Use TFTP to configure a Router

If we want to send previously prepared configs commands to Router via TFTP we can do this in very simple way and in this article we will se how to do it on Cisco and Juniper device.


When we use TFTP to download configuration commands to the router, he is not making an echo of each command which reduces overall time consumption, CPU consumption and increases speed.

In this example, we will configure this router by making it receive the file named RConfig from the server at by using the Trivial File Transfer Protocol – TFTP. The router will use the whole file received via TFTP before entering all the commands into the running configuration. This is particularly good because some commands in the configuration process could prevent your access to the router by locking you out or disconnecting you from the network, but the rest of the commands might fix the issue. If you enter the same configurations manually using telnet or “configure t”, you would simply lock yourself out of the router and not be able to continue with your work. A usual example of this issue happens when you change an active access-list. When you enter the first line, the router puts an implicit deny at the end, which will break your connection. Entering commands by using TFTP avoids any of this kind of problem.

Last line of any configuration file should be the end command so the router knows that it has reached the end of the file. If you don’t do this, the router still will accept all of the commands normally, but will put the following error into its logs:

Jan 19 11:26:38: %PARSER-4-BADCFG: Unexpected end of configuration file.

If you have the    end    command in your configuration file, then seeing this message will tell you that the router didn’t get all of the configuration commands. But if you don’t terminate the file properly, it’s impossible to tell if the transfer was successful.


When you first connect to the JUNOS router’s console, you must log in as the user   root. The   root user is similar to the Unix superuser and has complete access to all functions on the router. Initially, the root account has no password. You can see that you are   root   because the prompt on the router shows the username   root#. Start the JUNOS CLI using the command   cli. Once you have started the CLI, type the command   configure   to enter   configuration mode. The prompt   root@#   indicates that you are now in configuration mode. After execution of the   commit   command, the hostname that you configured is added to the end of the prompt, so the prompts become   root@Rjuni#   in configuration mode and   root@Rjuni>   in operational mode.

When you first configure the JUNOS router, you set a number of basic properties for the router:

  • Name of the router (hostname), with the  set system host-name  command.
  • Your domain name, with the  set system domain  command.
  • IP address of the router’s  fxp0  interface, with the  set interfaces fxp0  command.  fxp0  is an Ethernet  management interface. (The J-series routers do not have a dedicated management interface. You use one of the built-in Fast Ethernet interfaces,  fe-0/0/0  or  fe-0/0/1, instead.) Juniper Networks recommends that you manage all M-series and T-series routers using the  fxp0interface, which is reserved for managing the router, so no traffic is forwarded through it. As part of the physical setup for the router, you should connect  fxp0  to an Ethernet network over which you can perform  management tasks. Optimally, the router should also be able to reach its DNS and NTP servers through this network. If you prefer, you can use any other interface router as a management interface. For the remainder of this book, we assume that  fxp0  (or  fe-0/0/0  on J-series routers) is configured as the management interface.
  • IP address of a  backup router, with the  set system backup-router  command. Choose a router that is directly connected to the local router. Your router uses this backup router only when it is booting and only if the JUNOS routing software (called the  routing protocol process, or RPD) does not start. If RPD does not start, the router will have no static or default routes, so you will not be able to access it directly but will have to go through the backup router. When the router is booting, it creates a static route to the backup router. This route is removed from the routing table as soon as the routing software starts.

For routers with two Routing Engines, the backup Routing Engine, RE1, still uses the backup router as a default gateway after the router has booted, so you can use the backup router to log in to RE1.

  • IP address of one or more  DNS name servers on your network, with the  set system name-server  command. The router uses the DNS name server to translate  hostnames into  IP addresses.
  • Password for the  root account. When you initially start a new router, the root account has no password. The easiest way to configure this is by entering a plain-text (ASCII) password using the  plain-text-password  statement to configure a password. After you press Enter, the CLI prompts you for the password and then asks you to retype it but does not display what you type. The password you use cannot be all lowercase letters, all uppercase letters, or all numbers. There must be a mixture of cases, letters, digits, and punctuation. If you choose a password that doesn’t meet these criteria, you see an error message:
error: require change of case, digits or punctuation

When you display the password with the  show  command, the CLI immediately encrypts the password string using MD5 and displays the encrypted version in the  show  command output

For any configuration to take effect use commit command.

root@# commit 

Configuration examples for Cisco and Juniper device


The copy tftp: command is used to configure the router via the Trivial File Transfer Protocol (TFTP):

R1#copy tftp:// running-config
Destination filename [running-config]? <enter>
Accessing tftp://
Loading CONFIG1 from (via eth0/0.1): !
[OK - 24 bytes]
24 bytes copied in 0.192 secs (125 bytes/sec)


root# cli


cli> configure


root@# set system host-name Rjuni

root@# set system domain-name

root@# set interfaces fxp0 unit 0 family inet address

root@# set system backup-router

root@# set system name-server

root@# set system root-authentication plain-text-password

New password:

Retype password:

root@ show

system {

host-name Rjuni




root-authentication {

encrypted-password "GZlE4dp$OUYYWog7cLoV/aWpdAnC/"; ## SECRET-DATA;


name-server {



interfaces {

fxp0 {

unit 0 {

family inet {






root@# commit

root@Rjuni# exit


One Response

  1. HeyBRO November 17, 2016

Leave a Reply