Table Of Contents
Release Notes for
Cisco Configuration Professional 2.3
July 30, 2010
These release notes support Cisco Configuration Professional (Cisco CP) version 2.3. They should be used with the documents listed in the "Related Documentation" section.
These release notes are updated as needed. To ensure that you have the latest version of these release notes, go to http://www.cisco.com/go/ciscocp. In the Support box, click General Information > Release Notes, and then find the latest release notes for your release.
This document contains the following sections:
Cisco CP is a GUI-based device management tool for Cisco access routers. Cisco CP simplifies router, firewall, Intrusion Prevention System, VPN, unified communications, WAN, and basic LAN configuration through GUI-based, easy-to-use wizards. Cisco CP is installed on a PC.
Routers that are ordered with Cisco CP are shipped with Cisco CP Express installed in router flash memory. Cisco CP Express is a light weight version of Cisco CP, that you can use to configure LAN and WAN interfaces and minimal IOS security features.
This sections describes PC and router system requirements. It contains the following parts:
PC System Requirements
Table 1 lists the system requirements for a PC running Cisco CP. Although the Cisco CP application requires Java Runtime Error (JRE) to run, the Cisco CP Express application included with Cisco CP can run under the native Java Virtual Machine in the supported browsers and JRE.
Router System Requirements
Router System Requirements are described in the following parts:
Table 4 lists the phones that Cisco CP supports:
Supported Network Modules
Supported Interface Cards
Table 7 lists the interface cards that Cisco CP supports.
Supported Adapters, Processing Engines, and Service Engines
Table 8 lists the adapters, processing engines, and service engines that Cisco CP supports.
Table 9 lists the connected grid devices that Cisco CP supports
Cisco IOS Releases
Cisco CP is compatible with the Cisco IOS releases listed in Table 10.
Determining the Cisco IOS Release
To determine the release of Cisco IOS software currently running on your Cisco router, log in to the router and enter the show version EXEC command. The following sample output from the show version command indicates the Cisco IOS release on the second output line:Router> show versionCisco Internetwork Operating System SoftwareIOS (tm) C1700 Software (c1700-k8sv3y7-mz) Version 12.2(13)ZH
Required IP Address Configuration Information
Table 11 provides the required IP address configuration for the PC. Use this information to complete the section "Task 4: Configure the IP Address On the PC" in the Cisco Configuration Professional Quick Start Guide.
Router Configuration Requirements
To run Cisco CP, a router configuration must meet the requirements shown in Table 12.
The default configuration file meets all Cisco CP requirements. The default configuration file has the name cpconfig-model_number.cfg. For example, the configuration file for the Cisco 860 and Cisco 880 routers is cpconfig-8xx.cfg.
Cisco CP Ordering Options
Table 13 describes the ordering options under which Cisco CP can be ordered. Cisco CP Express is a product that is shipped in router flash memory when the router is ordered with Cisco CP.
New and Changed Information
This section contains new information about Cisco CP and any information about Cisco CP that has changed.
This section contains the following parts:
New and Changed Features
Cisco CP 2.3 supports the following new features:
•3G Feature Enhancements
Earlier Cisco CP supported cellular modem activation, cellular interface configuration as primary and as backup, and firmware upgrade for both CDMA and GSM technologies. Cisco CP 2.3 supports the following:
– OMA-DM activation on MC5727 modem for HWIC-3G-CDMA-S (Sprint).
– SIM features on MC8790 and MC8792V modems for HWIC-3G-HSPA, HWIC-3G-HSPA-A, HWIC-3G-HSPA-G SKUs and AC501 Air card modem on 88x series.
•Advanced Telephony Settings
The Advanced Telephony Settings feature allows you to configure and manage the following:
– System information such as system message, directory naming schema, music on hold, and default pin
– System and customer accounts
– Dial plan pattern
– Transfer pattern
– Phone URLs
•Basic Automatic Call Distribution (B-ACD) Prompt and Script
Cisco CP 2.3 supports B-ACD Prompt and Script. The B-ACD Prompt and Script feature enables you to perform the following operations with respect to a prompt and script:
–Upload B-ACD tar package to flash
–Upload Prompt and Script files to flash
–Delete prompt(s) and script(s) from flash
–Download prompt(s) and script(s) from flash
•Cisco Application Extension Platform (AXP)
Cisco CP 2.3 supports Cisco AXP, which makes integration of branch network, applications, and IT infrastructure easier. Cisco CP 2.3 supports AXP module initial setup, which includes the following:
– AXP modules software installation
– Module parameter configuration such as DNS, NTP, domain name, time zone, syslog server, and administrator account
– Installation/upgrade/uninstallation of third party applications on AXP
– Subinterface configuration and binding of interfaces to applications
•Cisco Unified Border Element (CUBE)
Cisco CP 2.3 supports CUBE. CUBE is an IP-to-IP gateway that facilitates connectivity between independent unified communications, VoIP, and video networks.
•Cisco Unified CME B-ACD
Cisco CME B-ACD provides automatic answering of outside calls with greetings and menus that allow callers to select the appropriate department or to dial a known extension number.
Cisco CP 2.3 supports B-ACD, which allows the following:
–Create and management of Auto Attendant services and Call Queue
–Collect call statistics.
•CUE Language Management
Cisco CP 2.3 module settings feature allows you to perform the following language management operations:
–System default language configuration
Cisco CP supports the coexistence of Easy VPN Server and DMVPN hub. ISAKMP profile for DMVPN Hub is supported in preshared key mode.
In Cisco CP 2.3, a Refresh button is available on the toolbar at the top of the page. Click the Refresh button to:
–Rediscover the selected device in the Select Community Member drop down menu.
–Rediscover and reload the current feature.
In Cisco CP 2.3, you can click the Reload device button from the Reload Device page to reload the router.
•SFP Interface Enhancements
Interface Feature Edit dialog box for SFP Gigabit Ethernet interface now has an extra tab to configure Media-type. You can configure Media-type as SFP or RJ45 with fail over options.
A SIP trunk connects to the traditional PSTN network which is provided by an Internet Telephony Service. It makes full use of installed IP-PBXs. It communicates over IP within the enterprise as well as the outside enterprise.
Unlike traditional telephony, where bundles of physical wires were once delivered from the service provider to a company, a SIP trunk allows a company to replace these traditional fixed PSTN lines with PSTN connectivity via SIP trunking service provider on the Internet.
In Cisco CP 2.3, you can use the Configure Speed Dial Dialog Box to add or edit speed dial settings for the user's phone.
•Transcoding and DSP Resource Management
Cisco CP 2.3 supports management of DSP resources for conference and transcoding services.
•VoIP Dial Peer
The VoIP dial peer is one of the key elements of an IP Telephony system and an integral part of all call processing agents. VoIP dial peer is responsible for instructing the call processing agent, such as Cisco Unified Communication Manager Express (Cisco Unified CME), on how to route IP calls.
VoIP Parameters is now called VoIP Settings. Advanced Global Parameters is now called Advanced Global Settings. Several new configuration options are available for VoIP, H.323, and SIP in CME and Gateway modes.
Cisco CP 2.3 supports WAAS Express in IOS, which includes the following:
–Enabling evaluation license for WAAS express on your router
–Installing digital certificate for WAAS Central Manager (WCM)
WCM on your router
–Registering your router with WCM
Cisco CP 2.3 supports following new switching features:
•The new features for the switching modules are following:
– Switch Port configuration
•The configuration functionalities of Connected Grid Switch models CGS-2520-24TC and CGS-2520-16S-8PC are the following:
802.1x defines a user-server-based access control, and authentication protocol that prevents unauthorized clients from connecting to a LAN through publicly accessible ports. The authentication server authenticates each user connected to a switch port before making any services offered by the switch or the LAN. Cisco CP provides configuration of 802.1x on interfaces.
Cisco CP provides functionalities to configure AAA server using Radius or TACACS+. AAA server can be used to authenticate, authorize, and account the request to the device.
– Access Control Lists (ACLs)
ACLs consist of Access List Elements (ACEs), which are matched against a packet in sequence. An action in the ACE (permit or deny) determines whether the packets are forwarded or dropped. That is, a permitted packet is forwarded, and a denied packet is dropped. If no match is found, the packet is denied by default.
– Device Alarm
The Device Alarm window is used to configure primary or secondary alarm settings for switch temperature alarms, redundant power supply alarms, and port pinout alarms.
Cisco CP provides creation, editing, or deletion of EtherChannel. EtherChannel is a group of Fast or Gigabit Ethernet port that acts as a single logical port for high-bandwidth connections between switches or between switches and servers.
– MAC Address
Cisco CP shows the dynamic MAC address of the MAC address table of the switch and allows removal and configuration of all aging parameters of the MAC address.
– Port Security
Configuration of port security prevents unknown devices from connecting to the ports without your knowledge. When a port is secure, a user-specified action occurs whenever an address-security violation occurs.
Cisco CP uses Modular QoS Command-Line Interface (MQC) to configure QoS. It supports QoS Class create, edit, and delete. It allows the user to use these classes in ingress and egress QoS policy definition. Created policies can be assigned to interfaces using Cisco CP.
– Resilient Ethernet Protocol (REP)
REP is a Cisco proprietary protocol that provides an alternative to Spanning Tree Protocol (STP) to control network loops, handle link failures, and improve convergence time. Cisco CP supports configuration of REP segments and administrator vlan for REP.
Cisco CP supports two types of spanning-tree protocol: rapid-pvst and pvst. It allows configuration and monitoring of various aspects of STP.
– Switch Port configuration
Cisco CP allows configuration of physical characteristics of the ports such as duplex, speed, and others. It also allows configuration of administrator status and administrative mode of the port.
– Smartport Macro
Smartport macros provide a convenient way to save and share common configurations. Cisco CP allows configuration following pre-defined macro to any port. Examples of pre-defined macros are Switch, Router, Desktop, AccessPoint, etc.
Cisco CP provides Vlan configuration and assignment to the port.
•The monitoring functionalities of Connected Grid Switch models CGS-2520-24TC and CGS-2520-16S-8PC are the following:
– Port Statistics
Cisco CP shows a snapshot of transmit and receive packets statistics on ports.
– REP Segment
REP is a Cisco proprietary protocol that provides an alternative to STP to control network loops, handle link failures, and improve convergence time. Cisco CP shows configured REP segment information.
– QoS Report
QoS report shows statistics for DSCP, Class of Services & Policer for configured QoS.
This feature displays the measurements on the utilization of the bandwidth, CPU, memory, device temperature, and packet errors.
New Hardware Support
The new interface cards supported are:
The new connected grid devices supported are:
Limitations and Restrictions
This section describes restrictions and limitations that may apply to Cisco CP. It contains the following parts:
Cisco CP Minimum Screen Resolution
Cisco CP requires a screen resolution of at least 1024 x 768.
JRE Settings for Cisco CP
The following JRE settings are needed for Cisco CP to function properly:
Step 1 Go to Start > Control Panel > Java.
Step 2 Click View under Java Applet Runtime Settings.
Step 3 Select your JRE in use.
Step 4 Set the "Java runtime parameters" with the value "-Xmx256m -Dsun.java2d.d3d=false".
In addition, if JRE is upgraded to versions 1.6.0_11 or above, following settings are needed after Cisco CP installation.
Step 1 Go to Start > Control Panel > Java > Advance.
Step 2 Select "Java Plug-in" tree.
Step 3 Uncheck the check box for Enable next-generation Java Plug-in.
Step 4 Restart Cisco CP.
Pop-up Screens Appearing on Monitor other than Cisco CP
Pop-up screens are seen in all SDM applet security and routing, and help pages.
Step 1 Connect the monitor to a laptop and set the screen for extended display.
Step 2 Launch Cisco CP and move it to secondary screen.
Step 3 Go to security audit and click on perform security audit.
The audit screen comes up in the primary monitor while the Cisco CP is still in the secondary monitor.
This section contains important information for Cisco CP. It contains the following sections:
Cisco IOS Enforces One-Time Use of Default Credentials
To address CSCsm25466, Cisco IOS images included with recent shipments of Cisco 800, Cisco 1800, Cisco 2800, and Cisco 3800 routers, enforce the one-time use of the default user name and password provided in the Cisco CP configuration file. If you bypass Cisco CP or Cisco CP Express and use a console or Telnet connection to log into the router, the login and exec banners warn you that you must change the user name "cisco" and password "cisco" before you log off of the router. If you do not change the credentials as directed, you will not be able to log on to the router the next time that you attempt to do so.
The following Cisco IOS releases enforce the one-time use of the default credentials:
•12.4(11)T or later
•12.4(11)SW, 12.4(11)SW1, 12.4(11)XV, 12.4(11)XJ
Follow the procedure in this section to secure the router by creating a new username and password, to remove the login banner and exec banner warnings, and to save the configuration changes to the router startup configuration.
Note If you login to the router using a Telnet or a console connection but do not complete the steps in this procedure, be aware of the following:
•If you do not change the default username and password, and then log off the router, you will not be able to log into the router again without entering the reload command. No additional warning is given before you log off.
•If you do not change the default username and password, but do enter the write memory command before ending the session, future logins will be disabled. In this case, you will need to follow the password recovery procedure at the following link:
To secure the router, remove the banner warnings and save the changes to the router startup config, complete the following steps:
Step 1 Connect the light blue console cable, included with your router, from the blue console port on your router to a serial port on your PC. Refer to your router's hardware installation guide for instructions.
Step 2 Connect the power supply to your router, plug the power supply into a power outlet, and turn on your router. Refer to your router's quick start guide for instructions.
Step 3 Use HyperTerminal or a similar terminal emulation program on your PC, with the terminal emulation settings of 9600 baud, 8 data bits, no parity, 1 stop bit, and no flow control, to connect to your router.
Step 4 When prompted, enter the username cisco, and password cisco.
Step 5 Enter configuration mode by entering the following command:yourname# configure terminal
Step 6 Create a new username and password by entering the following command:yourname(config)# username username privilege 15 secret 0 password
Replace username and password with the username and password that you want to use.
Step 7 Remove the default username and password by entering the following command:yourname(config)# no username cisco
Step 8 To remove the login banner, enter the following command:yourname(config)# no banner login
The login banner warning will no longer appear.
Step 9 To remove the exec banner, enter the following command:yourname(config)# no banner exec
The exec banner warning will no longer appear.
Step 10 Leave configuration mode, by entering the following command:yourname(config)# end
Step 11 Copy the configuration changes to the startup configuration by entering the following command:yourname# copy running-config startup-config
When logging into the router in the future, use the username and password that you created in Step 6.
Cisco CP Merge and Replace Configuration Functions Fail Under Some Conditions
The problem described here is caveat CSCsj21989. If you attempt to merge configuration changes made using the Cisco CP Config Editor feature, or replace the running configuration with a configuration from the Config Editor, the router configuration will not be changed if there is a network device with a Network Address Translation (NAT) IP address, or a cache engine in the connection between the PC and the router. If you need to make changes to the router configuration that you would normally make using the Cisco CP Config Editor, use the Cisco IOS CLI instead.
Cisco CP Security Dashboard May Display Threats Unrelated to Your Cisco IOS IPS Installation
Some (or all) of the top threats you obtain using the Cisco CP Security Dashboard may not pertain to your Cisco IOS IPS installation. After you deploy the signatures applicable to the top threats displayed by the Cisco CP Security Dashboard, the dashboard may still display some (or all) top threats with a red icon because applicable signatures could not be found. Those remaining top threats are unrelated to your Cisco IOS IPS installation and not a danger to your router running Cisco IOS software.
Cisco CP May Lose Connection to Network Access Device
This note concerns the Network Admission Control (NAC) feature.
If the PC used to invoke Cisco CP returns a posture state (Healthy, Infected, Checkup, Quarantine, or Unknown) and if the group policy on the ACS server attached to the posture token assigned to the PC has a redirect URL configured, the connection between Cisco CP and the router acting as the Network Access Device (NAD) may be lost. The same problem can occur if an exception list entry attached to a policy with a redirect URL is configured with the IP address or MAC address of the PC.
If you try to reinvoke Cisco CP from this PC, you will not be able to do so because the browser will be redirected to the location specified in the redirect URL.
There are two workarounds for this problem:
•Ensure that the PC that you use to invoke Cisco CP attains a posture token which has an associated group policy on the ACS server that is not configured with a redirect URL.
•Alternatively, use Cisco CP to create a NAC exception list entry with the IP address or MAC address of the PC you use to invoke Cisco CP. Note that the exception list entry created for the PC should be associated to an exception policy which does not have a redirect URL configured in it.
For more information, see the links in the Cisco CP NAC online help pages.
Popup Blockers Disable Cisco CP Online Help
If you have enabled popup blockers in the browser you use to run Cisco CP, online help will not appear when you click the help button. To prevent this from happening, you must disable the popup blocker when you run Cisco CP. Popup blockers may be enabled in search engine toolbars, or may be standalone applications integrated with the web browser.
Microsoft Windows XP with Service Pack 2 blocks popups by default. In order to turn off popup blocking in Internet Explorer, go to Tools > Pop-up Blocker > Turn Off Pop-up Blocker.
If you have not installed and enabled third-party pop up blockers, go to Tools >Internet Options > Privacy, and uncheck the Block popups checkbox.
Disable Proxy Settings
Cisco CP will not start when run under Internet Explorer with proxy settings enabled. To correct this problem, choose Internet Options from the Tools menu, click the Connections tab, and then click the LAN settings button. In the LAN Settings window, disable the proxy settings.
Security Alert Dialog May Remain After Cisco CP Launches
When Cisco CP is launched using HTTPS, a security alert dialog box that informs you of possible security problems and asks you if you want to proceed with program launch may appear. This can happen if the router does not have the following global configuration command in the running configuration:ip http timeout-policy idle 600 life 86400 requests 10000
Screencasts for Cisco CP Features
Instead of online help, screencasts have been provided for the following Cisco CP 2.3 features:
• 3G Feature Enhancements
• Advanced Telephony Settings
• Cisco Unified Border Element (CUBE)
• Cisco Unified CME B-ACD
• Cisco Unified CME B-ACD Prompt and Script Management
• Cisco Application Extension Platform
• CUE Language Management
• DSP Resource Management
• SIP Trunks
• VoIP Dial Peer
• WAAS Express
These screencasts are located at: http://www.cisco.com/en/US/docs/net_mgmt/cisco_configuration_professional/scrcst/ccpsc.html
You must have Internet access to view the screencasts.
Cisco Configuration Professional is Already Running Message
If Cisco CP has not been shut down properly, and you try to relaunch it, you may see the following message: "Cisco Configuration Professional is already running. Only one occurrence can run at a time." To correct this problem and relaunch Cisco CP, do the following:
Step 1 Press Ctrl Alt Delete, and click Task Manager.
Step 2 In the Windows Task Manager dialog, click Processes.
Step 3 In the Image Name column, highlight the processes CiscoCP.exe, CiscoCPEngine.exe, IEC2.exe, and SplashScreen.exe.
Step 4 Click End Process.
Step 5 Wait for 30 seconds and then restart Cisco CP.
Temporary Internet Files - Impact on Discovery
Because of Microsoft Windows Java caching issues, Cisco CP is sometimes unable to complete discovery of a device. To fix this issue, complete the following steps:
Step 1 Choose Application > Exit to shut down Cisco CP.
Step 2 Close all existing IE windows.
Step 3 Go to Start > Control Panel > Java. The General tab is displayed.
Step 4 In the Temporary Internet Files box, click Delete Files.
Step 5 In the displayed dialog, leave all file types checked, and click OK.
Step 6 Click OK in the Java control panel to close it.
Step 7 Restart Cisco CP.
Internet Explorer Zoom Level - Impact on Some Cisco CP Screens
If the browser's zoom level is set to a value other than 100%, some portions of the Java screens in Cisco CP are not seen. To fix this issue, complete the following steps:
Step 1 Close Cisco CP application.
Step 2 Launch IE and reset zoom level to 100% using the "zoom level" selection on the status bar.
Step 3 Close IE.
Step 4 Launch Cisco CP.
Caveats describe unexpected behavior in Cisco CP. This section contains the following:
Table 14 lists caveats that are open in Cisco CP 2.3.
Table 15 lists caveats that are resolved in Cisco CP 2.3.
Table 16 describes the related documentation available for Cisco CP.
Note For information on obtaining documentation and technical assistance, product security, and additional information, see What's New, which also lists new and revised documents each month.
ACEs—Access List Elements
ACLs—Access Control Lists
B-ACD—Basic Automatic Call Distribution
CUBE—Cisco Unified Border Element
HWIC—High-Speed WAN Interface Card
HSPA—High-Speed Packet Access
HSPA—A—High-Speed Packet Access for Americas
HSPA—G—High-Speed Packet Access for Global
MQC—Modular QoS Command
SID—System Identification Number
NID—Network Identification Number
ESN—Electronic Serial Numbers
PDP—Packet Data Protocol (PDP)
PPP—Point-to-Point Protocol (PPP) PDP type
REP—Resilient Ethernet Protocol
STP—Spanning Tree Protocol
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/web/siteassets/legal/trademark.html. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
© 2010 Cisco Systems, Inc. All rights reserved.