Version 6.6 431 Mediant 2000
User's Manual 34. Automatic Update
34.5 Loading Files Securely (Disabling TFTP)
The TFTP protocol is not considered secure and some network operators block it using a
firewall. It is possible to disable TFTP completely, using the ini file parameter
EnableSecureStartup (set to 1). This way, secure protocols such as HTTPS may be used
to fetch the device configuration.
 To download the ini file to the device using HTTPS instead of TFTP:
1. Prepare the device's configuration file on an HTTPS server and obtain a URL to the
file (e.g., https://192.168.100.53/gateways.ini).
2. Enable DHCP, if necessary.
3. Enable SSH and connect to it.
4. In the CLI, use the ini file parameters IniFileURL (for defining the URL of the
configuration file) and EnableSecureStartup (for disabling TFTP), and then restart the
device with the new configuration:
/conf/scp IniFileURL https://192.168.100.53/gateways.ini
/conf/scp EnableSecureStartup 1
/conf/sar bootp
Note: Once Secure Startup has been enabled, it can only be disabled by setting
EnableSecureStartup to 0 using the CLI. Loading a new ini file using BootP/TFTP is
not possible until EnableSecureStartup is disabled.
To Next Page
Loading...
Need help?
General
