Transfering / Backup Cisco Configs from outside IP to internal TFTP SERVER through Firewall.
First, you need to allow your Public IP network provided to you from your ISP through your firewall on port 69 (tftp port).
If you do not set the source interface for your TFTP communication, the TFTP transfer may fail. By default Cisco Routers will use the uplink / outside interface, not the interface with IP addresses assigned to you by your ISP.
Router-INTERNET#sh ip int br
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 23.12.143.75 YES NVRAM up up
GigabitEthernet0/1 132.95.160.113 YES NVRAM up up
GigabitEthernet0/2 unassigned YES NVRAM administratively down down
Router-INTERNET#
ISP <---> g0/0---G0/1-->Inside
The command to set a source interface or IP on a cisco Router for backing up to tftp is:
router(config)#ip tftp source-interface GigabitEthernet0/1
router# copy running-config tftp
Now when you copy to your tftp server, it will use the source interface GigabitEthernet0/1 with ip 132.95.160.113, which is your company public IP.
No comments:
Post a Comment