Phone TFTP config Download and ACL on the way
Hi,
TFTP and the Softswitch are located on 2 different server, for the TFTP side I allowed the phone to see only TFTP port on that server as below ACL :
Phones get DHCP info + TFTP option from the local router , here is the ACL on the router
ip access-list extended voice
permit ip 172.31.10.0 0.0.0.255 host 1.1.1.1 (1.1.1.1 is the softswitch & 172.31.10.0 is the phone IP range)
permit udp 172.31.10.0 0.0.0.255 host 1.1.1.2 eq TFTP (1.1.1.2 is the TFTP server)
***** My question is ,
Although in the ACL log I see that tftp line has matches but when I telnet to the phone shows the TFTP 0.0.0.0 (I have option 150 in the router DHCP to pass 1.1.1.2 as the TFTP server)
Am I missing something in my ACL? or Concept wise is this possible?
Thx.
Comments
Hello,
If your phone is receiving DHCP, it should be receiving all relevant options as well. Can you please post your DHCP pool config. Also, on your TFTP server, can you see activity through debugs or logs at all?
here is the DHCP config on local router :
ip dhcp pool Test
network 172.31.10.0 255.255.255.0
default-router 172.31.10.254
dns-server 1.1.1.5 1.1.1.6
option 150 ip 1.1.1.2
Actually I didn't check the TFTP log , I just checked the ACL to see if has any matches which had. I'll check TFTP log also.
Thx
Hi,
check if the reverse path is also allowed. u can use the debug ( with cef off) to see the traffic matched and droped
Regards
Your DHCP config is correct. Once you check the TFTP logs, see if the traffic is coming back as 12345 said above.