TFTP (Trivial File Transfer Protocol) is a simplified file transfer protocol that provides an easy way to download and upload files. Typically, TFTP is used for PXE booting (network boot, diskless workstations, etc.), import/export network equipment configs, firmware upgrades, and some other specific tasks. This protocol has no means of security, authentication, or management. Its main advantage is easy client-side implementation and high performance when large files are transferred. The protocol uses UDP port 69.
How to Run TFTPD64 Server on Windows
The most common way to quickly run a TFTP server on Windows is to use the free open-source tftpd64 (tftpd32) tool. You can download the tftpd64 portable or installation package here.
- Run the executable file
tftpd64.exe
; - There are several tabs in the tftpd64 interface. In the TFTP Server tab, click the Settings button, and select the root directory you want to share;
- Then set TFTP Security = None;
- You must restart the app after changing the TFTP settings;
- Open UDP port 69 in the Windows Firewall for incoming TFTP traffic. Create a Windows Firewall rule using PowerShell:
New-NetFirewallRule -DisplayName 'TFTP-UDP-In' -Direction Inbound -Action Allow -Protocol UDP -LocalPort 69
Enable-NetFirewallRule 'TFTP-UDP-In' - You can now connect to TFTPserver to send or download files.
The tftpd64 program can be used as a TFTP client. Specify the IP address of the TFTP server and the connection port (69 by default) in the TFTP Client tab.
You can now download (Get) or upload (Put) files to the specified tftp server.
Use the Log Viewer tab to review the TFTP operation and connection logs.
Enable TFTP Client on Windows
The TFTP client is not installed by default on Windows. You can install it on a Windows 10 or 11 machine with the command:
Enable-WindowsOptionalFeature –FeatureName TFTP -Online
A different command is used to install the TFTP client on Windows Server:
Install-WindowsFeature TFTP-Client
You will now be able to use the tftp.exe
command line tool to upload and download files via TFTP.
- Send (upload) file to TFTP server:
tftp 192.168.51.100 PUT testfile.bin
- Download file from TFTP:
tftp 192.168.51.100 GET testfile.bin
Installing Built-in TFTP Server on Windows Server
Windows Server has a built-in TFTP server that is part of the WDS role. It is used for PXE booting or installing Windows over the network. To install the TFTP service, open the Server Manager -> Add Roles and Features Wizard -> select the Windows Deployment Services role.
Select Transport Server only in the WDS role components.
Create a directory that will be the root directory for the TFTP server. For example, C:\tftp.
Specify the path to the TFTP root directory in the REG_SZ parameter RootFolder under the following registry key HKLM\SYSTEM\CurrentControlSet\services\WDSServer\Providers\WDSTFTP
The ReadFilter parameter contains a list of directories from which files can be downloaded. By default, you can only download files from the \boot\
and \tmp\
directories. You must add allowed directories to the ReadFilter parameter or specify \*
here if you are using a different directory structure.
Start the WDSServer service and change the startup type to Automatic.
Get-Service WDSServer| Start-Service
Set-service WDSServer -StartupType Automatic
Check that the TFTP service is running and that its process is listening on UDP port 69:
Get-Process -Id (Get-NetUDPEndpoint -LocalPort 69).OwningProcess
Windows Deployment Services (UDP-In) should be enabled in Windows Defender Firewall to allow access to TFTP on port UDP/69.
(Get-NetFirewallRule -displayname 'Windows Deployment Services (UDP-In)').enabled
Try downloading a file from a TFTP server using the built-in tftp.exe client:
tftp -i 192.168.158.10 get test.zip
The main drawback of the built-in TFTP server in Windows Server is that it does not allow you to upload files. Clients can only download files from such a TFTP server.
5 comments
But it’s only for “get file” not “put file”!!!
No write operations allowed…
You can only read data from such a Windows TFTP-server, write operations are impossible
[…] Make sure the machine you are using does not have WDS enabled , WDS uses TFTP […]
Thanks for this , that would be why my TFTP downloaded servers don’t work on my WDS Box!
Also make sure you enabled PORT 69 UDP on the windows firewall ( Guest network as this will be probably the network you are using ( not domain )
simply just restart wds server service after changing registry keys and no need to install deployment service