Guest

Cisco ASR 1000 Series Aggregation Services Routers

Cisco ASR 1000 Embedded Services Processor 10G Non Crypto Capable New Feature

  • Viewing Options

  • PDF (132.5 KB)
  • Feedback
Cisco ASR 1000 Embedded Services Processor 10G Non Crypto Capable New Feature

Table Of Contents

Cisco ASR 1000 Embedded Services Processor 10G Non Crypto Capable New Feature

Contents

Restrictions for Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

Information About Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

Checking the ESP Board

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for the Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature



Cisco ASR 1000 Embedded Services Processor 10G Non Crypto Capable New Feature


First Published: September 26, 2008
Last Updated: September 26, 2008

The Cisco ASR 1000 Embedded Services Processor 10G Non Crypto Capable new feature includes:

Embedded Services Processor (ESP) in which all encryption chips have been removed

Encryption software is removed from the Cisco IOS XE Route Processor software subpackage.

Finding Feature Information in This Module

Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for the Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature" section.

Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Restrictions for Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

Information About Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

Checking the ESP Board

Additional References

Feature Information for the Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

Restrictions for Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

You cannot load Cisco IOS XE software images or subpackages which contain encryption software, onto a Cisco ASR 1000 Series Router that contains the non crypto enabled ESP board (ASR1000-ESP10-N). As soon as the combination of an encryption-enabled Cisco IOS XE image and encryption-disabled ESP is detected—on bootup, online removal or insertion, or during an install—a message is emitted:

ESP[0|1] does not support strong cryptography. Chassis will reload.

The Route Processor (RP) then reloads the chassis and reboots continuously.

To troubleshoot this problem, follow these steps:


Step 1 Enable ROM Monitor (ROMmon) mode by entering the reload command.

Step 2 Press the Break key during the first 60 seconds while the system is booting.

Step 3 Force the system to remain in ROMmon mode, waiting for manual bootup, by entering the command: confreg 0x0.

Step 4 Load the latest Cisco IOS XE image that is compatible with the ASR1000-ESP10-N ESP board.

Compatible subpackages include

Cisco ASR1000 Series RP1 IP BASE W/O CRYPTO

Cisco ASR1000 Series RP1 ADVANCED IP SERVICES W/O CRYPTO

Cisco ASR1000 Series RP1 ADVANCED ENTERPRISE SERVICES W/O CRYPTO

Step 5 Remove the forced manual boot mode by entering the command: confreg config register setting, where config register setting is the default for the user system, often 0x2102.

Step 6 Reboot the system.


Information About Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

For those users who are under export or import restrictions for strong encryption services products, the Cisco ASR 1000 ESP board (ASR1000-ESP10-N) without encryption is provided. This unrestricted product format, in which all encryption chips have been removed, can be provided in the Cisco ASR 1002, 1004, and 1006 Series Routers. Additionally, a Cisco IOS XE 2.2 image for this ESP is available that does not contain encryption software. Therefore, any Cisco ASR 1000 Series Router which contains the ASR1000-ESP10-N ESP board does not provide Secure Shell (SSH), Transport Layer Security (TLS), Secure Socket Layer (SSL), or IP Security (IPSec) encryption processes. All other functionality found in the Cisco ASR 1000 Series Routers remains the same.

The benefits of Cisco ASR 1000 ESP 10G Non Crypto Capable new feature are:

Fully unrestricted network product that meets US export restrictions and any foreign security import restrictions.

Users can obtain encryption processes of their own choosing.

Checking the ESP Board

You can verify the part number of your ASR 1000 Series Router ESP board in two ways:

Look for the ASR1000-ESP10-N part number on the board itself, or

Enter the show platform command as shown below:

Router# show platform
Chassis type: ASR1006             

Slot      Type                State                 Insert time (ago) 
--------- ------------------- --------------------- ----------------- 
0         ASR1000-SIP10       ok                    00:03:06      
 0/0      SPA-5X1GE-V2        ok                    00:01:35      
 0/1      SPA-8X1FE-TX-V2     ok                    00:01:35      
 0/2      SPA-2XCT3/DS0       ok                    00:01:35      
1         ASR1000-SIP10       ok                    00:03:06      
 1/0      SPA-2XOC3-POS       ok                    00:01:35      
 1/1      SPA-8XCHT1/E1       ok                    00:01:35      
 1/2      SPA-2XT3/E3         ok                    00:01:35      
R0        ASR1000-RP1         ok, active            00:03:06      
F0        ASR1000-ESP10-N	  ok, active            00:03:06      
P0        ASR1006-PWR-AC      ok                    00:02:06      
P1        ASR1006-FAN         ok                    00:02:06      


Slot      CPLD Version        Firmware Version                        
--------- ------------------- --------------------------------------- 
0         06120701            12.2(33r)XNB                        
1         06120701            12.2(33r)XNB                        
R0        07082312            12.2(33r)XNB                        
F0        07051680            12.2(33r)XNB


Additional References

The following sections provide references related to the Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature.

Related Documents

Related Topic
Document Title

Cisco ASR 1000 Series Routers software configuration information.

Cisco ASR 1000 Series Aggregation Services Routers Software Configuration Guide at http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/asrswcfg.html

Cisco ASR 1000 Series Routers hardware installation information.

Cisco ASR 1000 Series Aggregation Services Routers Hardware Installation and Initial Configuration Guide at http://www.cisco.com/en/US/docs/routers/asr1000/install/guide/chassis/asr1000hig.html

System message information for Cisco IOS XE software.

System Messages for Cisco IOS XE at http://www.cisco.com/en/US/products/ps9343/products_system_message_guides_list.html

Cisco IOS XE software configuration information.

Cisco IOS XE Configuration Guides at http://www.cisco.com/en/US/products/ps9587/products_installation_and_configuration_guides_list.html


Standards

Standard
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.


MIBs

MIB
MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFC
Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature


Technical Assistance

Description
Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/techsupport


Feature Information for the Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

Table 1 lists the release history for this feature.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release. Unless noted otherwise, subsequent releases of that Cisco IOS software release also support that feature.


Table 1 Feature Information for Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

Feature Name
Releases
Feature Information

Cisco ASR 1000 ESP 10G Non Crypto Capable New Feature

IOS XE 2.2

This feature was introduced and provides a Cisco ASR 1000 ESP board without encryption chips and a Cisco IOS XE software image without encryption software.