Permit TFTP through Cisco IOS router (ZBFW)

~ Iain

Obviously this isn’t recommended but if you ever need to gain access to a TFTP on the inside of your network which happens to be connected to the Internet using a Cisco IOS based router with Zone Based Firewall enabled:

Access List Entry

Extended IP access list public-private-inspect-cmap-acl
     10 permit udp any host x.x.x.x eq tftp

NAT Entry

ip nat inside source static udp x.x.x.x 69 interface Dialer0 69

This obviously assumes “Dialer0” is your external interface and replace x.x.x.x with the IP address of your TFTP server.

Published by Iain

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.