Re: [fw-wiz] firewall-wizards Digest, Vol 10, Issue 9

---

• From: "St John, Richard" <Richard.StJohn@xxxxxxx>
• Date: Thu, 15 Feb 2007 11:38:11 -0600

---

One of the problems we had was that TFTP can be both UDP and TCP. When
VOIP was initiated {we run phones on remote sites through our VPNs for
config} we had the problems you described, it was not until we noted our
illustrious new firewall admin had opened TCP 69 and not UDP69. Once
that was opened to the remote networks, everything started to work fine.
Our firewall logs show that the Cisco & Mitel phones all were trying to
pull on UDP 69


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have tried that. The reason we are using TFTP is for our VOIP phones
to pull
down the config setting upon reboot.

Over all I prefer SCP or SFTP but in this case its not avaliable.

Akash Rao wrote:

Craig,

It is tough to know what might be wrong without checking the logs of

the

firewalls. I hope you have tried to telnet to the tftp server on port

69

(default port for tftp) from a client in remote lan and confirmed that
the tftp server is running. Now, try the same test with a client in

"my

lan" and confirm the same.

On a seperate note, i would suggest using scp or sftp rather than tftp
to transfer files. Since these are more secure.

Cheers,

Akash

On 2/10/07, * Craig Van Tassle* <craig@xxxxxxxxxxxxx
<mailto:craig@xxxxxxxxxxxxx>> wrote:

I have a couple of remote sites that are using Cisco firewalls for
Lan-Lan vpn.
I have all the proper rules for so I can remote connect to servers
on the other
side, and ping works fine. However I'm trying to use something like
tftp over
from my lan to the remote lan. It does not seem to work. Any ideas?

Thanks
Craig

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

---

• Follow-Ups:
  • [fw-wiz] TFTP (Was: Re: firewall-wizards Digest, Vol 10, Issue 9)
    • From: Carson Gaspar

• Prev by Date: Re: [fw-wiz] PIX stateful failover and separate external circuits
• Next by Date: Re: [fw-wiz] TFTP over vpns
• Previous by thread: [fw-wiz] PIX stateful failover and separate external circuits
• Next by thread: [fw-wiz] TFTP (Was: Re: firewall-wizards Digest, Vol 10, Issue 9)
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Small device to control a RDP computer ... Looks more and more like I am going to be keeping my phone and remote device ... Al Jarvi (MS-MVP Windows Networking) ... I am now seeing phones with Windows Mobile 5.0 on them. ... (microsoft.public.windowsxp.work_remotely) CISCO 7940 and TFTP ... I know Cisco must have a way to do this, ... CISCO IP PHONES AND TFTP ... I work for an ISP and we're starting to deploy CISCO IP phones. ... My configuration for each phone is the same, since I have a very basic ... (comp.dcom.sys.cisco) IOS Upgrade Question ... I have a 1720 router remotely. ... I want to upgrade the IOS ... using tftp, but I am wondering if it is a bad idea to do this via telnet to ... a remote router that I dont have physical access to? ... (comp.dcom.sys.cisco) Re: Meridian phone on POTS line ... It will do other Nortels too. ... One of these on the switch side, and one on the remote side: ... This assumes you have a switch to connect it to. ... ask me how to hook up a proprietary Meridian phones at home. ... (comp.dcom.sys.nortel)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Firewall-Wizards  > 2007-02