Cisco ASR 1000 Series Aggregation Services Routers

Migrating from Cisco 7200 Series Routers

  • Viewing Options

  • PDF (364.2 KB)
  • Feedback

Table Of Contents

Migrating from Cisco 7200 Series Routers


Cisco 7200 Series Routers Summary

Do I Need to Migrate?

Migration Hardware Options

Cisco ASR 1000 Series Aggregation Services Routers

Cisco ISR 4451-X

Cisco ISR G2 3945E

How to Migrate

Three-Step Process

Feature Incompatibility and Workaround Table

Which Platform is most Suitable?

Frequently Asked Questions

Further Information

Migrating from Cisco 7200 Series Routers

First Published: January 28, 2014


This document provides information about how to migrate from Cisco 7200 Series Routers to more modern hardware. The advantages of migration and the process for successful migration are detailed in this document. Note that in many cases, the most suitable replacement will be Cisco ASR 1000 Series Aggregation Services Routers. In certain circumstances, it will be more cost-effective or more suitable to choose Cisco Integrated Services Routers (ISR) 4451-X or Cisco ISR G2 3945E platform. The circumstances to choose Cisco ISR 4451-X or Cisco ISR G2 3945E platform are described in this document.

Cisco 7200 Series Routers Summary

The Cisco 7200 Series Routers (which includes the Cisco 7301 Router) have been popular for both enterprise and service provider customers. They are found in networks that required high throughput and a very rich set of Layer 3 or Layer 2 features. In enterprise deployments, the Cisco 7200 Series Routers were typically used for WAN aggregation, IPsec aggregation, and Internet edge scenarios.

The Cisco 7200 Series Routers performed well in earlier deployments, but new features cannot function on the old hardware. Internally, the Cisco 7200 Series Routers have a single CPU responsible for some router functions and line cards (Port Adapter cards) responsible for some functions such as hardware offload. For secure VPN capability, an external IPsec card, known as the Cisco VPN Service Adapter module (VSA), provides encryption based features. Furthermore, the Cisco 7200 Series Routers had a replaceable Network Processing Engine (NPE) card that was responsible for the core router functions, and was upgradable over time to keep the performance high. However modern features, especially IPv6 and application visibility, consume a large amount of resources, which the Cisco 7200 Series Routers do not possess. Route reflector capabilities are poor due to the limited memory on the Cisco 7200 Series Routers. Modern encryption technologies such as Internet Key Exchange Version 2 (IKEv2) and MACsec require specialized hardware support.

Twenty years since the introduction of the Cisco 7200 Series Routers, there have been dynamic changes in customer needs, and many customers will have requirements for next generation networks. Cisco has announced End-of-Sale (EoS) and End-of-Life (EoL) dates for the Cisco 7200 Series Routers, and in most cases the direct replacements are the Cisco ASR 1000 Series Routers. In some cases, a more suitable replacement may be the Cisco ISR 4451-X routers or the Cisco ISR G2 3945E routers.

In course of time, support for the Cisco 7200 Series Routers will be stopped. See the following link for details about the EoS and EoL announcements:

Do I Need to Migrate?

Many customers have already migrated off the Cisco 7200 Series Routers by now. The table below helps you determine if a platform replacement is essential and what benefits exist for your desired requirements:

Table 1 Requirements and Platform Replacements 

Cisco 7200 Support
Cisco ASR 1000/ISR 4451-X/ISR G2 3945E support

IPv6 Capability

Performance dramatically drops on the Cisco 7200 Series Routers when IPv6 features are enabled. As a result, the option to enable IPv6 feature is not present for many features inside the Cisco 7200 Series Routers.

These routers are designed for IPv4 and IPv6 capability. Until networks are all IPv6, there will be a need to co-exist with IPv4, using IPv6 transition technologies. All the following three families of IPv6 transition technologies are supported by the Cisco ASR 1000 Series Routers:

Dual Stack



Secure VPN and other technologies are IPv6 enabled. Locator/ID Separation Protocol (LISP) support is built-in.

Cloud capability

The Cisco 7200 Series Router offers little to Layer 4 and beyond capabilities. It was designed at a time when services ran locally in customer branch offices.

Cisco is the first vendor to incorporate Cloud Connectors into routers. Cisco Intelligent WAN (iWAN) is a unique innovation that can maintain application-specific path selection under changing conditions. It ensures applications work speedily across any transport and works around blackout/brownout conditions.

Overlay Transport Virtualization (OTV) technology is scalable and does not suffer from flooding, and it is also not restricted to Multiprotocol Label Switching (MPLS) networks. It is a unique solution for Layer 2 connectivity, designed from the ground up to support Cloud services.

The LISP Virtual Machine (VM) Mobility provides the capability to offer shortest path connectivity to data centers where data and applications reside, even when they move from data center to data center within a Layer 2 domain. LISP works across the private WAN or the public Internet.

Built-in denial of service/distributed denial of service (DoS/DDoS) protection

The Cisco 7200 Series Routers do not have a separated control and data plane.

The Cisco ISR G2 platforms offer Intrusion Prevention System (IPS) and firewall capability. The Cisco ISR 4451-X and Cisco ASR 1000 Series Routers have a very high throughput zone based firewall. The Cisco ASR 1000 Series Routers have a very high session set-up rate for the zone based firewall capability, and it can sustain throughput up to 36 Gbps on a 2 RU sized platform and far higher (for the larger platforms). Unlike other routers, the Cisco routers are extremely rich in security features. Application Layer Gateways (ALGs) are present. Border control is available for voice and video applications.

Medianet and Business Video Capability

These features are not present on the Cisco 7200 Series Routers.

The Medianet solution offers the tools to ensure end-to-end delivery of voice and video applications for businesses, and it enables HD and multi-HD immersive video conferencing solutions.

Built-in Encryption

The Cisco 7200 Series Routers have an optional hardware crypto card known as a VSA module. It has limited throughput and does not support modern technologies.

Cisco routers support the ability for users to connect from anywhere including mobile devices using Cisco AnyConnect and FlexVPN. Businesses can reduce WAN costs for remote offices, by having a DSL connection as a backup connection secured using DMVPN, and use the high performing GET VPN encryption for Multi Protocol Label Switching (MPLS). Both of these solutions are highly scalable and are zero-touch as additional branch offices are added. The Cisco ISR 4451-X and Cisco ASR 1000 Series Routers use dedicated hardware, built-in for crypto capability. It scales to beyond 60 Gbps of sustained secure VPN traffic depending on the size of platform chosen.

Cisco TrustSec/Security Policy

This solution is not present on the Cisco 7200 Series Routers.

There are extremely strong reasons to have security policies that are based on the user and the data that is being accessed. The best way to achieve contextual security is with the data-centric security solution provided by Cisco TrustSec. Different departments or different users can be restricted to accessing data that they need in acceptable access contexts. It can also prevent security risks with running multiple department servers and databases within the same data centre or on virtual machines or unauthorized LAN access. These benefits are not possible to achieve with access control lists (ACLs) or firewalls. Cisco TrustSec is supported on Cisco routers and switches. MACsec is a point-to-point encryption technology that can secure LAN traffic using a highly secure cipher. It requires dedicated hardware present in some Cisco routers.

Application Visibility and Control (AVC)

This feature is not present on the Cisco 7200 Series Routers.

AVC greatly simplifies network management by identifying, analyzing, and graphically displaying all the application usage within the network. For example, it will show how many users are using Skype, browsing the Internet, and so on. It can identify individual cloud applications and identify the location of delays (such as LAN, WAN, server, cloud service provider). The details from AVC can be used by the Cisco ASR 1000 Series Routers to automatically classify traffic, for better Quality of Service, such that users have a better experience. Traffic policing and shaping can be directly applied to specific applications rather than to destination IP addresses. Application specific bandwidth guarantees can be applied. Per-application traffic can be shaped before entering a secure VPN tunnel on the same router. All these features are supported on the Cisco router platforms.

Programmable Networks using Cisco ONE

This feature is not present on the Cisco 7200 Series Routers.

Cisco Open Network Environment (ONE) provides an API-based, deep programmatic access into Cisco devices. This allows customers to create new solutions rapidly using a task-based programming interface without needing to understand protocols, message formats, and the associated compatibility concerns. It is possible for system integrators and web developers to rapidly deploy new solutions using Cisco hardware. Cisco ONE is supported on Cisco routers.

Single coordinated management and streamlined configuration platform

This is not available for the Cisco 7200 Series Routers.

Cisco Prime Infrastructure provides a complete management platform. It allows for configurations to be speedily created and quickly deployed across the enterprise. New branch office switch and router configuration is a simple click-and-deploy exercise. Businesses can create their own configuration scripts, and many are supplied, based on validated and well documented designs in the Cisco Borderless Networks deployment guides. Cisco routers also integrate well with third party network management for customers who prefer that approach, using standards based interfaces.

Unified Border Element for voice and video applications

This is not available for the Cisco 7200 Series Routers.

Businesses that use voice and video services can benefit from Cisco Unified Border Element (CUBE) functionality. It allows for compatibility with service provider voice connections and with voice and video conferencing devices. It also protects the business from malicious software and network attacks targeting specific voice and video protocols.

Migration Hardware Options

Table 1 provides summary of suitable replacements for the modern networks. All these routers provide a comparable or an increased level of performance combined with support for all the modern feature richness in Cisco IOS and Cisco IOS XE. These routers are considered feature-rich; they offer built-in Layer 2, Layer 3 and higher layer features such as secure VPN, deep layer 7 application visibility, voice and video features and cloud application performance, and acceleration enabling. The Cisco ISR G2 Series Routers run the traditional Cisco IOS operating system. The Cisco ISR 4451-X and Cisco ASR 1000 Series Routers runs the same Cisco IOS as a process on top of a hardened Linux kernel and is named Cisco IOS XE. From a configuration and management standpoint, there is no difference between Cisco IOS and Cisco IOS XE; both look identical. Internally, Cisco IOS XE allows for massive scalability and high performance because certain feature execution can be moved off the Cisco IOS process into multi-cored CPUs within the data plane.

Cisco ASR 1000 Series Aggregation Services Routers

Cisco ASR 1000 Series Routers were developed as a direct replacement for Cisco 7200 Series Routers. Cisco ASR 1000 Series Routes are feature-rich edge routers that address the complex requirements of the modern networks. These routers meet the needs of both service providers and enterprises. They are available in sizes ranging from 1 rack unit (RU) to 13 RU. The feature set is common across the 1 RU to 13 RU size range. The only difference is performance and level of hardware redundancy that may be needed. In most cases, the 2 RU sized Cisco ASR 1002-X will be the appropriate replacement. It offers switchable performance from 2.5 Gbps up to 36 Gbps with no hardware upgrade. Note that the performance is sustained even when multiple built-in features such as secured VPN technology and a zone-based firewall are switched on. Cisco ASR 1000 Series Routers were developed to sustain multiple features beyond traditional routing protocols and packet forwarding.

Cisco ASR 1006 will be most suitable for networks that need a high level of redundancy. For networks that have grown dramatically or need a very large amount of network interfaces (for either Layer 3 or Layer 2), the 13 RU sized Cisco ASR 1013 may be considered. For branch use, Cisco ASR 1001 or Cisco ASR 1002-X will be most appropriate. For WAN aggregation and Internet Edge use with full internal hardware resiliency, Cisco ASR 1006 should be considered. Cisco ASR 1002-X is also a suitable platform, and it offers inter-chassis resiliency capability. The entire Cisco ASR 1000 Series Routers have a fully separated data plane that is hardened against DoS attacks.

Cisco ISR 4451-X

For deployments that need throughput up to a ceiling of 2 Gbps, the new Cisco ISR 4451-X is a cost-effective option. It again offers switchable performance (no hardware upgrade needed) of 1 Gbps or 2 Gbps. The Cisco ISR 4451-X offers a broadly near-identical set of features as the Cisco ASR 1000 Series Routers. The Cisco ISR 4451-X runs the same operating system and software release numbering is identical to Cisco ASR 1000 Series Routers. The Cisco ISR 4451-X can also accept Cisco Unified Computing System (UCS-E) cards for offloading certain features or for running customer-specific software inside virtual machines on a high performance multi-core Intel chipset. Cisco's full WAN Optimization solution can run on these cards, offering built-in Citrix acceleration as part of its capabilities. The Cisco ISR 4451-X can be a suitable replacement for Branch, WAN aggregation, or Internet edge locations.

Cisco ISR G2 3945E

The Cisco ISR G2 Series Routers offer feature richness, unified communications including Digital Signal Processor (DSP) capabilities for voice and video and security functions such as IPS, Firewall, and web security, and content filtering. Cisco UCS-E cards enable additional features such as rich WAN optimization capabilities. The Cisco 3945E is ideal for branch deployments where the high performing Cisco ISR 4451-X or Cisco ASR 1000 Series Routers are not needed.

How to Migrate

Virtually, all existing Cisco 7200 Series Routers features are supported on modern Cisco routers. Some very old features that customers are no longer using in modern networks are no longer supported on the newer replacement offerings.

The information provided here is designed to help you accurately determine the platform that will meet all your requirements.

If you wish to make the determination yourself, follow the three-step process described below. If you have a unique service offering or any special concern, contact your Account Team directly. If you need Cisco to perform the determination and to create an entire plan for migration and assistance during the migration, there are Cisco Advanced Services order codes that should be used. The order codes are ASF-SP0-NGN-UPG1, ASF-SP0-NGN-UPG1 or ASF-SP0-NGN-UPG2. These codes can be requested from your Account Team.

Three-Step Process

The process is:

1. Check the Feature Incompatibility and Workaround Table.

2. Check Feature Navigator online for any feature you are unsure about.

3. The determination is complete—You are ready to order, configure (via CLI or management platform), and get your network devices ready for testing before going live.

If you are unsure at any stage, contact Cisco.

Feature Incompatibility and Workaround Table

The table below helps you determine the features that are incompatible and the corresponding workaround:

Table 2 Feature Incompatibility and Workaround 

Feature or Scenario


ISDN/PRI functionality is used to allow Enterprise or SP customers to connect voice calls from the network (for example from Softphones) to PBXs such as Nortel Meridian or Siemens.

Many customers have moved to SIP trunks, and therefore the Cisco ASR 1000 Series Routers only support ISDN/PRI voice capability in a L2TP Access Concentrator (LAC) deployment model. For all other ISDN/PRI voice capability the Cisco ISR G2 Routers are recommended.

SNMP MIB support

SNMP MIB support is used for network management (NM) purposes.

SNMP is supported on the replacement platforms. Always ensure that platform-specific MIBs are incorporated into your NM platforms. The Cisco ASR 1000 Series Routers and Cisco 4451-X reference is here:

Encryption - SSL VPNs

Secure Sockets Layer (SSL) is used for encrypted remote access (for example home user). It is sometimes desirable, because the SSL client software is built-in to many computer operating systems. The Cisco AnyConnect client supports both SSL and IPsec. The client is available on mobile handsets too (Apple/Android).

This feature is not expected to be available on the Cisco ASR 1000 Series Routers until the end of 2014. The workaround is either to use Cisco ISR G2 Routers, or to switch to IPsec for remote access.

Intrusion Prevention System (IPS)

IPS uses deep packet inspection capability to prevent against threats including worms and viruses.

This functionality is not available on the Cisco ASR 1000 Series Routers. The workaround is to use Cisco ASA CX or Cisco ISR 4451-X, or Cisco ISR G2 platforms.

Network Management - Netflow top talkers

This functionality is used to identify the heaviest users of a network for network management purposes. The router reports the information via the Netflow protocol to a server.

Today, this feature is not available on the Cisco ASR 1000 Series Routers but may be available towards the end of 2014. There are far better methods available today. Cisco AVC is supported on the Cisco ASR 1000 Series Routers, Cisco ISR G2, and Cisco ISR 4451-X platforms and can provide a far more detailed inspection, and can also assist in providing QoS classification.

Security / Encryption: public key infrastructure (PKI) Server (Certificate Authority)

Certificate authorities are part of the infrastructure that allows devices to know who they are talking to, and to ensure no other device can see the information content. It forms part of Transport Layer Security (TLS) used for web traffic for example. Usually, the role of the CA in the infrastructure is part of Microsoft Windows Server, or Linux Server functionality, but it can also run on some Cisco routers.

The Cisco ASR 1000 Series Routers do not support this capability. The workaround is to use the Cisco ISR G2 Router.

Which Platform is most Suitable?

Once you have determined that the features you require are supported, in general any router within a series will be suitable. With the Cisco ASR 1000 Series Routers, the differences between the platforms relate to performance and level of redundancy. The larger platforms are capable of higher throughput. A typical choice is the Cisco ASR 1002-X platform which can be purchased to support 2.5 Gbps of performance (with features) but can be turned up to 36 Gbps with no hardware swap-out needed.

For highly resilient WAN aggregation and Internet Edge scenarios the Cisco ASR 1006 platform is more suitable because it can continue to operate with hardware failures within the chassis. The smaller Cisco ASR 1000 series platforms offer software-based resiliency with multiple redundant IOS processes running on the Linux kernel in IOS XE, and hardware based redundancy using protocols such as Hot Standby Router Protocol (HSRP) operating between devices.

For lower throughput scenarios or for scenarios that require in-box WAN acceleration, the Cisco ISR 4451-X is the most suitable platform.

If an unusual feature is needed that is not supported on the Cisco ASR 1000 or Cisco ISR4451-X platforms, then the Cisco ISR G2 3945E should be considered.

Frequently Asked Questions

1. What if further assistance is needed?

The Cisco 7200 Series Routers have been successfully migrated to more modern Cisco routers in thousands of customer networks over the past two years. So, we are confident that all common Cisco 7200 scenarios have been addressed or enhanced. If it is possible for Cisco to obtain a copy of your router configuration file then it can be submitted to your Account Team. The router configuration file will be checked for any CLI that has been deprecated, and workarounds suggested.

2. Is there a list of every single feature that is not supported on replacement hardware?

There are hundreds of thousands of command line combinations in IOS, of which we believe very few are not supported today. They are the ones which are either removed because the scenarios have become outdated, or ones that are uncommon and not likely to be required by any customer, or are planned for a later release.

Further Information

General Product Information landing page for Cisco ASR 1000 videos, announcements and data sheets

Port adapters

Cisco 4451-X Data Sheet

Cisco 3954E Data Sheet

Feature Information

Feature Navigator

Network Management

Cisco Prime Infrastructure including free evaluation copy

Cisco ASR 1000 Ordering Guide

Ordering guide including example bill-of-materials

Cisco 4451-X Ordering Guide

Cisco 3945E Ordering Guide

The C3945E-AX/K9 order code provides the Application Experience (AX) router which includes licenses to run Cisco WAAS and Cisco AVC

Software Configuration Guides

Cisco ASR 1000 Aggregation Services Routers Software Configuration Guide

Cisco 4451-X

Cisco 3945E

End-of-Sale Announcements

Cisco 7200 EoS announcement

Cisco 7301 EoS announcement

Cisco 7200 series port adapter EoS announcement