Using FTP from the Router

Problem

You want to use FTP directly from your router to download configuration or IOS files.

Solution

The copy ftp: command lets the router exchange files using FTP:

Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip ftp username ijbrown
Router1(config)#ip ftp password ianpassword
Router1(config)#end
Router1#copy ftp: running-config
Address or name of remote host [172.25.1.1]? 172.25.1.1
Source filename []? test
Destination filename [running-config]? <enter>
Accessing ftp://172.25.1.1/test...
Loading /test 
[OK - 24/4096 bytes]

24 bytes copied in 0.276 secs (87 bytes/sec)
Router1#

Notice that we explicitly defined a username and password in this example. If you don’t specify a username, the router will try to connect to the server’s anonymous FTP service.

Discussion

Several recipes in this chapter have shown how to transfer files between your router and server by using TFTP. However, Cisco routers also support FTP. We find that FTP is better suited for transferring files over busy and congested links. While TFTP file transfers tend to abort if they encounter persistent congestion, FTP appears to be more resilient.

FTP is also somewhat more secure than TFTP because it uses usernames and passwords. TFTP has no user-level security features. However, FTP sends its passwords across the network in unencrypted cleartext, so it is still not highly secure.

In the example, we explicitly configured a FTP username and password on the router. Once this information is defined, using FTP is as easy as using TFTP. You can also override the username and password settings defined in the configuration file by including them on the command line:

Router1#copy ftp://ijbrown:ianpassword@172.25.1.1/c3620-ik9s-mz.122-10a.bin slot1:
Destination filename [c3620-ik9s-mz.122-10a.bin]? <enter>
Accessing ftp://ijbrown:ianpassword@172.25.1.1/c3620-ik9s-mz.122-10a.bin...
Loading pub/c3620-ik9s-mz.122-10a.bin !!!!
Erase slot1: before copying? [confirm] <enter>
Erasing the slot1 filesystem will remove all files! Continue? [confirm] <enter>
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased
Erase of slot1: complete
Loading pub/c3620-ik9s-mz.122-10a.bin !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 11819052/4096 bytes]

Verifying checksum...  OK (0x3238)
11819052 bytes copied in 266.956 secs (44273 bytes/sec)
Router1#

Notice that we used URL format to specify the username and password as well as the server address and the filename that we wanted to download. The format of the FTP URL looks like this:

ftp://ijbrown:ianpassword@172.25.1.1/c3620-ik9s-mz.122-10a.bin

A colon separates the username, ijbrown, from the password, ianpassword. An @ sign then separates the user information from the server information, which can be either an IP address or a DNS name. Then a forward slash, /, separates the filename from the directory and filename.

If you don’t include an FTP username in the configuration or the command line, the router will default to using anonymous FTP. And, if no password is specified in either the router’s configuration or on the command line, the router will send a default password of .

It is important to remember that if you specify a username and password on the command line, it will override whatever values you have configured. If you don’t specify a username or password on the command line, the router will use the configured FTP username and password. If you don’t specify a username and password in either place, the router will resort to anonymous FTP.

Get Cisco IOS Cookbook, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.