No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Failure in the Client Using the USG5300 to Access the TFTP Server

Publication Date:  2012-07-25 Views:  297 Downloads:  0
Issue Description
The TFTP server in the DMZ is inaccessible to the client from the Trust Zone.
Alarm Information
Handling Process
1. TFTP is a multi-channel protocol. The control channel uses UDP port 69 and the data channel is obtained by auto-negotiation. Therefore, the problem lies in that strict packet filtering policy is configured between two Zones and that ASPF is not enabled.
2. Enable user-define function of ASPF between DMZ and Trust Zone.
[USG5300]acl num 3000
[USG5300-acl-adv-3000]rule per udp destination-port eq 69
[USG5300-interzone-dmz-untrust]detect user-define 3000
Root Cause
Configuration issues.