Table Of Contents
Release Notes for Cisco Configuration Professional Express 1.0
May 19, 2008
These release notes support Cisco Configuration Professional Express (Cisco CP Express) 1.0. They should be used with the documents listed in the "Related Documentation" section and in particular, the Release Notes for Cisco Configuration Prefessional.
These release notes are updated as needed. To ensure that you have the latest version of these release notes, go to http://www.cisco.com/go/ciscocp. In the Support box, click General Information > Release Notes. Then, find the latest release notes for your release.
This document contains the following sections:
Cisco CP Express is a graphical configuration tool that enables a user to configure a LAN and WAN connection, make security settings to protect the router, and, configure a basic firewall, and Network Address Translation. Cisco CP Express is installed in Flash memory on routers shipped with Cisco Configuration Professional (Cisco CP).
This sections describes PC and router system requirements. It contains the following parts:
PC System Requirements
Cisco CP Express can run under the native Java Virtual Machine in the supported browsers, and also JRE.
Table 1 lists the system requirements for a PC running Cisco CP Express including Web browser versions and Java runtime environment versions.
Router System Requirements
This section lists the routers that Cisco CP Express supports, by series.
Note Cisco CP Express does not support Telco/CO router models.
Cisco 800 Series
Cisco CP Express is supported on the following Cisco 800 series routers:
Cisco 1800 Series
Cisco CP Express is supported on the following Cisco 1800 series routers:
Cisco 2800 Series
Cisco CP Express is supported on the following 2800 series routers:
Cisco 3800 Series
Cisco CP Express is supported on the following Cisco 3800 series routers:
Supported Adapters, Cards and Network Modules
This section contains support information about adapters, cards, and network modules
Cisco CP Express supports the following network modules:
•NM-4A/S (synchronous only)
•NM-8A/S (synchronous only)
Cisco CP Express supports the following EtherSwitch Service Network Modules:
Cisco CP Express supports the following Wide Area Application Services (WAAS) modules:
WAN Interface Cards
Cisco CP Express supports the following WAN interface cards:
•WIC-2A/S (Frame Relay, PPP, HDLC, no asynchronous)
Cisco CP Express supports the following high-speed WAN interface cards (HWICs):
Cisco CP Express supports the following advanced integration modules (AIMs):
Cisco IOS Releases
Cisco CP Express is compatible with the Cisco IOS releases listed in Table 2.
Determining the Cisco IOS Release
To determine the release of Cisco IOS software currently running on your Cisco router, log in to the router and enter the show version EXEC command. The following sample output from the show version command indicates the Cisco IOS release on the second output line:Router> show versionc3845-1#show versionCisco IOS Software, 3800 Software (C3845-ADVENTERPRISEK9-M), Version 12.4(11)XW2, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2007 by Cisco Systems, Inc.Compiled Tue 03-Jul-07 00:49 by prod_rel_team
Table 3 shows how much memory is required to support Cisco CP Express and related applications.
Cisco CP Ordering Options
Cisco CP Express is shipped with every ordering option under which Cisco CP can be ordered. Table 4 describes the Cisco CP ordering option. Ordering options are also referred to as SKUs.
This section contains important information regarding installation of Cisco CP Express.
Downloading Cisco CP Express From Cisco.com and Installing It On the Router
If Cisco CP Express is not currently installed on the router, and you want to install it, complete the following steps:
Step 1 Go to http://www.cisco.com/go/ciscocp, and click Download Software in the Support box.
Step 2 If a login page appears, enter your login credentials. In the Software Download page, click Cisco Configuration Professional.
Step 3 In the next download page that appears, click the release number that you want to download.
Step 4 Click on the Cisco Configuration Professional package link. The zip file contains the Cisco CP, and Cisco CP Express installation files.
Uninstalling Cisco CP Express Files
If you want to remove Cisco CP Express from flash memory or from a router disk file system, you can do so by logging onto the router and completing the following steps in EXEC mode:
Step 1 Change to the directory in which the Cisco CP Express files are located.
If the router has a flash file system, use the following command:router# cd flash:
If the router has a disk file system, use the following command:router# cd diskN
Replace N with the actual number of the disk. Use the slot keyword instead of the disk keyword if necessary.
Step 2 Use the delete command to remove the Cisco CP Express files. The example below deletes the file cpexpress.tar:router# delete cpexpress.tarDelete filename [cpexpress.tar]?Delete flash:cpexpress.tar? [confirm]
Press Return to confirm the deletion.
Step 3 Use the delete command to remove the remaining Cisco CP Express files.
Step 4 Reclaim memory space by using the squeeze flash: command:router# squeeze flash:
It is not necessary to use the squeeze flash: command on DOS-based file systems.
Limitations and Restrictions
This section describes the following restrictions and limitations that may apply to Cisco CP Express:
Cisco CP Express Does Not Support Cisco 7000 Series Routers
Cisco CP Express does not support the Cisco 7204VXR, Cisco 7206VXR, and Cisco 7301 Routers and is not shipped with those routers.
This section contains important information for Cisco CP Express. It contains the following sections:
Cisco IOS Enforces One-Time Use of Default Credentials
To address CSCsm25466, Cisco IOS images included with recent shipments of Cisco 800, Cisco 1800, Cisco 2800, and Cisco 3800 routers, enforce the one-time use of the default username and password provided in the default configuration file shipped with Cisco CP Express and Cisco CP. If you bypass Cisco CP Express and use a console or Telnet connection to log into the router, the login and exec banners warn you that you must change the username "cisco" and password "cisco" before you log off of the router. If you do not change the credentials as directed, you will not be able to log on to the router the next time that you attempt to do so.
The following Cisco IOS releases enforce the one-time use of the default credentials:
•12.4(11)T or later
•12.4(11)SW, 12.4(11)SW1, 12.4(11)XV, 12.4(11)XJ
Follow the procedure in this section to secure the router by creating a new username and password, to remove the login banner and exec banner warnings, and to save the configuration changes to the router startup configuration.
Note If you login to the router using a Telnet or a console connection but do not complete the steps in this procedure, be aware of the following:
•If you do not change the default username and password, and then log off the router, you will not be able to log into the router again without entering the reload command. No additional warning is given before you log off.
•If you do not change the default username and password, but do enter the write memory command before ending the session, future logins will be disabled. In this case, you will need to follow the password recovery procedure at the following link:
To secure the router, remove the banner warnings and save the changes to the router startup config, complete the following steps:
Step 1 Connect the light blue console cable, included with your router, from the blue console port on your router to a serial port on your PC. Refer to your router's hardware installation guide for instructions.
Step 2 Connect the power supply to your router, plug the power supply into a power outlet, and turn on your router. Refer to your router's quick start guide for instructions.
Step 3 Use HyperTerminal or a similar terminal emulation program on your PC, with the terminal emulation settings of 9600 baud, 8 data bits, no parity, 1 stop bit, and no flow control, to connect to your router.
Step 4 When prompted, enter the username cisco, and password cisco.
Step 5 Enter configuration mode by entering the following command:yourname# configure terminal
Step 6 Create a new username and password by entering the following command:yourname(config)# username username privilege 15 secret 0 password
Replace username and password with the username and password that you want to use.
Step 7 Remove the default username and password by entering the following command:yourname(config)# no username cisco
Step 8 To remove the login banner, enter the following command:yourname(config)# no banner login
The login banner warning will no longer appear.
Step 9 To remove the exec banner, enter the following command:yourname(config)# no banner exec
The exec banner warning will no longer appear.
Step 10 Leave configuration mode, by entering the following command:yourname(config)# end
Step 11 Copy the configuration changes to the startup configuration by entering the following command:yourname# copy running-config startup-config
When logging into the router in the future, use the username and password that you created in Step 6.
Cisco CP Express May Not Operate with Custom Configuration File
If you load a custom configuration file on the router usingCisco CP Express or any other process, you may remove Command Line Interface (CLI) commands that Cisco CP Express operation requires and prevent it from operating. Cisco CP requires the following basic configuration in order to connect to the router and manage it.
•An http or https server must be enabled with local authentication.
•A local user account with privilege level 15 and accompanying password must be configured.
•Vty line with protocol ssh/telnet must be enabled with local authentication. This is needed for interactive commands.
•An http timeout policy must be configured with the parameters shown in the following example to avoid a known launch issue with Cisco CP Express.
•The PC on which Cisco CP Express is to run and the interface through which Cisco CP Express will be launched must be configured with IP addresses from the same subnet.
The following example shows a configuration that contains the CLI commands Cisco CP Express requires in order to operate.hostname yourname!logging buffered 51200 warnings!username fish privilege 15 secret 0 salmon!ip domain-name yourdomain.com!interface FastEthernet0description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-10/100 Ethernet$ip address 10.10.10.1 255.255.255.248description PC must be on the same subnet as this interfaceno shutdown!ip http serverip http secure-serverip http authentication localip http timeout-policy idle 60 life 86400 requests 10000!line vty 0 4privilege level 15login localtransport input telnettransport input telnet sshline vty 5 15privilege level 15login localtransport input telnettransport input telnet ssh
Popup Blockers Disable Cisco CP Express Online Help
If you have enabled popup blockers in the browser you use to run Cisco CP Express, online help will not appear when you click the help button. To prevent this from happening, you must disable the popup blocker when you run Cisco CP Express. Popup blockers may be enabled in search engine toolbars, or may be standalone applications integrated with the web browser.
Microsoft Windows XP with Service Pack 2 blocks popups by default. In order to turn off popup blocking in Internet Explorer, go to Tools > Pop-up Blocker > Turn Off Pop-up Blocker.
If you have not installed and enabled third-party pop up blockers, go to Tools >Internet Options > Privacy, and uncheck the Block popups checkbox.
In Firefox 1.5 and later versions, click Tools > Options > Content. Uncheck Block pop-up windows.
Disable Proxy Settings
Cisco CP Express will not start when run under Internet Explorer with proxy settings enabled. To correct this problem, choose Internet Options from the Tools menu, click the Connections tab, and then click the LAN settings button. In the LAN Settings window, disable the proxy settings.
Security Alert Dialog May Remain After Cisco CP Express Launches
When Cisco CP Express is launched using HTTPS, a security alert dialog box that informs you of possible security problems and asks you if you want to proceed with program launch may appear. This can happen if the router does not have the following global configuration command in the running configuration:ip http timeout-policy idle 600 life 86400 requests 10000
Caveats describe unexpected behavior in Cisco CP Express. Severity 1 caveats are the most serious caveats, severity 2 caveats are less serious, and severity 3 caveats are the least serious of these three severity levels.
Open Caveats—Cisco CP Express 1.0
This section lists caveats that are open in Cisco CP Express 1.0.
Cisco CP Express cannot be installed using a PC running Microsoft Windows XP with Service Pack (SP) 3.
Workaround: Cisco CP Express can be installed using a PC running Microsoft Windows XP with SP2, and Microsoft Windows Vista.
This caveat is caused by Cisco IOS caveat CSCsl42697. When configuring a radio interface using the Cisco CP Wireless application, QoS access commands such as max-contention and min-contention window settings are not delivered to the router.
When Cisco CP Express is invoked using HTTPS on a router running Cisco IOS version 12.4(17), the router crashes.
Workaround: Invoke Cisco CP Express using HTTP, as in the following example:http://10.10.10.1
Cisco CP Express browser windows do not close if the Secure Device Provisioning application is launched from Cisco CP Express. If you choose Secure Device Provision in the Router Provisioning screen, the SDP application is launched after you complete the Cisco CP Express wizard and deliver the commands to the router. After the commands are delivered, Cisco CP Express closes, but the two browser windows associated with Cisco CP Express do not close automatically. This behavior has been observed in all browsers.
Workaround: Close these windows manually. However, note that closing these windows manually also closes the Cisco CP Express application. Therefore, do not close these windows until you have completed configuring the router using the SDP application.
The SDM_HIGH security policy may not block Instant Messaging (IM) applications. The application security feature blocks IM applications using the server deny name command. New servers may become available, and if they do, IM applications may connect to them.
Workaround: Complete the following steps:
–Turn on firewall logging for IM applications. The names of the servers that the IM applications connect to will be revealed in the log.
–Use the CLI to block the new servers. The following example uses the server newserver.yahoo.com:router# config trouter(config)# appfw policy-name SDM_HIGHrouter(cfg-appfw-policy)# application im yahoorouter(cfg-appfw-policy-ymsgr)# server deny name newserver.yahoo.comrouter(cfg-appfw-policy-ymsgr)# endrouter#
Note•IM applications are able to communicate over nonnative protocol ports, such as HTTP, and through their native TCP and UDP ports. Cisco CP configures block and permit actions based on the native port for the application, and always blocks communication conducted over HTTP ports.
•Some IM applications, such as MSN Messenger 7.0, use HTTP ports by default. To permit these applications, configure the IM application to use its native port.
Cisco CP Express filenames are case sensitive. If the Cisco CP Express files are copied from the PC hard disk to a flash card, File Explorer changes the names to uppercase. When this happens, Cisco CP Express cannot be invoked from this flash card.
Workaround: Before removing the flash card from the PC, restore the filenames to lowercase.
When you update Cisco CP Express, if any of the uploaded files shows a size of zero bytes when show flash is invoked, no operations such as copy or delete can be performed on flash memory. This problem rarely occurs.
Workaround: Restart the router to be able to perform operations on flash memory. If files of zero bytes are shown in a show flash display, restart the router before starting Cisco CP Express.
If you delete a WAN connection that you created, an ip nat inside command may still remain in a LAN interface configuration.
Workaround: To delete the ip nat inside command from the LAN interface configuration, go t o Edit Interfaces and Connections, choose the LAN interface, click Edit, and delete the association in the Association tab.
When the router is configured to use PPPoE, users may not be able to download a file using FTP or display web pages from Internet hosts that they are able to ping or access using telnet. This can happen if Cisco CP Express is being used on a router with interfaces that Cisco CP Express does not support, such as Token Ring or VLAN interfaces. Cisco CP Express does not deliver the command ip tcp adjust-mss 1452 to unsupported interfaces.
Workaround: Use the CLI to add the ip tcp adjust-mss 1452 command to the VLAN or Token Ring interface configuration. Use Telnet to access the router and enter the following command in VLAN or Token Ring interface configuration mode:Router# ip tcp adjust-mss 1452
The Cisco CP Express Update from PC feature will not operate when the CCP-Vnn.zip file is placed in a shared folder with read-only access.
Workaround: Do not place the CCP-Vnn.zip file in a folder with read-only access.
In Edit mode, Cisco CP Express displays an exception in the Java console after the user changes the default factory username and password when launched with JRE plug-in versions 1.6.0,1.6.0_01,1.6.0_02,1.6.0_03,1.6.0_04 and 1.6.0_05. An IO exception popup screen is displayed as well.
Workaround: Relaunch the application with new username and password or use JRE plug-in version 1.5.0,1.5.0_10 or 1.5.0_11.
When Cisco CP Express is run in Edit mode, the Cisco IOS image name may not display completely in the Cisco CP Express home page or in the Router Hardware/Software Details screen.
When installing Cisco CP Express, if you cancel setup and then immediately click setup.exe again, the setup program displays a message that says a previous instance of the setup program is already running.
Workaround: Wait for 15 to 20 seconds before attempting setup again.
When using the Reset To Factory Defaults Cisco CP Express feature on a router equipped with an Access Point (AP) module, the factory default configuration is restored to the router, but no change is made to the AP module configuration.
Workaround: You must manually reboot the Access Point.
On a router with an installed AP module, if Authentication, Authorization, and Accounting (AAA) is enabled on both the router and the installed AP module, Cisco CP Express will require you to enter login credentials twice: once for the router, and once for the AP module.
Workaround: Enter the router login credentials first, and then enter the AP login credentials.
This section lists other documents with information on Cisco CP Express.
•Platform-Specific Documents—See the quick start guide for the router, available on http://www.cisco.com, to learn how to set up the router hardware connections.
•Software Documents—These documents are available on http://www.cisco.com/go/ciscocp.
Note For information on obtaining documentation and technical assistance, product security, and additional information, see What's New, which also lists new and revised documents each month.
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
Copyright © 2008 Cisco Systems, Inc. All rights reserved.