A-1
Cisco PIX Device Manager Installation Guide
78-15483-01
A P P E N D I X
A
Using a TFTP Server
This appendix describes how to use a TFTP server to access PIX Firewall or PDM images. You must
have a TFTP or FTP server to install the PIX Firewall software.
You must have an activation key that enables Data Encryption Standard (DES), the more secure 3DES,
or AES which PDM requires for support of the Secure Sockets Layer (SSL) protocol. If your PIX
Firewall is not enabled for DES, you can have a new activation key sent to you by completing the form
at the following website:
http://www.cisco.com/cgi-bin/Software/FormManager/formgenerator.pl?pid=221&fid=324
This section includes the following topics:
•
Obtaining a Windows TFTP Server, page A-1
•
Enabling UNIX TFTP Support, page A-2
•
TFTP Download Error Codes, page A-3
Obtaining a Windows TFTP Server
The Microsoft Windows based TFTP server previously provided by Cisco Systems has been
discontinued and is no longer supported by Cisco Systems. This software suffers from a security bug
described in (
http://online.securityfocus.com/bid/2886
). Persons still using the server should consider
replacing it with any of the high quality freeware and shareware TFTP servers.
As a historical note, the Cisco TFTP server was released to customers in 1995 and at a time when no
other freely available TFTP servers existed. Today, there are many TFTP servers available that can be
easily found by searching for “tftp server” on your internet search engine. We do not specifically
recommend any particular TFTP implementation.
It is also useful to note that modern versions of Cisco IOS software also support the use of FTP instead
of TFTP for loading of images or configuration files. Use of FTP overcomes a number of inherent
limitations of TFTP including a lack of security and a 16 MB file size limitation.