Guest

Cisco IOS Software Releases 12.2 Special and Early Deployments

Cisco 800 Series - Cisco IOS Release 12.2(1)XE

  • Viewing Options

  • PDF (438.9 KB)
  • Feedback
Release Notes for the SOHO 70 Series Routers and the Cisco 800 Series Routers for Cisco IOS Release 12.2(1)XE

Table Of Contents

Release Notes for the SOHO 70 Series Routers and the Cisco 800 Series Routers for Cisco IOS Release 12.2(1)XE

Contents

System Requirements

Memory Requirements

Hardware Supported

Cisco 806 Router

SOHO 78 and Cisco 828 Routers

Determining the Software Version

Upgrading to a New Software Release

Feature Set Tables

New and Changed Information

New Hardware Features in Release 12.2(1)XE1

Cisco 828 and Cisco 78 Routers

New Hardware Features in Release 12.2(1)XE

Cisco 806 Router

New Software Features in Release 12.2(1)XE1

Digital Subscriber Line Features on the Cisco 828 Router

New Software Features in Release 12.2 T

Limitations and Restrictions

Cisco 806 Router Limitations

boot system flash imagename Command Not Supported

boot system tftp Command Not Supported

IPSec Unavailable When Fast-Switching Enabled

Important Notes

Configuring PPPoE on a Cisco 806 Router

Cisco 806 Router Supported MIBs

Cisco 828 Router Supported MIBs

Standard MIBs

Cisco MIBs

New MIBs:

Caveats

Resolved Caveats - Release 12.2(1)XE2

Management

Caveats for Release 12.2(1)XE

Miscellaneous

Documentation Updates

Omissions

Point-to-Point Protocol Remote System Authentication

Challenge Handshake Authentication Protocol Configuration

Configuring One-Way Authentication Using CHAP

Example Configuration

Related Documentation

Release-Specific Documents

Platform-Specific Documents

Cisco 806 Router

Cisco 828 and SOHO 78 Routers

Software Configuration

Feature Modules

Feature Navigator

Cisco IOS Software Documentation Set

Documentation Modules

Release 12.2 Documentation Set

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Contacting TAC by Using the Cisco TAC Website

Contacting TAC by Telephone


Release Notes for the SOHO 70 Series Routers and the Cisco 800 Series Routers for Cisco IOS Release 12.2(1)XE


February 13, 2002

These release notes for the Cisco 800 Series Routers and the SOHO 70 Series Routers describe the enhancements provided in Cisco IOS Release 12.2(1)XE2. These release notes are updated as needed. Use these release notes with Cross-Platform Release Notes for Cisco IOS Release 12.2 located on Cisco.com and the Documentation CD-ROM.

For a list of the software caveats that apply to Cisco IOS Release 12.2(1)XE2, see the "Caveats" section and Caveats for Cisco IOS Release 12.2 T. The caveats document is updated for every maintenance release and is located on Cisco.com and the Documentation CD-ROM.

Contents

These release notes discuss the following topics:

System Requirements

New and Changed Information

Limitations and Restrictions

Important Notes

Caveats

Documentation Updates

Related Documentation

Obtaining Documentation

Obtaining Technical Assistance

System Requirements

This section describes the system requirements for Release 12.2(1)XE2 and includes the following sections:

Memory Requirements

Hardware Supported

Determining the Software Version

Upgrading to a New Software Release

Feature Set Tables

Memory Requirements

Table 1 and Table 2 provide the memory requirements for the Cisco IOS feature sets supported by Cisco IOS Release 12.2(1)XE2 on the SOHO 70 Series Routers and the Cisco 800 Series Routers.

Table 1 Memory Requirements for the SOHO 70 Series Routers

Platforms
Image Name
Image
Required Flash Memory
Required DRAM Memory
Runs From

SOHO 78 routers

SOHO 78 Series IOS IP

soho78-y1-mz

8 MB

16 MB

RAM


Table 2 Memory Requirements for the Cisco 800 Series Routers

Platforms
Image Name
Image
Required Flash Memory
Required DRAM Memory
Runs From

Cisco 806 routers

Cisco 806 Series IOS IP

c806-y6-mz

8 MB

16 MB

RAM

Cisco 806 Series IOS IP Plus

c806-sy6-mz

8 MB

16 MB

RAM

Cisco 806 Series IOS IP/FW

c806-oy6-mz

8 MB

16 MB

RAM

Cisco 806 Series IOS IP/FW Plus IPSec 3DES

c806-k9osy6-mz

8 MB

20 MB

RAM

Cisco 828 routers

Cisco 828 Series IOS IP

c828-y6-mz

8 MB

16 MB

RAM

Cisco 828 Series IOS IP Plus

c828-sy6-mz

8 MB

20 MB

RAM

Cisco 828 Series IOS IP/FW

c828-oy6-mz

8 MB

20 MB

RAM

Cisco 828 Series IOS IP/FW Plus IPSec 3DES

c828-k9osy6-mz

8 MB

24 MB

RAM


Hardware Supported

Cisco IOS Release 12.2(1)XE2 supports the following Cisco routers:

SOHO 78

Cisco 806

Cisco 828

For detailed descriptions of new hardware features, see New Hardware Features in Release 12.2(1)XE.

Cisco 806 Router

The Cisco 806 router provides the following key hardware features:

Provides connection to 10BaseT (10-Mbps) Ethernet networks and is compatible with 10/100-Mbps devices.

Flash memory: The Cisco IOS uses the current default of 8 MB for loading Cisco IOS images.

Webflash: 2 MB of Flash memory reserved for use by the Cisco Router Web Setup software.

Cisco 806 Router Dynamic RAM: Default is 16 MB of DRAM and is expandable to 32 MB, using 4-MB, 8-MB, and 16-MB DIMM cards.

The central processing unit is a 50 MHz MPC 855T RISC processor.

Supports Cisco IOS software.

Color-coded ports and cable reduce the chance of cabling errors.

Routers can be stacked or mounted on a wall.

Cable lock for physically securing the router.

The routers provide locking power connectors and a Kensington-compatible locking slot.

Table 3 summarizes Cisco 806 router ports.

Table 3 Cisco 806 Router Ports

Port Type
Description

Ethernet Port

One 10BaseT (RJ-45). Connects to broadband modem or Ethernet switch.

Ethernet Hubbed Ports

Four 10BaseT (RJ-45). Connect to Ethernet network devices.

Console Port

One (RJ-45).


SOHO 78 and Cisco 828 Routers

The SOHO 78 and Cisco 828 routers provide the following key hardware features:

Provide connection to 10BaseT (10-Mbps) Ethernet networks and is compatible with 10/100-Mbps devices.

Provide connection to G.991.2 (digital-encoding standard) symmetrical high-speed digital subscriber line (G.SHDSL) networks.

Flash memory: The Cisco IOS uses the current default of 8 MB for loading Cisco IOS images, upgradable by an additional 8 MB.

Webflash: 2 MB of Flash memory reserved for use by the Cisco Router Web Setup software.

Dynamic RAM: Default is 16 MB of DRAM and is expandable to 32 MB, using 4-MB, 8-MB, and 16-MB DIMM cards.

The central processing unit is a 50 MHz MPC 855T RISC processor.

Support Cisco IOS software.

Color-coded ports and cables, which reduce the chance of cabling errors.

Support router stacking or mounting on a wall.

Accept a cable lock for physically securing the routers.

Provide locking power connectors.

Table 3 summarizes SOHO 78 and Cisco 828 router ports.

Table 4 Cisco SOHO 78 and Cisco 828 Router Ports

Port Type
Description

Ethernet Hubbed Ports

Four 10BaseT (RJ-45). Connect to Ethernet network devices.

G. SHDSL Port

One (RJ-11). Provides connection to G. SHDSL networks.

Console Port

One (RJ-45).


Determining the Software Version

To determine the version of Cisco IOS software running on your SOHO 78, Cisco 806 or Cisco 828 router, log in to the router and enter the show version EXEC command. The following sample displays command output from a Cisco 806 router running Release 12.2(1)XE2:

Router> show version
Cisco Internetwork Operating System Software 
IOS (tm) 12.2 Software (c806-y6-mz), Version 12.2(1)XE2, RELEASE SOFTWARE

Upgrading to a New Software Release

For general information about upgrading to a new software release, see Upgrading the Cisco IOS  Software Release in Cisco Routers and Modems located at: http://www.cisco.com/warp/public/620/6.html 

Feature Set Tables

The Cisco IOS software is packaged in feature sets consisting of software images—depending on the platform. Each feature set contains a specific set of Cisco IOS features. Release 12.2(1)XE2 supports the same feature sets as Releases 12.2 T, but Release 12.2(1)XE2 can include new features supported by the SOHO 70 Series Routers and the Cisco 800 Series Routers. Table 5 and Table 6 list the feature sets supported by the SOHO 70 Series Routers and the Cisco 800 Series Routers.

Table 5 Feature Set Supported by the SOHO 78 Routers 

Image Name
Feature Set
Software Image
Platform

SOHO 78 Series IOS IP

IP

soho78-y1-mz

SOHO 78 routers


Table 6 Feature Sets Supported by the Cisco 806 and 828 Routers 

Image Name
Feature Set
Software Image
Platform

Cisco 806 Series IOS IP

IP

c806-y6-mz

Cisco 806 routers

Cisco 806 Series IOS IP Plus

IP, Plus

c806-sy6-mz

Cisco 806 Series IOS IP/FW

IP, FW

c806-oy6-mz

Cisco 806 Series IOS IP/FW Plus IPSec 3DES

IP, FW, Plus, IPSec 3DES

c806-k9osy6-mz

 

Cisco 828 Series IOS IP

IP

c828-y6-mz

Cisco 828 routers

Cisco 828 Series IOS IP Plus

IP, Plus

c828-sy6-mz

 

Cisco 828 Series IOS IP/FW

IP, FW

c828-oy6-mz

 

Cisco 828 Series IOS IP/FW Plus IPSec 3DES

IP, FW, Plus, IPSec 3DES

c828-k9osy6-mz

 

Table 7 lists the features and feature sets supported by the SOHO routers in Cisco IOS Release 12.2(1)XE2. Table 8 lists the features and feature sets supported by the Cisco 806 routers in Cisco IOS Release 12.2(1)XE2 and Table 9 lists the features and feature sets supported by the Cisco 828 routers in Cisco IOS Release 12.2(1)XE2. The tables use the following conventions:

Yes—The feature is supported in the software image.

No—The feature is not supported in the software image.


Note These feature set tables only contain a selected list of features. These tables are not cumulative—nor do they list all the features in each image.


Table 7 Feature List by Feature Set for the SOHO 78 Routers 

 
Feature Sets
Features
IP
Address Conservation
 

DHCP Client Address Negotiation

Yes

DHCP Server, Relay Agent

Yes

IPCP Address Negotiation

Yes

NAT Many to One (PAT)

Yes

NAT Many to Many (Multi-NAT)

Yes

Bandwidth Optimization
 

NetBIOS Name Caching

No

STAC Compression

Yes

Business-Class Quality of Service
 

ATM TX Ring Programming

Yes

CBR, VBRnrt, UBR Traffic Classes

No

Class-Based Weighted Fair Queuing

No

LFI/LLQ

No

Per-Virtual Circuit Queuing

No

Per-Virtual Circuit Shaping

No

Weighted Random Early Detection

No

Business-Class Security
 

GRE Tunneling

No

IP Basic and Extended Access Lists

Yes

NetBIOS Access Lists

No

PAP/CHAP Authentication

Yes

Route and Router Authentication

No

Ease of Use and Deployment
 

Cisco Router Web Setup (CRWS)

Yes

Fast Switching

Yes

Easy IP Phase I and II

Yes

HTTP Server

Yes

NTP Server, NTP Client

No

PPPoE MTU Adjustment

Yes

Enhanced Security
 

Cisco IOS Firewall

No

Context-Based Access Control Lists

No

Denial-of-Service Detection

No

IPSec Encryption with 3DES

No

Java Blocking

No

RADIUS

No

Real-Time Alerts

No

TACACS+ (also a management feature)

No

LAN
 

IP

Yes

Transparent Bridging

Yes

Management
 

CiscoView

Yes

DNS Resolver

Yes

OpenDSL

No

SNTP

Yes

SNMP, Telnet, Console Port

Yes

SSH Telnet

No

Syslog

Yes

TFTP Client and Server

Yes

Performance
 

Service Assurance Agent (SSA)

No

Routing
 

IP Enhanced IGRP

No

IP Multicast (relay only)

No

IP-Policy Routing

No

RIP/SAP WAN

No

Policy-based Routing

No

PPPoE Termination-End Routing (over Ethernet)

Yes

RIP, RIPv2

Yes


Table 8 Feature List by Feature Set for the Cisco 806 Routers 

 
Feature Sets
Features
IP
IP Plus
IP/FW
IP/FW Plus IPSec 3DES
Address Conservation
       

DHCP Client Address Negotiation

Yes

Yes

Yes

Yes

DHCP Server, Relay Agent

Yes

Yes

Yes

Yes

IPCP Address Negotiation

Yes

Yes

Yes

Yes

NAT Many to One (PAT)

Yes

Yes

Yes

Yes

NAT Many to Many (Multi-NAT)

Yes

Yes

Yes

Yes

Bandwidth Optimization
       

NetBIOS Name Caching

No

No

No

No

STAC Compression

Yes

Yes

Yes

Yes

Business-Class Quality of Service
       

Class-Based Weighted Fair Queuing

No

No

No

No

LFI/LLQ

No

No

No

No

Per-Virtual Circuit Queuing

No

No

No

No

Weighted Random Early Detection

No

No

No

No

Business-Class Security
       

GRE Tunneling

No

Yes

No

Yes

IP Basic and Extended Access Lists

Yes

Yes

Yes

Yes

NetBIOS Access Lists

No

No

No

No

PAP/CHAP Authentication

Yes

Yes

Yes

Yes

Route and Router Authentication

Yes

Yes

Yes

Yes

Ease of Use and Deployment
       

Cisco Router Web Setup (CRWS)

Yes

Yes

Yes

Yes

Fast Switching

Yes

Yes

Yes

Yes

Easy IP Phase I and II

Yes

Yes

Yes

Yes

HTTP Server

Yes

Yes

Yes

Yes

NTP Server, NTP Client

No

Yes

No

Yes

PPPoE MTU Adjustment

Yes

Yes

Yes

Yes

Enhanced Security
       

Cisco IOS Firewall

No

No

Yes

Yes

Context-Based Access Control Lists

No

No

Yes

Yes

Denial-of-Service Detection

No

No

Yes

Yes

IPSec Encryption with 3DES

No

No

No

Yes

Java Blocking

No

No

Yes

Yes

RADIUS

No

Yes

No

Yes

Real-Time Alerts

No

No

Yes

Yes

TACACS+ (also a management feature)

No

Yes

No

Yes

LAN
       

IP

Yes

Yes

Yes

Yes

Transparent Bridging

Yes

Yes

Yes

Yes

Management
       

CiscoView

Yes

Yes

Yes

Yes

DNS Resolver

Yes

Yes

Yes

Yes

OpenDSL

No

No

No

No

SNTP

Yes

Yes

Yes

Yes

SNMP, Telnet, Console Port

Yes

Yes

Yes

Yes

SSH Telnet

No

Yes

No

Yes

Syslog

Yes

Yes

Yes

Yes

TFTP Client and Server

Yes

Yes

Yes

Yes

Performance
       

Service Assurance Agent (SSA)

No

Yes

No

Yes

Routing
       

IP Enhanced IGRP

No

Yes

No

Yes

IP Multicast (relay only)

No

Yes

No

Yes

IP-Policy Routing

No

Yes

No

Yes

IPX RIP/SAP IPX WAN

No

No

No

No

Policy-based Routing

No

Yes

No

Yes

PPPoE Termination-End Routing (over Ethernet)

Yes

Yes

Yes

Yes

RIP, RIPv2

Yes

Yes

Yes

Yes


Table 9 Feature List by Feature Set for the Cisco 828 Routers 

 
Feature Sets
Features
IP
IP Plus
IP Firewall
IP/IPX Firewall Plus IPSec 3DES
Routing/Bridging
       

IP

Yes

Yes

Yes

Yes

PPPoE, PPPoA, RFC1483 routed or bridged

Yes

Yes

Yes

Yes

Transparent Bridging

Yes

Yes

Yes

Yes

Routing Protocols

 

 

 

 

IP Enhanced IGRP

No

Yes

No

Yes 

IP Multicast (relay only)

No

Yes

No

Yes

IP-Policy Routing (also listed in QoS)

No

Yes

No

Yes

RIP, RIPv2

Yes

Yes

Yes

Yes

Business-Class Security

 

 

 

 

GRE Tunneling

No

Yes

No

Yes

IP Basic and Extended Access Lists, Named Access Lists

Yes

Yes

Yes

Yes

IPSec 56 Bit & 3DES Encryption

No

No

No

Yes

PAP, CHAP, Local Password

Yes

Yes

Yes

Yes

Route and Router Authentication

Yes

Yes

Yes

Yes

SSH

No

No

No

Yes

Stateful Firewall

No

No

Yes

Yes

Business-Class Quality of Service

 

 

 

 

CBR, VBRnrt, UBR Traffic Classes

Yes

Yes

Yes

Yes

IP Policy Routing

Yes

Yes

Yes

Yes

LFI, LLQ

No

Yes

No

Yes

Per-VC Queuing

Yes

Yes

Yes

Yes

Per-VC Shaping

Yes

Yes

Yes

Yes

Weighted Random Early Detection

Yes

Yes

Yes

Yes

Bandwidth Optimization

 

 

 

 

STAC Compression

Yes

Yes

Yes

Yes

Ease of Use and Deployment

 

 

 

 

Easy IP Phase I and II

Yes

Yes

Yes

Yes

Web based configuration tool - Cisco Router Web Set Up tool

Yes

Yes

Yes

Yes

Management

 

 

 

 

CiscoView Support

Yes

Yes

Yes

Yes

NTP Server, NTP Client

No

No

No

No

SA Agent

No

Yes

No

Yes

SNTP

Yes 

Yes

Yes 

Yes 

SNMP, Telnet, Console Port

Yes

Yes

Yes

Yes

Syslog

No

Yes

No

Yes 

TACACS+ (also a security feature)

Yes

Yes

Yes

Yes

TFTP Client and Server

Yes

Yes

Yes

Yes

Address Conservation

 

 

 

 

NAT Many to One (PAT)

Yes

Yes

Yes

Yes

NAT Many to Many (Multi-NAT)

Yes

Yes

Yes

Yes

IPCP Address and Subnet Mask Negotiation

Yes

Yes

Yes

Yes

DHCP Client Address Negotiation

Yes

Yes

Yes

Yes

DHCP Server

Yes

Yes

Yes

Yes

DHCP Server Import

Yes

Yes

Yes

Yes


New and Changed Information

The following sections list the new hardware and software features supported by the Cisco 800 series for Release 12.2(1)XE2 and above:

New Hardware Features in Release 12.2(1)XE1

The following sections list the new hardware features supported by the Cisco 800 Series Routers for Release 12.2(1)XE1.

Cisco 828 and Cisco 78 Routers

The Cisco 828 and Cisco 78 routers connect corporate telecommuters and small offices to corporate LANs and the Internet through Internet Service Providers (ISPs), using symmetrical high-data-rate digital subscriber lines (SHDSLs). The routers provides bridging and multiprotocol routing between LAN and WAN ports.

New Hardware Features in Release 12.2(1)XE

The following sections list the new hardware features supported by the Cisco 800 Series Routers for Release 12.2(1)XE.

Cisco 806 Router

The Cisco 806 router connects corporate telecommuters and small offices to corporate LANs and the Internet through Internet Service Providers (ISPs), using a broadband or Ethernet connection. The router provides bridging and multiprotocol routing between LAN and WAN ports.

New Software Features in Release 12.2(1)XE1

The following sections list the new software features supported by the Cisco 800 Series Routers for Release 12.2(1)XE1.

Digital Subscriber Line Features on the Cisco 828 Router

The Cisco 828 business-class G.shdsl router provides business-class functionality for small offices and telecommuters by supporting business-class security, differentiated classes of service, and managed network services. G.shdsl is the latest version of digital subscriber line (DSL) technology and provides businesses a symmetrical service for bandwidth intensive applications.

G.shdsl supports upstream and downstream speeds up to 2.3 MB per second, and reaches customers up to 28,000 feet from a Telco or Post, Telephone, and Telegraph (PTT) Office. G.shdsl is a standards-based technology and the Cisco 828 router supports the ITU G.991.2 standard.

The DSL features on the Cisco 828 router introduce new command line interface (CLI) commands. These ATM interface commands set the DSL line rate speed and specify whether the Cisco 828 router is customer premises equipment (CPE) or central office (CO) equipment. In addition, two associated new debug commands are available for troubleshooting.

New Software Features in Release 12.2 T

For information regarding the features supported in Cisco IOS Release 12.2 T, refer to the Cross-Platform Release Notes and New Feature Documentation links at the following location on Cisco.com:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/index.htm

This URL is subject to change without notice. If it changes, point your web browser to Cisco.com, and click on the following path:

Service & Support: Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Cisco IOS Release 12.2

Limitations and Restrictions

Cisco 806 Router Limitations

boot system flash imagename Command Not Supported

Although the boot system flash command is supported in Release 12.2(1)XE2, the configuration command boot system flash imagename is not supported.

boot system tftp Command Not Supported

The configuration command boot system tftp is not supported in Release 12.2(1)XE2.

IPSec Unavailable When Fast-Switching Enabled

For some interfaces, if fast-switching is enabled, IPSec does not function. For example, the dialer interface, used for PPPoE configuration, does not support fast-switching and IPSec simultaneously.

Important Notes

The following sections contain important notes about Cisco IOS Release 12.2(1)XE2. (Also, see the "Caveats" section.)

Configuring PPPoE on a Cisco 806 Router

When specifying the method of authentication while configuring PPPoE and connecting to a Service Provider, the optional argument might be required to successfully authenticate the connection. For example:

interface Dialer0
 ppp authentication pap optional

or

interface Dialer0
 ppp authentication chap optional

Cisco 806 Router Supported MIBs

The following MIBs are supported on the Cisco 806 router:

ENTITY-MIB

IF-MIB

SNMPv2-MIB

TCP-MIB

UDP-MIB

CISCO-IMAGE-MIB

CISCO-SYSLOG-MIB

CISCO-MEMORY-POOL-MIB

Cisco 828 Router Supported MIBs

Standard MIBs

ATM-MIB.my

ENTITY-MIB.my

IF-MIB.my

IGMP-MIB.my

INT-SERV-GUARANTEED-MIB.my

INT-SERV-MIB.my

IPMROUTE-MIB.my

PIM-MIB.my

RFC1213-MIB.my

RFC1381-MIB

RFC1398-MIB.my (ETHERMIB)

RSVP-MIB.my

SNMPv2-MIB.my

TCP-MIB.my

UDP-MIB.my

Cisco MIBs

CISCO-AAL5-MIB.my

CISCO-ATM-EXT-MIB.my

CISCO-BULK-FILE-MIB.my

CISCO-CAR-MIB.my

CISCO-FLASH-MIB.my

CISCO-IETF-ATM2-PVCTRAP-MIB.my

CISCO-IMAGE-MIB.my

CISCO-IP-STAT-MIB.my

CISCO-IPMROUTE-MIB.my

CISCO-MEMORY-POOL-MIB.my

CISCO-PING-MIB.my

CISCO-QUEUE-MIB.my

CISCO-SNAPSHOT-MIB.my

CISCO-SYSLOG-MIB.my

CISCO-TCP-MIB.my

OLD-CISCO-CHASSIS-MIB.my

OLD-CISCO-CPU-MIB.my

OLD-CISCO-INTERFACES-MIB.my

OLD-CISCO-IP-MIB.my

OLD-CISCO-MEMORY-MIB.my

OLD-CISCO-SYSTEM-MIB.my

OLD-CISCO-TCP-MIB.my

New MIBs:

Cisco 828 routers support the SDSL-LINE-MIB with the G.shdsl extension.

Caveats

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats, severity 2 caveats are less serious, and severity 3 caveats are the least serious of these three severity levels.

Caveats in Cisco IOS Releases 12.2 and 12.2 T are also in Cisco IOS Release 12.2(1)XE2. For information on caveats in Cisco IOS Release 12.2, see Caveats for Cisco IOS Release 12.2. For information on caveats in Cisco IOS Release 12.2 T, see Caveats for Cisco IOS Release 12.2 T. These two documents list severity 1 and 2 caveats and are located on CCO and the Documentation CD-ROM.


Note If you have an account with Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in toCisco.com and click Service & Support: Technical Assistance Center: Tool Index: Bug Toolkit. Another option is to go to http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. 


Resolved Caveats - Release 12.2(1)XE2

This section describes unexpected behavior that is fixed in Release 12.2(1)XE2.

Management

CSCdw65903

An error can occur with management protocol processing. Please use the following URL for further information:

http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903 

Caveats for Release 12.2(1)XE

This section describes possibly unexpected behavior by software Release 12.2(1)XE.

Miscellaneous

CSCdr36952

A defect in Cisco IOS software causes a Cisco router or switch to halt and reload if Cisco IOS HTTP service is enabled and a user attempts to browse to "http: //<router-ip>/%%". This defect can be exploited to produce a denial of service (DoS) attack.

The vulnerability, affects virtually all mainstream Cisco routers and switches running Cisco IOS Releases 11.1 through 12.1, as well as Release 12.2(1)XE. The vulnerability has been corrected, and Cisco is making fixed releases available to replace all affected Cisco IOS releases. Customers are urged to upgrade to releases that are not vulnerable to this defect as shown in detail below.

To mitigate the vulnerability, disable the Cisco IOS HTTP server using an access list on an interface in the path to the router to prevent unauthorized network connections to the HTTP server or apply an access-class option directly to the HTTP server itself. The IOS HTTP server is enabled by default only on Cisco 1003, 1004, and 1005 routers that are not configured. In all other cases, the Cisco IOS HTTP server must be explicitly enabled in order to exploit this defect.

The complete advisory, including software fixes and workarounds, is available at: http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml.

CSCdt74776

When the IP address of a DHCP client BVI interface is configured manually (using the command ip address x.x.x.x s.s.s.s), the DHCPRELEASE command does not clear the current DHCP binding between the DHCP client and DHCP server. This is evident when you enable the command debug dhcp detail. To work around this problem, release the current IP address by using the command no ip address before assigning a static IP address to a DHCP client BVI interface with the command ip address x.x.x.x s.s.s.s.

CSCdt97537

If you modify filtering configurations in IPSec with access lists, the sequence order of access list configuration commands you enter or remove might cause an unintended outcome due to the access lists not working properly. Consequently, ISAKMP negotiation and IPSec negotiation fail for traffic intended to be encrypted. Use the configuration scenarios described below to work around this problem.

To change the parameters of the current access list referenced in the encryption map, leave the access list in the encryption map and modify the access-list definition in global configuration mode as follows:

Router> no access-list 100
Router> access-list 100 permit ip host 2.0.1.26 host 4.0.1.25

To assign a different access list to the encryption map, follow the steps below:


Step 1 Remove the old access list assigned to the existing encryption map:

Router> crypto map map1 10 ipsec-isa
Router> no match address 100

Step 2 Before defining the new access list, assign the new access list to the encryption map:

Router> crypto map map1 10 ipsec-isa
Router> match address 110

Step 3 If the newly-configured access list in the encryption map is already defined, remove the access list from the encryption map prior to defining the new access list.

Router> no access-list 110ex

Step 4 Define the new access list and ensure it is referenced in the encryption map.

Router> access-list 110 permit ip host 2.0.1.26 host 4.0.1.25

Step 5 After modifying access list parameters, clear any existing IPSec and ISAKMP SAs:

Router> clear crypto isakmp
Router> clear crypto sa


CSCdu00267

When checking the firewall audit for TFTP, the number of bytes transferred is not shown correctly in the TFTP data session responder log.

CSCdu22758

Enabling fast switching has no effect when using PPPoE. The router continues to process-switch all traffic. To work around this problem, specify dialer-group 1 under the dialer interface to allow packets to be fast switched correctly for PPPoE. For example:

interface Dialer0
ip address 2.2.2.1 255.255.255.0
encapsulation ppp
mtu 1492
dialer pool 1
dialer-group 1

Documentation Updates

This section contains updates to the Cisco 806 Router Software Configuration Guide.

Omissions

Point-to-Point Protocol Remote System Authentication

The Cisco 806 Router Software Configuration Guide documents the configuration of Point-to-Point Protocol over Ethernet (PPPoE) support in the section "Configuring PPPoE Support," that begins on page 3-16. There are two types of authentication used with PPPoE. Challenge Handshake Authentication Protocol (CHAP), and Password Authentication Protocol (PAP). Either protocol is usable, but the Cisco 806 router and the remote system must both use the same authentication protocol.

Both CHAP and PAP authenticate a remote system by comparing the username and password offered by the remote system with the username and password in the local configuration file. The administrators for both ends of a connection must provide each other with the usernames and passwords for their respective systems before administrators can place the usernames and passwords for remote systems in local configuration files.

To enter the username and password for a remote system to use during authentication, enter the following command on the Cisco 806 router, in global configuration mode:

Router(config)#username username password password

where username and password are the username and password of a remote system requiring authentication.

Challenge Handshake Authentication Protocol Configuration

The Cisco 806 Router Software Configuration Guide documents the configuration of the Challenge Handshake Authentication Protocol (CHAP) for the Point-To-Point Protocol (PPP) in the section "Configuring PPPoE Support," that begins on page 3-16. Step 19 on page 3-17 shows you one method of specifying the CHAP authentication protocol, as follows:

Step 19 Set the PPP authentication method.

Router(config-if)#ppp authentication chap


However, when CHAP is configured in this way, the Cisco 806 router uses its own local hostname and enable password to authenticate itself with the service provider network or corporate network. To use a different hostname and password when the router is authenticated, add them to the CHAP configuration.

To provide an alternate hostname and password to use during CHAP authentication, perform the following steps after step 19:


Step 20 Enter the hostname that you want to use during CHAP authentication.

Router(config-if)#ppp chap hostname hostname

Step 21 Enter the password that you want to use during CHAP authentication.

Router(config-if)#ppp chap password password

Step 22 Exit router configuration mode.

Router(config-if)#end


Configuring One-Way Authentication Using CHAP

When two devices use CHAP authentication, each side sends out a challenge and the opposite sides respond by sending out their username and password. Each side authenticates the other independently. To operate with non-Cisco routers that do not support authentication by the calling router, use the command ppp authentication chap callin. When using the callin keyword, the Cisco 806 router only challenges the remote system when the remote system initiates the call.

Use the following procedure to configure one-way authentication. It begins at step 19 on page 3-17 of the Cisco 806 Router Software Configuration Guide.


Step 19 Set the PPP authentication method to CHAP callin.

Router(config-if)#ppp authentication chap callin


Note The callin keyword is added to the ppp authentication chap command for this example.


Step 20 Enter the hostname to use during CHAP authentication.

Router(config-if)#ppp chap hostname hostname

Step 21 Enter the password to use during CHAP authentication.

Router(config-if)#ppp chap password password

Step 22 Exit router configuration mode.

Router(config-if)#end


Example Configuration

The following configuration example shows a PPPoE configuration. It contains an entry for a remote system that the Cisco 806 router would authenticate after receiving a call initiated by the remote system. This example also shows the use of one-way CHAP authentication with an alternate hostname and password to answer a challenge from a remote system. It includes the Ethernet 0 and Ethernet 1 configurations as well as the Dialer configuration.

username remote1 password 0 70703204E42081B
!
vpdn enable
vpdn-group 1
 request-dialin
  protocol pppoe
!
interface Ethernet0
 ip address 192.168.1.1 255.255.255.0
 ip tcp adjust-mss 1452
!
interface Ethernet1
 no ip address 
 ip tcp adjust-mss 1452
 pppoe enable
 pppoe-client dial-pool-number 1
!
!
interface Dialer0
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer group 1
 ppp authentication chap callin
 ppp chap hostname sanjose5
 ppp chap password 43655E9782
!

Related Documentation

The following sections describe the documentation available for the Cisco 800 Series Routers. Typically, these documents consist of hardware and software installation guides, Cisco IOS configuration and command references, system error messages, feature modules, and other documents.

Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on Cisco.com and the Documentation CD-ROM.

Use these release notes with the documents listed in the following sections:

Release-Specific Documents

Platform-Specific Documents

Feature Modules

Cisco IOS Software Documentation Set

Release-Specific Documents

The following documents are specific to Release 12.2 and apply to Release 12.2(1)XE2. They are located on Cisco.com and the Documentation CD-ROM:

Release Notes for Cisco IOS Release 12.2 

To reach the Cross-Platform Release Notes for Cisco IOS Release 12.2 from Cisco.com, click on this path (under the heading Service & Support):

Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Release Notes: Cross-Platform Release Notes

To reach the Cross-Platform Release Notes for Cisco IOS Release 12.2 on the Documentation CD-ROM, click on this path:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Release Notes: Cross-Platform Release Notes

Product bulletins, field notices, and other release-specific documents

To reach these documents from Cisco.com, click on this path (under the heading Service & Support):

Technical Documents: Product Bulletins

Caveats for Cisco IOS Release 12.2 and 12.2 T 

The Caveats for Cisco IOS Release 12.2 and Caveats for Cisco IOS Release 12.2 T  documents contain caveats applicable to all platforms for all maintenance releases of Release 12.2.

To reach the caveats document from Cisco.com, click on this path (under the heading Service & Support):

Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Caveats

To reach the caveats document on the Documentation CD-ROM, click on this path:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Caveats


Note If you have an account with Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in toCisco.com and click Service & Support: Technical Assistance Center: Tool Index: Bug Toolkit. Another option is to go to http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. 


Platform-Specific Documents

The following documents are available for the Cisco 800 Series Routers on Cisco.com and the Documentation CD-ROM:

Cisco 806 Router

The following documents are available for the Cisco 806 router:

Cisco 806 Router Cabling and Setup Quick Start Guide

Cisco 806 Router Hardware Installation Guide

Cisco 806 Router Software Configuration Guide

Regulatory Compliance and Safety Information for the Cisco 806 Router

On Cisco.com at:

Technical Documents: Documentation Home Page: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 806 Router

On the Documentation CD-ROM at:

Cisco Product Documentation: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 806 Router

Cisco 828 and SOHO 78 Routers

These documents are available for the Cisco 828 and SOHO 78 routers on Cisco.com and the Documentation CD-ROM:

Quick Start Guide - Setting up the Cisco 828 Router

Cisco 828 Router and SOHO 78 Router Hardware Installation Guide

Cisco 828 Router and SOHO 78 Router Software Configuration Guide

Configuration Note for Cisco SOHO Series Routers

Regulatory Compliance and Safety Information for the Cisco 828 Router and SOHO 78 Router

Release Notes for Cisco 828 and SOHO 78 Routers

On Cisco.com at:

Technical Documents: Documentation Home Page: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 828 and SOHO 78 Routers

On the Documentation CD-ROM at:

Cisco Product Documentation: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 828 and SOHO 78 Routers

Software Configuration

This document is available for the Cisco 800 Series and SOHO 70 Series routers on Cisco.com and the Documentation CD-ROM: Cisco Router Web Setup User Guide

On Cisco.com at:

Technical Documents: Router Configuration Tools: Cisco Router Web Setup

On the Documentation CD-ROM at:

Cisco Product Documentation: Router Configuration Tools: Cisco Router Web Setup

Feature Modules

Feature modules describe new features supported by Release 12.2 and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.

To reach the Release 12.2 feature modules:

From Cisco.com, click on this path (under the heading Service & Support):

Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.2: New Feature Documentation: New Features in 12.2-Based Limited Lifetime Releases: New Features in 12.2X Releases

From the Documentation CD-ROM, click on this path:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: New Feature Documentation: New Features in 12.2-Based Limited Lifetime Releases: New Features in 12.2X Releases

Feature Navigator

Feature Navigator is a web-based tool that enables you to quickly determine which Cisco IOS software images support a particular set of features and which features are supported in a particular Cisco IOS image. Feature Navigator is available 24 hours a day, 7 days a week.

To access Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, e-mail the Contact Database Administration group at cdbadmin@cisco.com. If you do not have an account on Cisco.com, go to http://www.cisco.com/register and follow the directions to set up an account.

To use Feature Navigator, you must have a JavaScript-enabled web browser such as Netscape 3.0 or later, or Internet Explorer 4.0 or later. Internet Explorer 4.0 always has JavaScript enabled. To enable JavaScript for Netscape 3.x or Netscape 4.x, follow the instructions provided with the web browser. For JavaScript support and enabling instructions for other browsers, check with the browser vendor.

Feature Navigator is updated when major Cisco IOS software releases and technology releases occur. You can access Feature Navigator at the following URL:

http://www.cisco.com/go/fn

Cisco IOS Software Documentation Set

The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents. The Cisco IOS software documentation set is shipped with your order in electronic form on the Documentation CD-ROM—unless you specifically ordered the printed versions.

Documentation Modules

Each module in the Cisco IOS documentation set consists of one or more configuration guides and one or more corresponding command references. Chapters in a configuration guide describe protocols, configuration tasks, and Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference. The Cisco IOS software documentation set is available on Cisco.com and on the Documentation CD-ROM.

On Cisco.com at:

Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Configuration Guides and Command References

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Configuration Guides and Command References

Release 12.2 Documentation Set

Table 10 lists the contents of the Cisco IOS Release 12.2 software documentation set, which is available in both electronic and printed form.


Note You can find the most current Cisco IOS documentation on Cisco.com and the Documentation CD-ROM. These electronic documents may contain updates and modifications made after the hard-copy documents were printed.


On Cisco.com at:

Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.2

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2

Table 10 Cisco IOS Release 12.2 Documentation Set 

Books
Major Topics

Cisco IOS Configuration Fundamentals Configuration Guide

Cisco IOS Configuration Fundamentals Command Reference

Cisco IOS User Interfaces
File Management
System Management

Cisco IOS Bridging and IBM Networking Configuration Guide

Cisco IOS Bridging and IBM Networking Command Reference, Volume 1 of 2

Cisco IOS Bridging and IBM Networking Command Reference, Volume 2 of 2

Transparent Bridging
SRB
Token Ring Inter-Switch Link
Token Ring Route Switch Module
RSRB
DLSw+
Serial Tunnel and Block Serial Tunnel
LLC2 and SDLC
IBM Network Media Translation
SNA Frame Relay Access
NCIA Client/Server
Airline Product Set
DSPU and SNA Service Point
SNA Switching Services
Cisco Transaction Connection
Cisco Mainframe Channel Connection
CLAW and TCP/IP Offload
CSNA, CMPC, and CMPC+
TN3270 Server

Cisco IOS Dial Technologies Configuration Guide

Cisco IOS Dial Technologies Command Reference

Preparing for Dial Access
Modem and Dial Shelf Configuration and Management
ISDN Configuration
Signaling Configuration
Dial-on-Demand Routing Configuration
Dial Backup Configuration
Dial Related Addressing Service
Virtual Templates, Profiles, and Networks
PPP Configuration
Callback and Bandwidth Allocation Configuration
Dial Access Specialized Features
Dial Access Scenarios

Cisco IOS Interface Configuration Guide

Cisco IOS Interface Command Reference

LAN Interfaces
Serial Interfaces
Logical Interfaces

Cisco IOS IP Configuration Guide

Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services

Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols

Cisco IOS IP Command Reference, Volume 3 of 3: Multicast

IP Addressing and Services
IP Routing Protocols
IP Multicast

Cisco IOS AppleTalk and Novell IPX Configuration Guide

Cisco IOS AppleTalk and Novell IPX Command Reference

AppleTalk
Novell IPX

Cisco IOS Apollo Domain, Banyan VINES, DECnet, ISO CLNS, and XNS Configuration Guide

Cisco IOS Apollo Domain, Banyan VINES, DECnet, ISO CLNS, and XNS Command Reference

Apollo Domain
Banyan VINES
DECnet
ISO CLNS
XNS

Cisco IOS Voice, Video, and Fax Configuration Guide

Cisco IOS Voice, Video, and Fax Command Reference

Voice over IP
Call Control Signaling
Voice over Frame Relay
Voice over ATM
Telephony Applications
Trunk Management
Fax, Video, and Modem Support

Cisco IOS Quality of Service Solutions Configuration Guide

Cisco IOS Quality of Service Solutions Command Reference

Packet Classification
Congestion Management
Congestion Avoidance
Policing and Shaping
Signaling
Link Efficiency Mechanisms

Cisco IOS Security Configuration Guide

Cisco IOS Security Command Reference

AAA Security Services
Security Server Protocols
Traffic Filtering and Firewalls
IP Security and Encryption
Passwords and Privileges
Neighbor Router Authentication
IP Security Options
Supported AV Pairs

Cisco IOS Switching Services Configuration Guide

Cisco IOS Switching Services Command Reference

Cisco IOS Switching Paths
NetFlow Switching
Multiprotocol Label Switching
Multilayer Switching
Multicast Distributed Switching
Virtual LANs
LAN Emulation

Cisco IOS Wide-Area Networking Configuration Guide

Cisco IOS Wide-Area Networking Command Reference

ATM
Broadband Access
Frame Relay
SMDS
X.25 and LAPB

Cisco IOS Mobile Wireless Configuration Guide

Cisco IOS Mobile Wireless Command Reference

General Packet Radio Service

Cisco IOS Terminal Services Configuration Guide

Cisco IOS Terminal Services Command Reference

ARA
LAT
NASI
Telnet
TN3270
XRemote
X.28 PAD
Protocol Translation

Cisco IOS Configuration Guide Master Index

Cisco IOS Command Reference Master Index

Cisco IOS Debug Command Reference

Cisco IOS Software System Error Messages

New Features in 12.2-Based Limited Lifetime Releases

New Features in Release 12.2 T

Release Notes (Release note and caveat documentation for 12.2-based releases and various platforms)

 


Obtaining Documentation

The following sections provide sources for obtaining documentation from Cisco Systems.

World Wide Web

The most current Cisco documentation is available on the World Wide Web at http://www.cisco.com. Translated documentation can be accessed at http://www.cisco.com/public/countries_languages.shtml.

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, in North America, by calling 800 553-NETS(6387).

Documentation Feedback

If you are reading Cisco products documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.

You can e-mail your comments to bug-doc@cisco.com.

For your convenience, many documents contain a response card behind the front cover for submitting your comments by mail. Otherwise, you can mail your comments to the following address:

Cisco Systems, Inc.
Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

The following sections provide sources for obtaining technical assistance from Cisco Systems.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.

Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.

Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.

To access Cisco.com, go to the following website:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.

Contacting TAC by Using the Cisco TAC Website

If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website:

http://www.cisco.com/tac

P3 and P4 level problems are defined as follows:

P3—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

P4—You need information or assistance on Cisco product capabilities, product installation, or basic product configuration.

In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.

To register for Cisco.com, go to the following website:

http://www.cisco.com/register/

Cisco.com registered users who cannot resolve a technical issue by using the TAC online resource can open a case online by using the TAC Case Open tool at the following website:

http://www.cisco.com/tac/caseopen

Contacting TAC by Telephone

If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following website:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

P1 and P2 level problems are defined as follows:

P1—Your production network is down, causing a critical impact to business operations if service is not restored quickly. No workaround is available.

P2—Your production network is severely degraded, affecting significant aspects of your business operations. No workaround is available.