ā02-16-2010 02:32 PM - edited ā03-04-2019 07:31 AM
I am trying to block TFTP traffic with an ACL with the following commands, and have applied it to the appropriate interface (outbound on interface with the server subnet) and I can still copy a file over via TFTP. What am I missing? I have confirmed Solar Winds TFTP server is functioning on UDP port 69.
deny UDP any any eq 69
permit ip any any
Solved! Go to Solution.
ā02-16-2010 02:42 PM
Hello Steve,
outbound ACLs don't block packets that are generated locally on the router itself.
So if you test the ACL by copying a file from the router itself to the TFTP server the result is an apparent failure of the ACL = a successful TFTP file transfer.
Hope to help
Giuseppe
ā02-16-2010 02:42 PM
Hello Steve,
outbound ACLs don't block packets that are generated locally on the router itself.
So if you test the ACL by copying a file from the router itself to the TFTP server the result is an apparent failure of the ACL = a successful TFTP file transfer.
Hope to help
Giuseppe
ā02-16-2010 03:32 PM
Thanks for the clarification on that. When I switch to the client on another subnet it works fine.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide