Re: Unable to connect using tftp other than over openvpn

From: Les Mikesell <lesmikesell@xxxxxxxxx>
Date: Thu, 06 Mar 2008 12:48:37 -0600

CSB wrote:

All the documentation I read when learning to set up tftp stated that
it's an insecure protocol ill-suited to sharing stuff over public
networks. It's best left for its intended purpose, sharing firmware,
boot code and such over networks under one's own control.

One of the risks is that, with a default installation[1], anyone who
can
read your data can change your data.

If you control both ends of the VPN then that would seem to meet that
guideline.

If you want to persist with sharing over the public internet, then look
at your firewall rules to see whether
1, There's a problem restricting your transfer
2. You have adequate controls over who can share your data.

Thanks for the reply.

This is for VOIP phone configuration. Some devices require tftp initially
before then being able to use http. We need the configuration available
publicly and it's not practical to have these devices connecting over VPN to
get their configuration.

But you said it did work when you connected through the VPN. I think that points to either firewalling (anywhere on the path between devices and remember that tftp runs over udp when opening ports) or routing. Can you connect to the public interface with other protocols or do traceroutes both directions to see if routes are correct through the public side?

--
Les Mikesell
lesmikesell@xxxxxxxxx

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

References:
- Unable to connect using tftp other than over openvpn
  - From: CSB
- Re: Unable to connect using tftp other than over openvpn
  - From: John Summerfield
- RE: Unable to connect using tftp other than over openvpn
  - From: CSB

Prev by Date: Re: Can't get bluetooth mouse to work in Fedora 8
Next by Date: Re: wicd - better wireless network manager than NetworkManager?
Previous by thread: Re: Unable to connect using tftp other than over openvpn
Next by thread: Video distortion
Index(es):
- Date
- Thread

Relevant Pages

Re: Unable to connect using tftp other than over openvpn
... It's best left for its intended purpose, sharing firmware, ... boot code and such over networks under one's own control. ... This is for VOIP phone configuration. ... Regarding the firewall we tested with flushed firewall rules and still got ...
(Fedora)
RE: Unable to connect using tftp other than over openvpn
... It's best left for its intended purpose, sharing firmware, ... boot code and such over networks under one's own control. ... This is for VOIP phone configuration. ... Regarding the firewall we tested with flushed firewall rules and still got ...
(Fedora)
Re: 4 vpns over 4 nics
... your configuration and make it harder to maintain. ... Just define the remote ... VPN sites in ISA console as new networks, ...
(microsoft.public.isa)
Re: Need WAN/Branch OfficeSolution
... But Charter Cable does some very interesting connectivity things for interoffice connectivity, so that might be a solution ... But otherwise your best option is hardware based site to site VPN and ideally both locations need a static IP ... for sharing files on our server across a WAN. ... Any recommendations on reading about Branch office setups? ...
(microsoft.public.windows.server.sbs)
Re: XP < -- > Vista networking problem
... Successful Sharing involves some general consideration in Network settings, ... Vista File and Printer Sharing- ... Service Advertising Protocol ... File and Printer Sharing for Microsoft Networks ...
(microsoft.public.windows.vista.networking_sharing)