TFTP Cant log in?

I just purchased the endpoint manager and am trying to get it to provision the phones in the office. I see that we can use tftp or http for the provisioning file. Im using tftp and just trying to connect to the server with a client.

Ok, my understanding is that tftp does not use a username and password?

How do we configure it? Does it use port 21 or 69? or in a ftp client is giving me connection refused 10061.

Thank You,

FTP is port 32 tftp is port 69, you have to use a tftp client such as Khalid’s tftpd

You also need to set Option 66 and Option 150 to your tftp IP in your DHCP server.

I am lost. This has been the toughest obstacle yet for me to understand.
My goal is to be able to auto provision phones using endpoint manager.
Should i use tftp or http?

What i have done:
I have set up global settings and a cisco template in endpoint manager.
Selected tftp

I am know trying to connect to the tftp server on a windows computer to verify that it is up and running. I am using ftp rush. I set the protocal to tftp and set the host to my pbx’s ip address port 69. It hangs “connecting to tftp server”?

Is there a way to verify tftp is up and running?

“You also need to set Option 66 and Option 150 to your tftp IP in your DHCP server.”

My dhcp server on my cisco phones? my router? i dont understand where to set this up? I have a static ip for everything.

Static IP’s? Then you have to assign the tftp address to the phones manually. That’s a pain.

The goal is to do a zero touch config. If you setup your DHCP server, input the MAC address the phone should be plug and play outside the box.

Is you server in the same LAN as the phones? If not you have to open UDP 69 in your firewall (a security issue so limit the hosts via an access list).

I have never heard of that client.

Have you checked to make sure the tftp service is running on your server? Do s service xinetd.d status and take a look for tftp entries in /var/log/messages.

We also suggest you increase the verbosity of tftp logging by add a -vv to the tftp options in /etc/inetd.d/tftp

Ok I am doing my research. How would the phones know to use the dhcp server? Would they have to be connected directly to the pbx. All of the phones here are connected ROUTER-SWITCH-PHONES.

Thank YOU!

DHCP = “Dynamic Host Configuration Protocol” , If a host doesn’t have a known IP address it will use that protocol to acquire own, it will ask on UDP 69 and anything that answers reasonably will used. Unless you know what you are doing NEVER have more than ONE DHCP server in any network.

Dicko is hitting the sauce early today. DHCP uses broadcast messages to ask for an IP. If more than one DHCP server is listening on the network segment all sorts of odd behavior will result.

You didn’t answer my question, is the phone server in the same network as the voice server?

yes they are on the same network. Another question what would be the address i would use in profile rule in the phones web gui if i were to not use dhcp rules.
Just want to see if it is even working. I did run service xinetd.d status and
checked var/log/messeages. tftp seems to be up.

Ok, but you can’t connect to it.

Make the change as shown below this increases the verbosity of tftp (see the -v) then restarts it. The final step shows the live log as it happens. If you transfer a file via tftp you should see it.

[[email protected] xinetd.d]# cat tftp

default: off

description: The tftp server serves files using the trivial file transfer \

protocol. The tftp protocol is often used to boot diskless \

workstations, download configuration files to network-aware printers, \

and to start the installation process for some operating systems.

nano tftp
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -v -s /tftpboot
disable = no
per_source = 11
cps = 100 2
flags = IPv4

(save file after editing)
[[email protected] xinetd.d]# service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
[[email protected] xinetd.d]# tail -f /var/log/message
[[email protected] xinetd.d]# tail -f /var/log/messages
Jul 17 16:18:22 maieast in.tftpd[18376]: RRQ from filename host.cfg
Jul 17 16:18:23 maieast in.tftpd[18377]: RRQ from filename fp-net.cfg
Jul 17 16:18:34 maieast in.tftpd[18378]: RRQ from filename host.cfg
Jul 17 16:18:35 maieast in.tftpd[18379]: RRQ from filename fp-net.cfg
Jul 17 16:18:46 maieast in.tftpd[18380]: RRQ from filename host.cfg
Jul 17 16:23:37 maieast in.tftpd[18390]: RRQ from filename /spa708105b34ad8.xml
Jul 17 16:38:37 maieast xinetd[1136]: EXIT: tftp status=0 pid=18360 duration=1308(sec)
Jul 17 16:39:45 maieast xinetd[1136]: Exiting…
Jul 17 16:39:46 maieast xinetd[18648]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
Jul 17 16:39:46 maieast xinetd[18648]: Started working: 1 available service

Ok, did what you said

C:\Windows\system32>tftp -i get aastra.cfg
Transfer successful: 497 bytes in 1 second(s), 497 bytes/s

So it looks like it is working now.

Now thats done without a dhcp server how would i put the tftp address into my cisco phones?


thnx again

I GOT IT! Thanks for stick with me. Was getting a little depressed for a minute.
Its not working right but it is provisioning itself. tftp://(PBX IP)/(XML) was what i needed in the profile rule. I am going to start on dhcp now.

Is it possible to disable dhcp in my router and set up a dhcp server without having the phones connected directly to the pbx but on the same network? Would the phones find the dhcp?

Thank You


Got it going even further! I have the DNS Server set up and working. I just have no idea how to set option 66 and 150. here is my dhcpcd.conf,

DHCP Server Configuration file.

see /usr/share/doc/dhcp*/dhcpd.conf.sample

see ‘man 5 dhcpd.conf’

#specify domain name
option domain-name “localhost.localdomain”;
#specify DNS server ip and additional DNS server ip
option domain-name-servers,;
#specify default lease time
default-lease-time 600;
#specify Max lease time
max-lease-time 7200;
#specify log method
log-facility local7;
#Configuring subnet and iprange
subnet netmask {
option broadcast-address;
#Default gateway ip
option routers;

How would I set up the options I need?


don’t leave me hanging now that I have gotten this far. LOL

Thank u SkyKingOH

Laughing. …won’t be by a computer for hours. Don2 have patience to x X o from p b on.

I have some static entries for DECT access points but other than that this is standard. My dhcpd.conf from the Asterisk box that serves my home. is the boot server (option 66).

[[email protected] dhcp]# cat dhcpd.conf
ddns-update-style interim;
ignore client-updates;
option bootfile-name “omm_ffsip.tftp”;
option openmob-serverip code 43 = string;
option openmob-name code 224 = text;

subnet netmask {

option routers;
option subnet-mask;
option nis-domain “asterisk.local”;
option domain-name “asterisk.local”;
option domain-name-servers;
option time-offset -18000; # Eastern Standard Time
option ntp-servers;
option tftp-server-name “”;
range dynamic-bootp;
default-lease-time 43200;
max-lease-time 86400;

host omm {
hardware ethernet 00:30:42:0D:F2:5E;
option openmob-serverip 0a:04:c0:a8:2:6;
option openmob-name “OpenMobility”;


Some documentation said to use “option tftp-server-name” and others said to use

option tftp66 and tftp150. It is working with the config below? Is this correct? The only problem i am having is endpoints manager network scan is not working. It doesnt show any of my phones. Big pain to have to get mac address’s for every phone. Is this because of nat?

option domain-name “localhost.localdomain”;
#specify DNS server ip and additional DNS server ip
option domain-name-servers,;
#specify default lease time
default-lease-time 600;
#specify Max lease time
max-lease-time 7200;
#specify log method
log-facility local7;
option tftp150 code 150 = string;
option tftp66 code 66 = string;
#Configuring subnet and iprange
subnet netmask {
option broadcast-address;
option tftp150 “”;
option tftp66 “”;
#Default gateway ip
option routers;
#Fixed ip address based on MAC id
host SPA525G2 {
hardware ethernet 30:F7:0D:5F:6A:74;

Thanks Again,

First off if the phones are in the same LAN as the server then NAT has nothing to do with a network scan as the server has a connected interface into the network.

I have never seen “option tftp code” syntax, what I sent you works.

This line looks wrong, but it could set be setting a variable called tftp150 as string. The man page would be the end all reference.

Also most phones want the format as an encoded IP, not as a string.

option tftp150 code 150 = string;


So I need to include

option ntp-servers;
option tftp-server-name “”;

in the conf file?

" phones want the format as an encoded IP"
What does this mean?

glad i missed it.

Whats in a networking 101 class? I am a small buisness owner looking to learn how to do this and save some money. The title of the forum is “general help”. I dont believe this is out of the guidelines