Details
Specify the IP address of an interface as the source address for TFTP connections.
Rationale:
This is required so that the TFTP servers can easily identify routers and authenticate requests by their IP address.
Impact:
Organizations should plan and implement trivial file transfer protocol (TFTP) services in the enterprise by setting ‘tftp source-interface loopback’, which enables the TFTP servers to identify routers and authenticate requests by IP address.
Solution
Bind the TFTP client to the loopback interface.
hostname(config)#ip tftp source-interface loopback {loobpback_interface_number}
Default Value:
The address of the closest interface to the destination is selected as the source address.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Cisco.