Cisco IOS Software Releases 12.4 T

Cisco IOS Software Release 12.4T Q&A

  • Viewing Options

  • PDF (215.2 KB)
  • Feedback

Last updated: February, 2009


Q. What type of customer will be interested in deploying Cisco IOS Software Release 12.4T?
A. Cisco recommends Release 12.4T for Enterprise and Access customers who need to:

• Drive business productivity with increased security, improved voice quality and functionality to the branch office, and enhanced Quality of Service (QoS)

• Deploy or upgrade IPv6, NetFlow, and associated management features

• Deploy small remote offices and teleworkers who depend on secure Internet access and corporate network connectivity

• Implement new content delivery features, network voice enhancements, improved security, and valuable management and deployment tools

Q. Where can customers download Release 12.4T?
A. Visit the Software Center on to download any release product This site also provides valuable Cisco IOS Software information about hardware/software compatibility, and ordering procedures. Please ensure that you are entitled to access and download the release through an active SMARTnet contract or purchased feature license.
Q. Are there any special memory requirements related to the deployment of Release 12.4T?
A. Prior to installing 12.4T, please consult the Cisco IOS 12.4T Support Page for requirements, which may vary depending upon hardware product and image feature set selections:
Q. What new features and hardware support are delivered in Release 12.4T?
A. The Release 12.4T family integrates innovations that span multiple technology areas, including Security & VPN, Voice, Cisco IOS Infrastructure, Access, High Availability, Network Management, Quality of Service, IP Multicast, Broadband, IP Routing, and IP Services. These integrated technologies are delivered on the broadest range of hardware in the industry, including the Cisco Integrated Services Routers, Cisco 7200 Series, and Cisco 7301 Router.

Types of Cisco IOS Software Releases

Q. What type of release is Release 12.4T?
A. Release 12.4T is a new technology (T) release, which integrates leading edge new technologies and features, new hardware support, and software maintenance.
Q. What is the relationship between Release 12.4T and Release 12.4?
A. Release12.4T integrates new technologies and features, new hardware support, and ongoing software maintenance (via software maintenance rebuild releases) on a regular basis.

Release 12.4 consolidates the new technology releases from the previous release family. For example, Release 12.4 is a consolidation of all features and hardware support in the Release 12.3T 1 family. Release 12.4 receives software fixes on regular basis, but no new features or hardware support.

Figure 1 shows the relationship between Release 12.4T and Release 12.4.

Figure 1. Release 12.4T and Release 12.4 Relationship

• First Commercial Shipment (FCS) is the date at which the release is first available to customers on

Q. What is the relationship between Release 12.4T and Release 12.4(n)T?
A. The numbering scheme with a T suffix (ie: 12.4T) is applied to a family of new technology releases. The formal numbering scheme is 12.4(n)T, where `n' represents the release number (ie: 12.4(4)T). New features, software improvements, and other enhancements are rolled out via the next new technology release at regular intervals, in line with market requirements and the strict Cisco quality schedule.
Q. How do Release 12.4(n)T releases differ from each other?
A. Each Cisco IOS Software new technology release is built upon the previous release. It integrates leading edge new technologies and features, new hardware support, and software maintenance.

Figure 2 below shows the relationship between Major Release 12.4T, individual 12.4(n)T new feature releases, and ongoing maintenance (additional software fixes) through release rebuilds of individual 12.4T releases.

Figure 2. Major Release 12.4T and Individual 12.4(n)T Release Relationship

Cisco IOS Software Release Portfolio

Q. How is Release 12.4T positioned within the Cisco IOS Software release portfolio?
A. Cisco IOS Software Release 12.4T integrates a portfolio of new capabilities, including security, voice, and IP services, with powerful hardware support to deliver advanced services for enterprise and access customers.
Q. RELEASE 12.4(24)T
Q. What key new features are highlighted in Release 12.4(24)T?
A. Release 12.4(24)T, the latest release of the 12.4T family, adds Cisco IOS BGP Support for 4-byte Autonomous System Numbers (ASN), Application-Based Routing for Mobile Router (MR) Multi-Path Support, Web Services Management Agent (WSMA), for advanced embedded capabilities to provision, manage, configure and adapt Cisco devices, Smart Call Home Support for the Cisco 7200 Series Router and, Cisco Unified Communications Manager Express and Cisco Unified SRST 7.1 enhancements.

Cisco IOS BGP Support for 4-byte Autonomous System Numbers (ASN)

The Cisco IOS BGP 4-byte ASN feature allows BGP to support the ASN encoded as a 4-byte entity. The addition of this feature allows an operator to use an expanded 4-byte AS number granted by IANA.

Application-Based Routing for Mobile Router (MR) Multi-Path Support

This feature extends existing MR Multi-Path routing support to enable static Access Control Lists (ACLs) and dynamic Policy-Based Routing (PBR) route-map commands to define unique traffic types and route these traffic classes over specified interfaces or paths. This feature enables you to bi-directionally define how specific traffic types should be routed across the multiple tunnels established between the MR and HA. The same ACL and PBR policies are used on both the MR and HA.

Web Services Management Agent (WSMA)

Web Services Management Agent (WSMA) allows customers, partners and developers to provision, configure, manage and adapt Cisco IOS devices using industry standard Web Services protocols. Combined with Extensible Markup Language (XML), Web Services provides secure, reliable and robust access to IOS using a familiar set of protocols already in use by the majority of customers and partners. WSMA leverages existing investments in IOS CLI as well as existing Web Services expertise and tools.

Smart Call Home Support for the Cisco 7200 Series Router

Smart Call Home is a powerful component of Cisco SMARTnet Service that offers proactive diagnostics, real-time alerts, and personalized web-based reports on select Cisco devices.

Cisco Unified Communications Manager Express and Cisco Unified SRST 7.1

Release 12.4(24)T provides a number of advanced Cisco Unified Communications Manager Express and Cisco Unified SRST features, including Single Number Reach (SNR), Whisper Intercom, SIP line side enhancements, CME/CUE user name/password synchronization, MLPP over PRI, enhanced BLF monitoring, SIP line side DND update, and video across SIP trunks between CMEs.

Release 12.4(22)T

Q. What new features are highlighted in Release 12.4(22)T?
A. Release 12.4(22)T enhances per- IPSec Tunnel QoS, firewall security for Unified Communications, advanced Embedded Management, and support for the Cisco 880 SRST and 880G Integrated Services Routers.

Per IPSec Tunnel Quality of Service (QoS)

This feature enables the DMVPN hub to dynamically allocate a QoS service policy for each spoke. The DMVPN hub can have multiple QoS policies for all the remote spokes. If QoS is configured, each spoke requests a QoS policy from the hub during Next Hop Resolution Protocol (NHRP) registration. This QoS service policy is applied on the hub in the outbound direction. A typical QoS policy provides multiple classes of service, including a priority queue for voice, and traffic shaping for the total bandwidth of all classes.

Cisco IOS Firewall Support for Trusted Relay Point

Cisco IOS firewall enhances security for Unified Communications (UC) by supporting Trusted Relay Point (TRP). This solution provides a trusted anchor within the network for seamless UC related services including media recording, QoS enforcement, and intelligent firewall traversal. Trusted Relay Point is a multi-functional architecture covering Quality of Service (QoS), Optimized Edge Routing (OER), and virtual network traversal. It eliminates the deep packet inspection and overhead associated with firewalling by signaling the firewall to permit traffic.

Advanced Embedded Management

– Cisco IOS Embedded Event Manager (EEM) Version 3.0: EEM is a powerful and flexible tool to automate tasks and customize the behavior of Cisco IOS and the operation of the device. Customers can use EEM to create and run programs or scripts directly on a router or switch. The scripts are referred to as EEM Policies and can be programmed using a simple CLI-based interface or using a scripting language called Tool Command Language (Tcl). EEM version 3.0 enhances performance, increases feature integration, adds new capabilities, and extends the flexibility, so EEM can be used in new and exciting ways.

– Flexible NetFlow Enhancements: Support for NetFlow v5 export format, TopTalkers CLI support, and Multicast statistics for IPv4.

Cisco 880SRST and 880G Integrated Services Routers

The Cisco 880SRST Series is ideal for small remote sites and teleworkers who need to be connected to larger Enterprises. These routers help extend corporate networks to secure remote sites while giving users access to the same applications found in a corporate office. The Cisco 880SRST Series routers offers WAN options like xDSL and Fast Ethernet (FE) WAN interface, a 4-port 10/100 FE managed switch with power over Ethernet, and the latest 802.11n Wireless LAN capability. In addition, the Cisco 880SRST Series offers 4 FXS ports, FXO or BRI for PSTN connectivity, and a 4 SRST user license.

The 880G Series with the 3G Wireless option offers a cost-effective, rapidly deployable, reliable and secure backup solution. In addition to 3G Wireless WAN, the Cisco 880G Series offers additional WAN options like xDSL and Fast Ethernet (FE) WAN interface, a 4-port 10/100 FE managed switch with VLAN support and the latest 802.11n Wireless LAN capability. The 880G Series supports the latest 3G standards (HSPA and EVDO Rev A) and are backward compatible with UMTS/EDGE/GPRS and EVDO Rev0/1xRTT respectively.

For additional information about the features available in Release 12.4(22)T, please visit: Cisco IOS Software Releases 12.4 T-Products & Services-Cisco Systems

Release 12.4(20)T

Q. What new features are highlighted in Release 12.4(20)T?
A. Release 12.4(20)T adds significant embedded management enhancements, category-based productivity and security ratings support, multi-level Quality of Service (QoS) scheduling, and support for Cisco 860, 880, and 1861 Routers.

Cisco IOS Service Diagnostics

Cisco IOS Service Diagnostics is an embedded feature that enables customers, partners and Cisco TAC engineers the ability to diagnose software and network neighborhood issues on Cisco platforms, minimizing troubleshooting time. It can be used to run diagnostic audits on the network and monitor device health and state.

Cisco IOS Content Filtering

Cisco IOS Content Filtering offers category-based productivity and security ratings. Content-aware security ratings protect against malware, malicious code, phishing attacks, and spyware. URL and keyword blocking help to ensure that employees are productive when accessing the Internet. This is a subscription-based hosted solution that leverages Trend Micro's global TrendLabs™ threat database, and is closely integrated with Cisco IOS. It is supported on routers running the Advanced Security image. Feature licenses can be purchased directly from the ordering tool or through your Cisco partner/account team.

Hierarchical Queuing Framework (HQF)

Cisco IOS Hierarchical Queuing Framework (HQF) enables customers to manage their QoS at multiple levels (physical interface level, logical interface level, and class level) of scheduling for applying QoS queuing and shaping. This provides the most comprehensive, granular, and flexible QoS network operating system architecture available in the industry today.

Cisco 860, 880, and 1861 Routers

The Cisco 860 and 880 are part of the Cisco 800 fixed-configuration router family and offer Internet access, security, and wireless services over broadband speeds onto a single, secure device that's simple to use and manage for small businesses. The Cisco 1861 Integrated Services Router, part of the Cisco 1800 Series Integrated Services Router portfolio, is a unified communications solution for small to medium size businesses and Enterprise branch offices that provides voice, data, voicemail, Automated-Attendant, video, and security capabilities while integrating with existing desktop applications such as calendar, email, and Customer Relationship Management (CRM) programs.

For additional information about the features available in Release 12.4(20)T, please visit: Cisco IOS Software Releases 12.4 T-Products & Services-Cisco Systems

Q. Are there any hardware platform migration considerations for Release 12.4(20)T?
A. Cisco IOS Software Release 12.4(20)T and later Cisco IOS T releases will not support several Cisco hardware platforms that were supported in prior Release 12.4T releases. These platforms will be supported by Release 12.4(15)T via regularly scheduled software maintenance rebuilds and bug fix support until the end of software maintenance date for the respective platform is reached.

• Cisco SOHO 90 Series

• Cisco 831, 836, 837, and 850 Series

• Cisco 1701, 1711, 1712, 1721, 1751, 1751-V, and 1760 Series

• Cisco 2610XM-2611XM, 2620XM-2621XM, 2650XM-2651XM, and 2691 Series

• Cisco 3631 and 3660 Series

• Cisco 3725 and 3745 Series

• Cisco 7400 Series

• Cisco AS5850 Universal Gateway

For more information refer to the following product bulletin:

Release 12.4(15)T

Q. What new features are highlighted in Release 12.4(15)T?
A. Release 12.4(15)T, the sixth release of the 12.4T family, streamlines and simplifies the Cisco IOS Software upgrade process (Cisco IOS Auto-Upgrade Manager), provides sub-second link failure detection and faster network convergence (BFD), delivers next-generation Layer 2-7 flexible packet classification, enhances intrusion protection (IPS) and SSLVPN capabilities, and provides support for the new Cisco 7201 Router.

Cisco IOS Auto-Upgrade Manager

Cisco IOS Auto-Upgrade Manager simplifies the Cisco IOS software upgrade process by providing a simple interface to specify, download, and upgrade (or downgrade) to a new Cisco IOS software image. Cisco IOS Auto-Upgrade Manager includes CLI-based management of automatic software downloads and upgrades. New software images can be automatically downloaded from Cisco with a valid login via SSL, or any other TFTP/FTP server in the user's network or elsewhere that contains the desired software image. The software upgrade can be schedule to occur immediately, or at a convenient future time using a "Warm-Upgrade" to minimize down time.

Bidirectional Forward Detection (BFD) Support for Cisco Integrated Services Routers

BFD is a detection protocol that is designed to provide fast forwarding path failure detection times for all media types. It provides a low-overhead, short-duration method of detecting failures in the forwarding path between two adjacent routers, including the interfaces, data links, and forwarding planes. BFD delivers fast router peer failure detection times independent of all media types, encapsulations, topologies, and routing protocols including EIGRP, IS-IS, OSPF, and BGP (single-hop peers over Ethernet interfaces).

Flexible Packet Matching (FPM)

Flexible Packet Matching (FPM) is the next-generation Access Control List (ACL) technology that provides flexible and rapid first line of defense against malicious traffic at the entry point into the network. It features powerful custom pattern matching deep within packet header or payload, minimizing inadvertent blocking of legitimate business traffic.

Intrusion Protection (IPS) and SSLVPN Enhancements

Cisco IOS IPS now supports signatures for many vulnerabilities found in Microsoft SMB (Server Message Block) and MSRPC (Microsoft Remote Procedure Call) protocols. New SSLVPN features in Cisco IOS Software Release 12.4(15)T include SSLVPN clientless performance and GUI enhancements, SSLVPN user-level bookmarking, and front door-VRF support.

Cisco 7201 Router

The Cisco 7201 Router is the latest generation of the Cisco 7200 Series Family. It is a compact, high performance Single Rack Unit (RU) router that uses the latest Cisco 7200VXR Network Processing Engine NPE-G2 coupled with a comprehensive range of interface options. Cisco 7201 provides four built-in Gigabit Ethernet ports and one port adapter (PA) slot which makes it ideal for various service providers and enterprise applications.

Release 12.4(11)T

Q. What new features are highlighted in Release 12.4(11)T?
A. Release 12.4(11)T, the fifth release of the 12.4T family, delivers new Layer 2 VPN transport over MPLS capabilities, enhanced MPLS management, mobile IPv6 authorization and identity support, next-generation WAN encryption technology (Group Encrypted Transport VPN), and support for the high performance Network Processing Engine G2 and VPN Service Adapter for the Cisco 7200 Series Router.

Layer 2 VPN Transport over MPLS

The fundamental benefit of an MPLS network is being able to support multitude of applications over a single infrastructure. Any Transport over MPLS (AToM) is Cisco's Layer 2 (L2) Virtual Private Network (VPN) over MPLS network solution. Prior to the availability of AToM, Enterprises and service providers had to build separate networks for providing L2 connectivity based on the subscriber's existing network encapsulation. AToM enables Enterprise and service providers to consolidate these different networks, resulting in significant capital (CAPEX) savings and reduced operational costs.

Enhanced MPLS Management for Layer 2 VPNs

Cisco IOS MPLS embedded management offers standards-based management capabilities for IP/MPLS networks, including PseudoWire (PW) connectivity supporting Layer-2 VPN services. In addition to RFC4379-based MPLS OAM capabilities for MPLS core networks, Cisco's industry leading MPLS management feature portfolio now also offers network operators detailed Layer-2 MPLS VPN resource monitoring and connectivity troubleshooting capabilities,

Enhanced Mobile IPv6 Authorization and Identity Support

The Mobile IPv6 Authentication Option Support feature provides a lightweight shared-key approach to authenticate an IPv6 mobility enabled endpoint, conserving processing power on mobile nodes and minimizing control message network bandwidth consumption between mobile nodes and home agents. Mobile IPv6 network access identifier support expands the number of authentication options by allowing mobile node to be identified by a network access identifier instead of an IP home address.

Group Encrypted Transport VPN

Group Encrypted Transport (GET) VPN, a next-generation WAN encryption technology, eliminates the need to compromise between network intelligence and keeping data private. GET VPN introduces a new IPSec-based security model that is based on the concept of "trusted" group members. Trusted member routers use a common security methodology independent of any point-to-point IPSec tunnel relationship. By utilizing trusted groups instead of point-to-point tunnels, meshed networks are able to achieve higher scalability while delivering network intelligence features such as QoS, routing, and multicast critical for voice and video quality.

Network Processing Engine G2 and VPN Service Adapter for the Cisco 7200 Series Router

The Cisco Network Processing Engine G2 (NPE-G2) addresses the demand for performance and flexibility by further increasing Cisco 7200 Series Router processing capacity and helping enable the latest Cisco IOS Software features. The Cisco VPN Services Adapter (VSA) for Cisco 7200 Series Routers provides high-performance encryption and key-generation services for IP Security (IPsec) VPN applications.

For additional information about the features available in Release 12.4(11)T, please visit:

Release 12.4(9)T

Q. What new features are highlighted in Release 12.4(9)T?
A. Release 12.4(9)T , the fourth release of the 12.4T family, delivers improved manageability, integrated IP communications, enhanced HTTP and P2P security, and faster routing protocol convergence.

Improved Manageability

Cisco IOS Flexible NetFlow is the next-generation in IP flow monitoring technology allowing user configurable flow information to perform customized traffic identification and focused monitoring of specific network attributes. By optimizing the network infrastructure, it reduces operation costs, improves capacity planning and security incident detection with increased flexibility and scalability. 

Integrated IP Communications

Cisco Unified CallManager Express (CME) 4.0 for the Cisco Integrated Services Routers (ISR) enables the deployment of a cost-effective, highly reliable IP communications system with a single Cisco ISR using Cisco IOS Software for Small/Medium Business applications. CME 4.0 provides new IP Communications capabilities, including Cisco VT Advantage for Video Telephony, IP Telephony registration across VPNs for Remote Teleworkers, and enhanced SIP Trunking for greater call control using the SIP protocol.

Enhanced HTTP and P2P Security

Cisco IOS Firewall enhances protection against network worms, HTTP vulnerabilities, and buffer overflows with HTTP Application Inspection (AI). New P2P (Peer to Peer) control capabilities support blocking or rate limiting these protocols for increased network availability and tighter network usage control. Cisco IOS Firewall also introduces session limits for inspected traffic to defend against DoS attacks and enable control of network resource utilization.

Faster Routing Protocol Convergence

Bidirectional Forwarding Detection (BFD) Echo Mode offers a fast (sub-second), protocol-independent method for detecting link failures to enable faster convergence of routing protocols and increased network availability. 

For additional information about the features available in Release 12.4(9)T, please visit:

Release 12.4(6)T

Q. What new features are highlighted in Release 12.4(6)T?
A. Release 12.4(6)T, the third release of the 12.4T family, delivers highly available firewalls, comprehensive endpoint and network security for Secure Socket Layer (SSL) VPN environments, and optimized bandwidth management for improved VoIP call quality.

Cisco IOS Security

Cisco IOS Firewall enhances network availability and simplifies management with Firewall Stateful Failover, Zone-Based Policy Configuration, and a Cisco Unified Firewall MIB. The integration of Cisco IOS Firewall, Cisco IOS Intrusion Prevention System, and Cisco IOS WebVPN on the Cisco Integrated Services Routers enables an integrated security solution for enterprise and service provider customers.

Cisco IOS WebVPN delivers comprehensive endpoint security with Cisco Secure Desktop by providing host assessment, protection against malicious software, post-session clean-up, and privacy. It integrates with firewall, access controls, intrusion prevention, and application control to offer a single-router solution for cost-effective SSL VPN.


With Resource Reservation Protocol (RSVP) Application ID and Cisco Unified Call Manager, RSVP Agent for Call Admission Control improves VoIP call quality by providing an integrated Call Admission Control and Quality of Service solution for voice and videoconferencing applications. RSVP Agent for Call Admission Control enables dynamic, guaranteed bandwidth reservation for voice or video traffic across networks with multi-tiered, meshed topologies with SIP, MGCP, SCCP, or H.323 signaling protocols.

IP Routing

Enhanced Interior Gateway Routing Protocol (EIGRP) for IPv6 extends EIGRP to the next-generation IPv6 infrastructure, extending seamless IPv6 integration to EIGRP for IPv4 users in enterprise, public sector (ie: defense and government), and wireless environments.

For additional information about the features available in Release 12.4(6)T, please visit:

Release 12.4(4)T

Q. What are the highlights of Release 12.4(4)T?
A. Hardware

The Cisco 1801, 1802, 1803 Integrated Services Routers provide a cost-effective, single-box solution for small, medium, and branch office applications with secure concurrent services for broadband access, including ADSL2/ADSL2+, wireless LAN connectivity (simultaneous 802.11a/b/g), and Redundant WAN Links.


Cisco IOS Flexible Packet Matching (FPM) is next-generation Access Control List (ACL) technology that provides a rapid first line of defense against malicious traffic at the entry point into the network. It features powerful custom pattern matching deep within a packet header or payload, minimizing inadvertent blocking of legitimate business traffic.

Application Firewall for Instant Messenger Traffic Enforcement reduces exposure to potential vulnerabilities from instant messenger clients. It offers flexible policy enforcement by enabling administrators to restrict user access to specific instant messenger services (ie: text chat, voice or video chat, and file transfer) and to ensure judicious use of network resources.


Cisco IOS IP Service Level Agreements (SLAs) for VoIP with Real Time Protocol extends the productivity, OpEx, and availability benefits of Cisco IOS IP SLAs to VoIP networks. Application-aware performance monitoring for VoIP networks measures call and voice statistics (ie: quality, jitter, delay, and frame loss) to facilitate network health, readiness, and troubleshooting.

High Availability

Hot Standby Router Protocol (HSRP) for IPv6 increases network availability by extending the fault tolerance and fast switchover capabilities of HSRP to IPv6. This feature reduces protocol overhead and switchover times to just a few seconds, versus those available from the normal IPv6 Neighbor Discovery mechanisms.

NetFlow Reliable Export via Stream Control Transport Protocol ensures the integrity of accounting and billing information. It facilitates highly reliable NetFlow export via redundant NetFlow streams to minimize the effects of network congestion and packet loss.

For additional information about the features available in Release 12.4(4)T, please visit Release 12.3T New Features and Hardware, Product Bulletin No. 3001.

Release 12.4(2)T

Q. What new features are highlighted in Release 12.4(2)T?
A. For information about the features available in Release 12.4(2)T, please visit:

Cisco IOS Software Release Policy

Q. What is the Cisco IOS Software Release Policy?
A. The Cisco IOS Software Release Policy is a structured plan that addresses the Cisco IOS Software Lifecycle from First Commercial Shipment (FCS) through End of Life (EoL). The Release Policy addresses lifecycle guidelines and migration planning.
Q. What are the milestones of the Cisco IOS Software Release Lifecycle?
A. For information about milestones, please visit Product Bulletin No. 2214, Cisco IOS Software Product Lifecycle Dates and Milestones:


Q. What is Cisco IOS Packaging?
A. Cisco IOS Packaging simplifies the image selection process by consolidating the total number of packages and using consistent package names across all hardware products.
Q. Where can I get additional information about Cisco IOS Packaging?

Additional Information

Q. What are release notes and caveats?
A. Release notes are detailed descriptions of the Release 12.4T features and hardware support are available at:

Caveats describe unexpected behavior (ie: software defect) in Cisco IOS Software releases. Release notes include a list of resolved caveats from the most recent maintenance release, as well as a list of open caveats and any existing workaround.

Q. Where can I find additional information and collateral about Release 12.4T?
1Cisco IOS Software Release 12.3T has reached End of Sale and End of Software Maintenance: