beautypg.com

Configuring the tftp client – H3C Technologies H3C SecPath F1000-E User Manual

Page 224

background image

213

Table 35 Configuration when the device serves as the TFTP client

Device Configuration

SecPath (TFTP client)

Configure the IP address and routing function, and make sure that the
route between the device and the TFTP server is available.

Use the tftp command to establish a connection to the remote TFTP

server to upload/download files to/from the TFTP server

PC (TFTP server)

Enable TFTP server on the PC, and configure the TFTP working directory.

Configuring the TFTP client

When the firewall acts as a TFTP client, you can upload a file on the firewall to a TFTP server and

download a file from the TFTP server to the local device. You can use either of the following methods to

download a file:

Normal download: The firewall writes the obtained file to the storage medium directly. If you
download a remote file using a filename destination-filename that exists in the target directory, the
firewall deletes the original file and saves the new one. If file download fails due to network

disconnection or other reasons, the original file will never recover because it has been deleted.

Secure download: The firewall saves the obtained file to its memory and does not write it to the
storage medium until the whole file is obtained. If you download a remote file using a filename

destination-filename that exists in the target directory, the original file is not overwritten. If file

download fails due to network disconnection or other reasons, the original file still exists. This mode
is more secure but consumes more memory.

H3C recommends that you use the secure mode or, if you use the normal mode, specify a filename

inexistent in the target directory.
When using the tftp client source or tftp command, you can specify the source interface (such as a
loopback interface) or source IP address. The primary IP address of the specified source interface or the

specified source IP address is used as the source IP address of sent TFTP packets.
The TFTP client follows these rules to select the source IP address of packets sent to the TFTP server:

If no source IP address is specified, the IP address of the output interface of the route to the server
is used as the source IP address.

The source IP address specified with the tftp client source or tftp command is used.

If you first use the tftp client source command to specify a source IP address and then use the tftp
command to specify another source IP address, the latter is used.

The source IP address specified with the tftp client source command applies to all TFTP connections

while the one specified with the tftp command applies to the current TFTP connection only.

To configure the TFTP client:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Use an ACL to control the
device’s access to TFTP

servers.

tftp-server [ ipv6 ] acl acl-number

Optional.
By default, no ACL is used to
control the device’s access to

TFTP servers.