RE: [Asterisk-Users] TFTP Secondary Ports

Wed, 03 Aug 2005 06:18:20 -0700 

Just a data point... tftp works just fine in RHv9 and FC3 with remote
7960's. Images, config files, etc, get transferred correctly every time,
and the 7960's are between elcheapo firewall boxes.

If you really want to restrict who can access the tftp server, run one
of the firewall app's on the linux server.

------------------------

> I understand. However, Im successfully managing this without any problems 
> using a Windows 
tftp server by www.winagents.com. This
> software allows you to limit secondary transfer connections to a range of 
> IPs. Therefore you 
only need to open up port 69 and the range
> you specify. Everything just works!
> 
>  
> 
> I would like to move the solution to Linux for a couple reasons. However, It 
> looks like the 
default tftp server does not support this feature
> and that is why you were going crazy. The number of ports you must open is 
> ridiculous for 
tftp. However, I just found a seemingly robust
> linux version with firewall support offered by weirdsolutions. It looks 
> promising. 
http://www.weirdsolutions.com/
> 
>  
> 
> Chad
> 
>  
> 
> 
-----------------------------------------------------------------------------------------------
-----------
> 
>        From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Carlos
>                                    Sent: Wednesday, August 03, 2005 12:10 AM
>                              To: 'Asterisk Users Mailing List - 
> Non-Commercial Discussion'
>                                  Subject: RE: [Asterisk-Users] TFTP Secondary 
> Ports
> 
>                                                      
> 
>                                                  hey chad,
> 
>                                                      
> 
>      just a heads up tftp is one of the worst protocols to use when your 
> behind a nat or firewall it drove me pretty crazy a while ago.
> 
>                                                      
> 
>                                                Carlos Alcantar
>                                            Race Technologies, Inc.
>                                               101 Haskins Way
>                                          South San Francisco, CA 94080
>                                                P: 650.246.8900
>                                                F: 650.246.8901
>                                              E: carlos at race.com
> 
>                                                      
> 
> ----------------------------------------------------------------------------------------------------------
> 
>      From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chad Brown
>                                      Sent: Tuesday, August 02, 2005 10:46 PM
>                                        To: [email protected]
>                                   Subject: [Asterisk-Users] TFTP Secondary 
> Ports
> 
> Im publishing tftp through my firewall to support external Cisco 7960 sip 
> phones. I know that the primary port is 69 for tftp. However, tftp
> also uses secondary ports ranging from 1,0XX to 30,XXX. ( A broad range) In 
> an effort to limit the secondary ports that are opened, some
>  Windows based tftp server such as the winagents product allows you to limit 
> the range of secondary ports that are used allowing you to
>                                     somewhat tighten firewall publishing 
> rules.
> 
>                                                      
> 
>                              Does anyone know how to do this using the linux 
> tftp server?
> 
>                                                      
> 
>                                                Thanks, Chad
---------------End of Original Message-----------------


_______________________________________________
Asterisk-Users mailing list
[email protected]
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Reply via email to