Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACL to block TFTP not working

I am trying to block TFTP traffic with an ACL with the following commands, and have applied it to the appropriate interface (outbound on interface with the server subnet) and I can still copy a file over via TFTP. What am I missing? I have confirmed Solar Winds TFTP server is functioning on UDP port 69.

deny UDP any any eq 69

permit ip any any

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: ACL to block TFTP not working

Hello Steve,

outbound ACLs don't block packets that are generated locally on the router itself.

So if you test the ACL by copying a file from the router itself to the TFTP server the result is an apparent  failure of the ACL = a successful TFTP file transfer.

Hope to help

Giuseppe

2 REPLIES
Hall of Fame Super Silver

Re: ACL to block TFTP not working

Hello Steve,

outbound ACLs don't block packets that are generated locally on the router itself.

So if you test the ACL by copying a file from the router itself to the TFTP server the result is an apparent  failure of the ACL = a successful TFTP file transfer.

Hope to help

Giuseppe

New Member

Re: ACL to block TFTP not working

Thanks for the clarification on that. When I switch to the client on another subnet it works fine.

606
Views
0
Helpful
2
Replies
CreatePlease to create content