[ previous ] [ next ] [ threads ]
 From:  "Christian Oswald" <coswald at dls dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  FW: RE: tftp config
 Date:  Sat, 23 Apr 2005 21:28:36 -0500
>Thank you. If I understand correctly there is no hope to use TFTP
>M0n0Wall without this "TFTP hack".
>In our case the security is not a big deal because the only available
>on the public tftp server are the grandstream images. The server is
>Grandstream has it's own public TFTP server (TFTP was their decision,
>The reason why we use our own:
>We would like to control the firmware in our phones.
>TFTP is not a NAT-friendly protocol.  It won't work through any NAT
>implementation that doesn't have a "TFTP hack", and there's no easy
>TFTP is also a totally insecure protocol. Anyone using it on a WAN
needs his
>head examined.
>Fred Wright

I guess I need my head examined :)  I have the following setup at a few
different locations:

Asterisk server
With polycom &------------------->
Monowall------->cisco/polycom/grandstream phones
Cisco config files

The cisco and polycom phones basically pull the configuration files from
the asterisk server via tftp (why cisco and polycom have chosen to do
this is beyond me, but anyway). I too would prefer to use monowall over
anything else. I know there is no easy way to get tftp to work through
NAT, but can somebody please send me instructions on how to do this.
With VoIP becoming more popular every day, I can see a growing need to
allow tftp traffic through the wan interface. I would gladly pay for a
fix for this.