Guest

Cisco Aironet 350 Series

Release Notes for Cisco Aironet Access Points and 350 Series Bridges Running Firmware Version 11.21

  • Viewing Options

  • PDF (253.2 KB)
  • Feedback
Release Notes for Cisco Aironet 340 and 350 Series Access Points and 350 Series Bridges

Table Of Contents

Release Notes for Cisco Aironet 340 and 350 Series Access Points and 350 Series Bridges

Contents

Introduction

New Features

Installation Notes

Portions of Configuration Might be Lost During Upgrade from 11.21 to 11.23T

Installation in Environmental Air Space

Antenna Installation

Power Considerations

System Requirements

Version Supported

Upgrading to a New Firmware Release

Determining the Firmware Version

Upgrade Procedure

Limitations and Restrictions

Cisco Aironet 350 Series Bridges Incompatible with 340 Series Bridges

Removing Power During Firmware Update Can Corrupt Radio Firmware

EAP Authentication Requires Matching 802.1x Protocol Drafts

Select WEP Key 1 as Transmit Key for EAP Authentication

MIB File Compatible with Firmware Version 11.00 and Later

Important Notes

Reboot of Workgroup Bridges Required When Allowing More Than 20

Cisco Discovery Protocol Re-Enabled for Individual Interfaces on Reboot

Caveats

Getting Bug Information on Cisco.com

Open Caveats

Resolved Caveats

Troubleshooting

Related Documentation

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Cisco TAC Web Site

Cisco TAC Escalation Center


Release Notes for Cisco Aironet 340 and 350 Series Access Points and 350 Series Bridges


April 5, 2002

These release notes describe features and caveats for Cisco Aironet 340 and 350 Series Access Points and 350 Series Bridges running firmware version 11.21.

Contents

Introduction

New Features

Installation Notes

Limitations and Restrictions

Important Notes

Caveats

Troubleshooting

Obtaining Documentation

Obtaining Technical Assistance


Caution If an access point or bridge configuration contains host names (ftp.cisco.com, for example) instead of IP addresses in one or more configuration fields, the access point or bridge might lose some or all of its configuration when you upgrade the firmware from 11.21 to 11.23T. Use IP addresses instead of host names in all configuration fields when upgrading from 11.21 to 11.23T.

Introduction

Cisco Aironet Access Points are wireless LAN transceivers that can act as the connection point between wireless and wired networks or as the center point of a standalone wireless network. Cisco Aironet Bridges are wireless LAN transceivers that connect two or more remote networks into a single LAN.

The access point and bridge use a browser-based management system. The system settings are on web pages in the system firmware. You use your internet browser to view and adjust the system settings.

When you install firmware version 11.21 on your access points and bridges, you can:

Turn off Spanning Tree Protocol (STP) on non-root bridges.

Associate up to 50 Cisco Aironet Workgroup Bridges to an access point or bridge.

Combine MAC-Based, EAP, and 802.11 Open Authentication.

Use SNMP commands to manage firmware and configuration files.

New Features

Firmware version 11.21 includes these new software features:

Ability to turn off Spanning Tree Protocol (STP) on non-root bridges.

With firmware version 11.21, you can maintain a bridge link when STP is disabled on a non-root bridge. See the "STP Enabled/Disabled" section on page 5-18 of the Cisco Aironet 350 Series Bridge Software Configuration Guide for instructions on disabling STP on non-root bridges.

Ability to associate up to 50 workgroup bridges to an access point or bridge.

With firmware version 11.21, you can select no for the new Classify Workgroup Bridges as Network Infrastructure setting to allow up to 50 workgroup bridges to associate to the access point. The default setting, yes, limits the number of workgroup bridges that can associate to the access point to an absolute limit of 27 and to a practical limit of around 20.


Note When you select no for the Classify Workgroup Bridges as Network Infrastructure setting, you must reboot workgroup bridges associated to the access point.


Access points and bridges normally treat workgroup bridges not as client devices but as infrastructure devices, like access points or bridges. Treating a workgroup bridge as an infrastructure device means that the access point or bridge reliably delivers multicast packets, including Address Resolution Protocol (ARP) packets, to the workgroup bridge.

The performance cost of reliable multicast delivery—duplication of each multicast packet sent to each workgroup bridge—limits the number of infrastructure devices, including workgroup bridges, that can associate to the access point or bridge. To increase beyond 27 the number of workgroup bridges that can associate to the access point or bridge, the access point or bridge must reduce the delivery reliability of multicast packets to workgroup bridges. With reduced reliability, the access point or bridge cannot confirm whether multicast packets reach the intended workgroup bridge, so workgroup bridges at the edge of the access point's or bridge's coverage area might lose IP connectivity. When you treat workgroup bridges as client devices, you increase performance but reduce reliability.

Click this link to consult the Cisco Aironet Access Point Software Configuration Guide for more information on this feature:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350scg/ap350ch3.htm#11743

Ability to combine MAC-Based, EAP, and 802.11 Open Authentication.

With firmware version 11.21, you can set up access points and bridges to authenticate client devices using a combination of MAC-based and EAP authentication. When you enable this feature, client devices that associate to the access point or bridge using IEEE 802.11 open authentication first attempt MAC authentication; if MAC authentication succeeds, the client device joins the network. If MAC authentication fails, the access point or bridge waits for the client device to attempt EAP authentication. Click this link to consult the Cisco Aironet Access Point Software Configuration Guide for more information on this feature:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350scg/ap350ch4.htm#xtocid22

Ability to use SNMP commands to manage firmware and configuration files.

With firmware version 11.21, you can use SNMP object identifiers (OIDs) added to the access point and bridge MIB (AWCVX-MIB.my) to manage firmware and configuration files. You can find the latest version of the access point and bridge MIB at this URL:

http://www.cisco.com/public/sw-center/sw-wireless.shtml

The new OIDs correspond directly to buttons on the browser-based user interface. Table 1 lists and describes the new OIDs.

Table 1 New OIDs in Access Point and Bridge MIB 

OID
Corresponds to Interface
Description

bootconfigCmdInvokeIniLoad (bootconfigCmdStatusIniLoad provides status for Load command)

Load Now button on the Boot Server Setup page; Read Config File From Server button on the System Configuration Setup page

Tells the access point or bridge to read an .ini file from the BOOTP, DHCP, or default file server.

awcFileXferCmdInvokeFileLoad (awcFileXferCmdStatusFileLoad provides status for Load command)

Update From Server button on the Update All Firmware From File Server page; Fully Update Firmware From File Server button on the Cisco Services Setup page

Tells the access point or bridge to load all firmware components from the default file server.

awcFileXferCmdInvokeFileSave (awcFileXferCmdStatusFileSave provides status for Save command)

Save to Server button on the Update All Firmware From File Server page

Tells the access point or bridge to save all firmware components to the default file server.

cmdInvokeGetWebUI (cmdStatusGetWebUI provides status for the GetWebUI command)

Load Now button on the Web Server Setup page

Tells the access point or bridge to load the auxiliary user interface pages specified on the Web Server Setup page.


Installation Notes

You can find the latest release of access point and bridge firmware at this URL:

http://www.cisco.com/public/sw-center/sw-wireless.shtml

Portions of Configuration Might be Lost During Upgrade from 11.21 to 11.23T

If an access point or bridge configuration contains host names (ftp.cisco.com, for example) instead of IP addresses in one or more configuration fields, the access point or bridge might lose some or all of its configuration when you upgrade the firmware from 11.21 to 11.23T. Use IP addresses instead of host names in all configuration fields when upgrading from 11.21 to 11.23T.

Installation in Environmental Air Space

Cisco Aironet 350 Series Bridges and metal-case access points are suitable for use in environmental air space in accordance with Section 300-22(c) of the National Electrical Code.


Caution The Cisco Aironet power injector has a smaller operating temperature range (32 to 104 oF; 0 to 40 oC) than the 350 series bridge and metal-case access point. The power injector is not intended for use in extremely high or low temperatures or in environmental air spaces, such as above suspended ceilings.

Antenna Installation

For instructions on the proper installation and grounding of external antennas, refer to the National Fire Protection Association's NFPA 70, National Electrical Code, Article 810, and the Canadian Standards Association's Canadian Electrical Code, Section 54.


Warning Do not locate the antenna near overhead power lines or other electric light or power circuits, or where it can come into contact with such circuits. When installing the antenna, take extreme care not to come into contact with such circuits, as they may cause serious injury or death.


Power Considerations


Caution The operational voltage range for 350 series access points and bridges is 24 to 60 VDC, and the nominal voltage is 48 VDC. Voltage higher than 60 VDC can damage the equipment.


Caution Cisco Aironet power injectors are designed for use with 350 series access points and 350 series bridges only. Do not use the power injector with any other Ethernet-ready device. Using the power injector with other Ethernet-ready devices can damage the equipment.

System Requirements

You must have a 340 or 350 series access point or a 350 series bridge to install firmware version 11.21.

Version Supported

Your access point must be running firmware version 10.x or later to install firmware version 11.21. Your bridge must be running version 11.07 or later to install firmware version 11.21.

Upgrading to a New Firmware Release

Determining the Firmware Version

The firmware version number is in the upper-left corner of most management screens in the web-browser interface and at the top of the home (Summary Status) page in the command-line interface.

Upgrade Procedure

For instructions on installing access point and bridge firmware:

1. Follow this link to the Cisco Aironet documentation home page:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/index.htm

2. Follow this path to the product, document, and chapter:
Aironet 350 Series Wireless LAN Products > Cisco Aironet 350 Series Access Points > Cisco Aironet Access Point Software Configuration Guide > Maintaining Firmware > Updating Firmware

3. Follow this link to the Software Center on Cisco.com and download firmware version 11.21:

http://www.cisco.com/public/sw-center/sw-wireless.shtml


Note To upgrade firmware from a file server, you must enter settings on the access point's or bridge's FTP Server Setup page. Refer to the "Updating from a File Server" section on page 6-5 in the Cisco Aironet Access Point Software Configuration Guide for more information.


Limitations and Restrictions

This section describes limitations and restrictions for 340 and 350 series access points and 350 series bridges.

Cisco Aironet 350 Series Bridges Incompatible with 340 Series Bridges

Cisco Aironet 340 and 350 Series Bridges can be connected to the same LAN segments, but they cannot communicate wirelessly. Although you can disable STP on non-root 350 series bridges, 350 and 340 series bridges are not designed to interoperate. If you use both 340 and 350 series bridges on your network, make sure the 340 series bridges have radio bridge links only to other 340 series bridges, and that 350 series bridges have radio bridge links only to other 350 series bridges.

Removing Power During Firmware Update Can Corrupt Radio Firmware

When you update the firmware on an access point or bridge, allow the unit to finish its start-up sequence before removing power. If you update the firmware and remove power before the unit finishes the start-up sequence, the radio firmware might be corrupted, making the unit inoperable. If the radio firmware is corrupted, the radio indicator (the bottom of the three indicators on top of the access point or bridge) lights steady red, and the following error message appears when the access point or bridge starts up:

Failed to start driver for port "awc0" (errno=0x006d0002)

If the radio firmware is corrupted, you should try to reset the unit to factory defaults using the :resetall command in the CLI; see the "Resetting to the Default Configuration" section on page 9-44 of the Cisco Aironet Access Point Software Configuration Guide for instructions on resetting the access point. If the unit cannot be reset to defaults, you must return the unit to Cisco for service.

You can safely remove power after a firmware update when the configuration management pages reappear in the command-line or web-browser interfaces, or when the three status indicators on top of the unit complete the following pattern:

1. All three indicators are steady green, meaning that the access point is beginning to update the firmware.

2. The middle indicator is steady green and the top and bottom indicators are off, indicating that the access point or bridge is updating the radio firmware.

When the middle indicator blinks or the top and bottom indicators blink, you can remove power.

EAP Authentication Requires Matching 802.1x Protocol Drafts


Note This section applies to wireless networks set up to use LEAP. If you do not use LEAP on your wireless network, you can skip this section.


Wireless client devices use Extensible Authentication Protocol (EAP) to log onto a network and generate a dynamic, client-specific WEP key for the current logon session. If your wireless network uses WEP without EAP, client devices use the static WEP keys entered in the Aironet Client Utilities.

If you use Network-EAP authentication on your wireless network, your client devices and access points must use the same 802.1x protocol draft. For example, if the radio firmware on the client devices that will associate with an access point is 4.16, the access point should be configured to use Draft 8 of the 802.1x protocol. Table 1 lists firmware versions for Cisco Aironet products and the draft with which they comply.

Table 1 802.1x Protocol Drafts and Compliant Client Firmware 

Firmware Version
Draft 7
Draft 8
Draft 10 1

PC/PCI cards 4.13

x

PC/PCI cards 4.16

x

PC/PCI cards 4.23

x

PC/PCI cards 4.25 and later

x

WGB34x/352 8.58

x

WGB34x/352 8.61 or later

x

AP34x/35x 11.05 and earlier

x

AP34x/35x 11.06 and later2

x

x

AP34x/35x 11.07 and later

x

x

AP34x/35x and BR35x 11.21

x

x

1 The functionality in Draft 10 is equivalent to the functionality in Draft 11, the ratified draft of the 802.1x standard.

2 The default draft setting in access point and bridge firmware version 11.06 and later is Draft 10.



Note Draft standard 8 is the default setting in firmware version 11.05 and earlier, and it might remain in effect when you upgrade the firmware to version 11.06 or later. Check the setting on the Authenticator Configuration page in the management system to make sure the best draft standard for your network is selected.


Use the Authenticator Configuration page in firmware version 11.06 or later to select the draft of the 802.1x protocol the access point or bridge radio should use. Follow these steps to set the draft for your access point or bridge:


Step 1 Browse to the Authenticator Configuration page in the access point management system:

a. On the Summary Status page, click Setup.

b. On the Setup page, click Security.

c. On the Security Setup page, click Authentication Server.

Step 2 Use the 802.1x Protocol Version (for EAP authentication) pull-down menu to select the draft of the 802.1x protocol the access point or bridge radio should use. Menu options include:

Draft 7—No radio firmware versions compliant with Draft 7 have LEAP capability, so you should not need to select this setting.

Draft 8—Select this option if LEAP-enabled client devices that associate with this access point or bridge use radio firmware versions 4.13, 4.16, or 4.23.

Draft 10—This is the default setting in firmware versions 11.06 and later. Select this option if client devices that associate with this access point or bridge use Microsoft Windows XP EAP authentication or if LEAP-enabled client devices that associate with this access point or bridge use radio firmware version 4.25 or later. The functionality in Draft 10 is equivalent to the functionality in Draft 11, the ratified draft of the 802.1x standard.

Step 3 Click Apply or OK to apply the setting. The access point or bridge reboots.


Select WEP Key 1 as Transmit Key for EAP Authentication

If you use Network-EAP as the authentication type on your wireless network, you must select key 1 as the transmit key on the access point or bridge AP Radio Data Encryption page. The access point or bridge uses the WEP key you enter in key slot 1 to encrypt multicast and broadcast data signals that it sends to EAP-enabled client devices. Because the access point or bridge transmits the WEP key used for multicast messages to the EAP-enabled client device during the EAP authentication process, that key does not have to appear in the EAP-enabled device's WEP key list. The access point or bridge uses a dynamic WEP key to encrypt unicast messages to EAP-enabled clients. When you set up a non-root bridge or repeater access point to authenticate as a LEAP client, the bridge or repeater derives a dynamic WEP key and uses it to communicate with the root bridge or access point. Bridges and repeaters not set up for LEAP authentication use static WEP keys when communicating with other bridges and access points.


Note If you do not use EAP authentication on your wireless network, you can select any WEP key as the transmit key. If you use EAP authentication and you enable broadcast key rotation, you can enable WEP without entering WEP keys.


MIB File Compatible with Firmware Version 11.00 and Later

The access point MIB file (AWCVX-MIB) is supported only by access point firmware version 11.00 and later. Earlier versions of firmware do not support this MIB. You can download the access point MIB at http://www.cisco.com/public/sw-center/sw-wireless.shtml.

Important Notes

This section lists important information about access points and bridges running firmware version 11.21.

Reboot of Workgroup Bridges Required When Allowing More Than 20

With firmware version 11.21, you can select no for the Classify Workgroup Bridges as Network Infrastructure setting on the AP/Root Radio Advanced page to allow up to 50 workgroup bridges to associate to the access point or bridge. When you select no for this setting, you must reboot workgroup bridges associated to the access point or bridge.

Cisco Discovery Protocol Re-Enabled for Individual Interfaces on Reboot

The Cisco Discovery Protocol (CDP) feature is enabled by default, and CDP is enabled for each of the access point's or bridge's individual interfaces by default. However, if you disable CDP for one of the individual interfaces, the access point or bridge re-enables CDP for that interface when it reboots. If you disable CDP completely, the access point or bridge does not re-enable CDP on reboot.

Caveats

This section lists open and resolved software issues in firmware version 11.21.

Getting Bug Information on Cisco.com

If you are a registered Cisco user, you can use the Cisco TAC Software Bug Toolkit, which consists of three tools (Bug Navigator, Bug Watcher, and Search by Bug ID Number) that help you identify existing bugs (or caveats) in Cisco software products.

Access the TAC Software Bug Toolkit at http://www.cisco.com/support/bugtools/.

Open Caveats

The following caveats have not been resolved for firmware version 11.21:

CSCdx03420—Radio might shut down when upgrading firmware.

When you upgrade access point or bridge firmware, the unit's radio might shut down. Workaround: Select yes for the Require use of Radio Firmware X.XX setting on the AP/Root Radio Advanced page and follow the upgrade steps again.

CSCdx07970—Cannot restore defaults on the CLI's Ethernet Protocol Filters and Root Radio Protocol Filters pages.

The Restore Defaults feature does not work on the CLI's Ethernet Protocol Filters and Root Radio Protocol Filters. Workaround: Use the web-browser interface to restore defaults on the Ethernet Protocol Filters and Root Radio Protocol Filters pages.

CSCdx11703—Hot standby packets can flood the network.

Each time a standby access point checks the status of the access point it is monitoring, it sends 11 probe packets. If you have several access points on your network set up for hot standby, the probe packets can overload your network. Workaround: Enter a higher value for the Polling Frequency setting on the Hot Standby page. For example, instead of polling the monitored access point every few seconds, enter 600 in the Polling Frequency entry field to poll the monitored access point every ten minutes.

CSCdw13878—Setting up hot standby when monitored access point's radio is disabled locks up standby access point.

If the radio is disabled on the monitored access point when you set up the standby access point, the standby access point reports an initialization failure and must be rebooted. Workaround: Make sure the monitored access point's radio is working when you set up the standby access point.

CSCdw16742—Broadcast key rotation does not work with repeater access points and non-root bridges. When broadcast key rotation is enabled on a repeater access point or on a non-root bridge that is authenticated to the network using LEAP, data cannot be passed between the repeater or non-root bridge and the root bridge or access point. Workaround: Do not use broadcast key rotation on a non-root bridge or a repeater access point.

CSCdx19068—Unlimited LEAP logins configuration on ACS server can lock out roamed clients.

When the ACS server's session policy is configured for other than unlimited simultaneous LEAP logins and a LEAP-enabled client device roams away from the access point or bridge long enough for a STOP record to appear in the Radius Accounting log, the client cannot reauthenticate until it is purged from the list of logged-in users on the ACS server. Workaround: Set the server's IETF (028) idle timeout attribute to a low value so the server ends the roamed client's session and the client can start a new session when it returns.

CSCdx19118—The access point or bridge reboots when more than 23 workgroup bridges are associated to it and you change one of these settings:

SSID on the Express Setup or AP/Root Radio Hardware pages

Classify Workgroup Bridges as Network Infrastructure on the AP/Root Radio Advanced page

Requested Status on the AP/Root Radio Advanced page from Up to Down and back to Up

CSCdx19270—When the Classify Workgroup Bridges as Network Infrastructure setting is set to yes on an access point or bridge with more than 23 workgroup bridges associated, the access point or bridge reboots when the workgroup bridges send small amounts of data. Workaround: Reduce the number of workgroup bridges associated to the access point or bridge, or change the Classify Workgroup Bridges as Network Infrastructure setting to no.

CSCdy58522--Access point or bridge loses portions of configuration when upgrading firmware from 11.21 to 11.23T. If an access point or bridge configuration contains host names (ftp.cisco.com, for example) instead of IP addresses in one or more configuration fields, the access point or bridge might lose some or all of its configuration when you upgrade the firmware from 11.21 to 11.23T. Workaround: Use IP addresses instead of host names in all configuration fields when upgrading from 11.21 to 11.23T.

CSCdw89705—When a non-root bridge roams from one root bridge to another, messages might appear in the logs of the root bridges stating that Ethernet devices connected to the non-root bridge and wireless client devices associated to the non-root bridge have roamed. You can ignore these messages.

Resolved Caveats

The following caveats have been resolved in firmware version 11.21:

Resolved: CSCdw00747—SNMP command no longer locks administrators out of access point or bridge. It is no longer possible to use an SNMP command to remove privileges from all users defined in the access point or bridge User Manager without disabling User Manager.

Resolved: CSCdu02040—Protocol filter settings no longer revert to defaults during filter setup.

Resolved: CSCdx07623—When a client requiring MAC address authentication tries to authenticate, the access point now sends one and only one MAC address authentication request to the AAA server.

Resolved: CSCdv10959—The Search for less-congested radio channel feature now works when World Mode is enabled.

Resolved: CSCdv16451—Antenna alignment test between a root and a non-root bridge no longer requires reboot of the root bridge.

Resolved: CSCdw18269—The Maximum Multicast Packets/Second setting now retains its value after the access point or bridge reboots.

Resolved: CSCdu19500—Access point no longer ignores vendor specific options from DHCP servers. Access points now recognize the vendor specific option (VSO) sent from DHCP servers in response to the access point's vendor class identifier, also called a DHCP identifier in the access point's web browser interface and CLI.

Resolved: CSCdw31106—STP no longer causes excessive number of dropped packets.

Resolved: CSCdt34104—Filters can now edited from the CLI.

Resolved: CSCdw37840—When you enter a LEAP username and password for a repeater access point or a non-root bridge on the Radio ID page and type apply, the password no longer disappears.

Resolved: CSCdu38857—Access point now displays a warning when it loads firmware from a fallback FTP server.

Resolved: CSCdv43046—Spanning Tree Protocol (STP) can now be disabled on 350 series bridges.


Note Although you can disable STP on non-root 350 series bridges, 350 series bridges should link only to other 350 series bridges, and 340 series bridges should link only to other 340 series bridges. The 350 and 340 series bridges are not designed to interoperate.


Resolved: CSCdt59703—Non-root bridges with DHCP enabled now successfully receive an IP address.

Resolved: CSCds71375—You can now navigate successfully from the Update Firmware pages to the FTP Server Setup through the CLI.

Resolved: CSCds71448—The FTP Server Setup page now retains settings entered through the CLI.

Resolved: CSCdu73907—When you use the Distribute Firmware feature, devices no longer install the distributed firmware if they are already running that firmware version.

Resolved: CSCdv88113—Enabling Message Integrity Check (MIC) without enabling WEP no longer blocks communication with associated client devices.

Resolved: CSCdw89810—Proxy servers no longer corrupt logs downloaded from access points and bridges.

Resolved: CSCdw89901—When you use an Ethertype filter to trace Aironet DDP packets, multicast packets originated by the access point or bridge now appear in the log.

Resolved: CSCdv90749—Access point's system time now maintains accuracy.

Troubleshooting

For the most up-to-date, detailed troubleshooting information, refer to the Cisco TAC website at http://www.cisco.com/tac. Select Wireless LAN under Top Issues.

Related Documentation

Use the following documents with this document:

Quick Start Guide: Cisco Aironet Access Points

Cisco Aironet Access Point Hardware Installation Guide

Cisco Aironet Access Point Software Configuration Guide

Quick Start Guide: Cisco Aironet 350 Series Bridges

Cisco Aironet 350 Series Bridge Hardware Installation Guide

Cisco Aironet 350 Series Bridge Software Configuration Guide

Obtaining Documentation

The following sections explain how to obtain documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following URL:

http://www.cisco.com

Translated documentation is available at the following URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation CD-ROM

Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Leave Feedback at the bottom of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.

Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to

Streamline business processes and improve productivity

Resolve technical issues with online support

Download and test software packages

Order Cisco learning materials and merchandise

Register for online skill assessment, training, and certification programs

You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.

Inquiries to Cisco TAC are categorized according to the urgency of the issue:

Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.

Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.

Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.

Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.

Cisco TAC Web Site

The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:

http://www.cisco.com/tac

All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:

http://www.cisco.com/register/

If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:

http://www.cisco.com/tac/caseopen

If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.

Cisco TAC Escalation Center

The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.

To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.