service to get through your PIX. What you have configured is the tftp location of where to propagate your PIX configuration, see the below link for usage:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/tz.htm#wp1026054

I suggest you find out why the PIX is possibly blocking the tftp traffic going through. You can do this by increasing the logging levels on the PIX:

pix(config)# logging buffer debugging

Then try start the tftp.

Afterwards, look at the log files to see any indication of tftp being blocked by an ACL or NAT policy:

pix# show log

That probably does not exactly answer your question, however I hope that it helps you with the troubleshooting.

84
Views
0
Helpful
2
Replies