Filter
Top Products
TFTP Security Features
The router provides some security measures to control access to and
use of the TFTP facility. Initial TFTP connection requests are made on
the well-known User Datagram Protocol (UDP) port 69. Access to TFTP
on a specific network interface can be blocked, therefore, by
constructing a TCP/UDP port filter to drop incoming datagrams destined
for port 69.
In addition, TFTP does not auto-enable in the default state. While you
can configure the TFTP Auto Enable parameter to be “Yes”, this option
may not be desirous in environments where security is a concern. Use
the following procedure to transfer objects (operating code,
configurations, or NCL displays) to or from a system on which TFTP is
not auto-enabled.
1. Telnet to the system.
2. Log in.
3. Access the “Network Control Language Interpreter” from the Main
menu.
4. Use NCL’s Enable command to enable TFTP (en tftp on this
router).
5. Do the transfer using the Fget or Fput command (or other TFTP
command on the remote system).
6. Disable TFTP after completing the transfer (dis tftp on this
router).
NCL
Commands
16
Using the Network Control Language
Using TFTP To Transfer Operating Code, Configuration, and NCL Display
16-93