mag72

Setup & Configure TFTP On Windows 10 (Free Server Tool)

tftp server windows 10 tutorial

Marc Wilson

Network admins use TFTP Servers every day to transfer images, configuration files, firmware, etc. to their networking devices.

TFTP is simple on its own and does not need any sophisticated messaging to work.

Of course, having no overhead is terrific, but there is a downside; it does not provide any encryption and authentication mechanisms.

Although TFTP has no built-in security, network admins use it for simple and fast file transfers within LANs.

And best of all, it can be used for remote connections by hardening its security with the right server/client software.

In this step-by-step tutorial, you’ll learn how to set up and configure TFTP on Windows 10.

We’ll learn how TFTP works, and how to set it up on the client and server.

Let's get started!

What is TFTP?

TFTP (Trivial File Transfer Protocol) is a simple file transferring mechanism developed as a “lighter” version of FTP.

It attempts to over-simplify and downsize the functionality of FTP.

Instead of using the full TCP implementation, TFTP relies on the connectionless and simple UDP transport over port 69.

TFTP only allows unidirectional file transferring.

It provides zero control and has low overhead.

The original idea of creating TFTP was to provide booting for disk-less computers or workstations that didn’t have enough memory or disk.

These disk-less workstations usually do not have access to the full TCP/IP stack, so they need to obtain configuration information such as DHCP or BOOTP from another server.

TFTP uses a client/server communication model.

As as you can see from the message exchange below, the TFTP server sends a block of data and waits for the acknowledgment before sending the next one.

A host sends a Request to Write (WRQ), the server responds with an Acknowledgement (ACK), so the host sends data.

The host can also send a Request to Read (RRQ) then the server sends the data and waits for an acknowledgment.

Today TFTP is commonly used for transferring configuration files and firmware images from and to networking devices.

It is also used for network booting by diskless nodes that need booting from the LAN.

TFTP is very easy to implement and use.

But it is not a secured transfer method.

It does not provide a login or access control mechanism, so it is more common in LANs.

Preparing your TFTP Environment

A TFTP server is a must-have piece of software in every network admin’s toolkit.

Cisco, Huawei, Netgear, and many more network appliances use TFTP for upgrading, backing-up, and saving configuration files and firmware.

Fortunately, you can set up and configure a TFTP server on your Windows 10 machine.

SolarWinds TFTP Server is lightweight and compatible with Windows 10.

It is a standalone free tool use for fast and easy network file transfers.

Download TFTP Server Free!

Prerequisites Before We Start

When setting up your TFTP server for the first time, consider the following requirements:

  1. Download the TFTP Server:
    To start, you’ll need to get the software. Download Solarwinds TFTP Server from its official site. The software is 100% free.
  2. Have Admin Rights:
    Setting a TFTP server requires an administrator account.
  3. Have a Root Folder Ready:
    In the end, the idea of using TFTP is to transfer files. Since you are configuring a TFTP server, you’ll need to have a folder storing all transferable files, such as OS firmware, configuration files, DCHP, etc.
  4. Port forwarding:
    TFTP clients might be able to access the server within the local network area without any issues, so if you don’t need remote file transfers, skip the port forwarding. But if TFTP clients are located across the WAN, they need their traffic to be forwarded to the correct destination. Port Forwarding is a setting in the local router that redirects requests from IP address and port number from WAN to another service on the LAN. To allow TFTP requests from remote TFTP clients into your LAN, you will need to log into the router and forward the UDP port 69 to the IP address of your server.
  5. Configuring Port Forwarding:
    This varies from router to router. Generally, most routers have it under Advanced Setup > NAT > Port Forward. Make a new entry on the list as Port (69) > UDP > IP Address (your IP)
  6. Allow local firewall rules:
    The local firewall might block TFTP file transfers. To allow the TFTP client to successfully request data to the TFTP server, avoid any firewall that might be blocking the connection. If possible, configure the firewall inbound/outbound rules to allow TFTP traffic. In the same way, make sure that there are no local firewalls or routers with ACLs blocking the TFTP connection.

Setting up a TFTP Server on Windows 10

So, now you have the TFTP environment ready.

You downloaded the TFTP server software, have admin rights on the server, have the root folder with all files, made the right configurations on the local router, and you are sure that nothing is blocking your TFTP connection.

Let’s go ahead and install the TFTP server:

  1. Unpack the zip drive downloaded from the SolarWinds TFTP server and open the executable file. The SolarWinds TFTP Wizard will open, click on “Next”.
    Download Free!
  2. Click “Browse” to choose a destination location.
  3. Once the SolarWinds TFTP Server Setup finishes, click “Finish”.
  4. Open the SolarWinds TFTP Server. The console should look something like this…

Configuring Security

TFTP is known for its lack of security. It does not have any encryption mechanism and does not support any client/server authentication methods.

Without encryption and authentication, a hacker could easily spoof the TFTP server and compromise the authenticity of critical files such as routing configuration and DCHP.

But despite that lack of security, TFTP is still the preferred method for quick and easy file sharing on networking devices.

Having no encryption and authentication makes TFTP fast and without much overhead.

Still, some TFTP server software can provide some features that guarantee a certain level of security.

For example:

  • Restrict the use of the server to a certain range or single IP addresses.
  • Permit or restrict certain types of file transfers. For example, only send, receive, or both.

To configure IP address restriction and file transfer types in the Solarwinds TFTP server

  1. Go to File > Configure.
  2. Go to the Security tab.
  3. By default, Solarwinds TFTP Server will allow all IP addresses to send/receive files. But you may also want to restrict the access to the TFTP server to specific IP addresses. If you want to restrict the server to a few networking devices, go ahead and click on “Only allow the following IP addresses to send/receive files,” then click on “Add”.
  4. In the following screen, you can define the IP address or range of addresses. For example, we are restricting access to sending/receiving files to the devices with IP from 192.68.0.100 to 192.168.0.120.
  5. In the same Security tab, you can also restrict transfer types. When you restrict IP addresses and transfer types, your security can be dramatically improved. For example, you may only want to allow sending files to a specific router.
  6. Click Ok.

Binding the Server to Specific IP addresses, Subnet, or interfaces

The tool we're using also comes with “Server Bindings,” which is another fantastic feature that can improve security.

Server Bindings is similar to restricting IP addresses, except that you can customize this restriction based on your local TFTP server network interfaces.

If your server has more than one interface, you can customize its connectivity based on “source IP” or “subnet.” In other words, you can limit the number of available interfaces that the TFTP server is listening to.

By default, the TFTP server will process the requests from clients received from any network interface

  1. If you want to customize the server’s bindings, for example, allow an entire subnet (from an interface) and allow a single IP on another, go to File > Configure > Server Bindings, and click on “Use custom server binding.”
  2. You also have the option to bind to all addresses in the list that you provided or go through the list in descending order. Once, you finished, click “OK

Configuring the TFTP Server

First, let’s make sure that the service has started.

If you find the following message: “TFP Server service status: stopped,” try clicking the “Start” button to start the TFTP service in the server application and wait a couple of seconds.

If it goes “stopped” again, try the following.

  1. Go to Windows services. Open Windows search bar and type “services”. Or type the Win+R keys to open the Run application and type “services.msc”. Make sure to run “services.msc” as an administrator.
  2. Find the service “SolarWinds TFTP Server” and double-click it. Make sure that its Startup Type is “Automatic” and if you see the Service status: Stopped, click the “Start” button.
  3. If you still see the service “Stopped,” disable any Antivirus or Firewall and test again. One of these applications might be blocking communication through port 69.

Configuring Other Parameters

  1. A useful setting for easier access to the application is to enable “Add TFTP Server to Windows System Tray”.
  2. You can leave Timeout and Retry options, with their default settings unless you are testing the TFTP environment
    1. TFTP timeout: This is the TFTP session timeout in seconds.
    2. Retry: The number of times, the server will retry to transmit a packet when the TFTP client doesn’t respond.
  3. Finally, let’s set up the “TFTP Server Root Directory”. This is the folder where all your files received from other devices will be stored, or where you will store the files that will be sent to other devices.
    1. Go to “Storage” > “Browse”. Choose a new folder or leave the “C:\TFTP-Root” folder created by default.
    2. Click on “Ok”.

Setting up the TFTP Client

The TFTP Client depends on the successful installation and configuration of the TFTP server. The client is probably the one that you will be using the most.

The only task you might need to do with the server is to update the shared files and input/remove some IPs.

When using the TFTP server, don’t forget about the following settings (already mentioned).

  1. The TFTP server service has to be up and the application is running.
  2. Configure the right TFTP folder.
  3. Make sure no Firewall and Antivirus is blocking the application and connection.
  4. If you are file sharing to a remote location, don’t forget about port forwarding.
  5. Make sure all your TFTP clients can reach your TFTP server.

From the TFTP client

Most networking devices already have TFTP enabled. For example, to transfer a Cisco Switch image from the server to the device, you would have to specify the IP address of the TFTP server on the client (Cisco Switch).

As you can see from the screenshot below, this switch does not have any configuration or image filename.

It does have a default address and a TFTP address. So to receive these missing files, you can use the IOS command “copy tftp startup-config [ip address of the TFTP server]”.

Another example, from a Huawei Switch (screenshot below).

The first line (TFTP get) downloads the files from the TFTP Server (192.168.0.2) to the switch.

The second line (TFTP put) uploads the files from the switch device to the TFTP server.

But networking devices are not the only ones that can run TFTP clients. You can also run the client on a Windows system.

Install TFTP Client on Windows 10

Fortunately, most Windows versions (servers and workstations) come with the TFTP client feature built-in, you only have to enable it.

  1. Go to Windows Start and search for “Control Panel”  then click on “Programs”
  2. Open Turn Windows features on or off.
  3. From the Windows Features list, find the TFTP Client feature and turn it on. Wait for the installation to complete and click “Ok”.

TFTP is considered an unsafe protocol, so Windows does not allow it by default. You will have to either turn off the Windows firewall (which is not recommended) or add an exception on the Firewall for the TFTP Client.

Let’s open the Windows Firewall and configure the rules and exceptions to allow TFTP.

  1. Open the Windows Start menu and type “Firewall” > open the “Windows Defender Firewall with Advanced Security,” and run it as an Administrator.
  2. Make sure that the firewall is enabled, and click on “Allow an app or feature through Windows Defender Firewall”.
  3. Click on “Change Settings,” then “Allow another app”.
  4. Click on “Browse” and find the TFTP.exe from the System32 folder and click on Open. Then click on “Add”.
  5. You can now, find the application on the Windows Defender Firewall, enable both Private and Public.

Transferring Files with TFTP

Now that you enabled the native TFTP client in Windows, you can use it to transfer files between the TFTP server.

As mentioned before, make sure that the files are present in the root folder and that the client and server can reach each other.

The TFTP client runs through the command line interface. The command sytax is:

tftp [-i] [<Host>] [{get | put}] <Source> [<Destination>] 

Where:

  • – i : Transfer in binary mode [also called octect]. If you don’t specify this parameter, the transfer goes in ASCII mode, which is a regular text file transfer.
  • Host: Specifies the local/remote computer (server).
  • Put: transfers the source file [on the local computer] to the file on the destination [remote computer]. Use this command to send a file.
  • Get: Downloads [transfers] the file from the destination remote computer to the local computer. Use this command to receive a file.
  • Source: Specifies the source file [with the path] to transfer.
  • Destination: specifies the destination file [with the path] to get.

An example of using the TFTP command on Windows 10:

In this example, we will upload a firmware image file [.bin] to the TFTP server [192.168.1.20]. We will use the TFTP client in Windows and transfer the file using binary mode.

  1. Let’s open the Windows command prompt. Open the Windows search and type “cmd,” or press the Win + R > Open the Run and type “cmd”.
  2. Go to the directory where the firmware is stored (or specify the entire path).
  3. Type the command TFTP -i 192.168.1.20 PUT firmware.bin

Final Words

TFTP is a terrific and often misunderstood transferring method.

Although it has a bad reputation for its lack of security, it doesn’t have much overhead, making it a reliable, quick, and easy transferring mechanism.

You can use it in enclosed LANs or WANs, where speed reigns over security.

Setting up a TFTP server on Windows 10 is straightforward. Just download Solarwinds TFTP Server and configure it, as shown in this tutorial.

If your TFTP client is a networking device, it will likely have the TFTP service already enabled. But if you want to transfer files to a Windows 10 workstation, you can enable the TFTP built-in feature.

We hope that this tutorial was informative.

Please comment if you have any questions about the setup and configuration of the TFTP on your Windows 10.