Trivial File Transfer Protocol (TFTP) has been the natural choice for transfering files on a Cisco device for a long time but it has some weaknesses:
- It’s not reliable, since it doesn’t use TCP
- Since it’s not using TCP every packet has to be acknowledged before the next one can be sent
- No support for encryption of traffic
- Takes long time to transfer large files
So why do we still use TFTP, mostly because it’s simple to setup and that we are used to it. File Transfer Protocol (FTP) overcomes most of the weaknesses of TFTP. It’s reliable because it uses TCP for transport. We send several packets before needing to acknowledge. It’s much faster. It is not encrypted but if that is a must Secure Copy (SCP) can be used.
Transfering a file from a FTP server to a Cisco ASA is very easy. First you need a FTP server, I use Quick ‘n Easy FTP Server Lite. This is the syntax to transfer a file:
Change user and password to the real user and password and the servip is the IP used by the FTP-server. Filename is the name of the file to transfer. Disk0 is the destination for the file. I did some upgrades of ASA last week and I was shocked how much faster it is than TFTP so I highly recommend you start using it.