Table Of Contents
Release Notes for Cisco 800 Series Routers for Cisco IOS Release 12.0(7)XV
Determining the Software Version
Upgrading to a New Software Release
New Software Features in Release 12.0(7)XV
Common Application Programming Interface
New Hardware Features in Release 12.0(7)T
New Software Features in Release 12.0(7)T
TACACS+ on Cisco 800 Series Routers
Multicast Source Discovery Protocol
New Software Features in Release 12.0(5)T
Cisco IOS Firewall Feature Set for the Cisco 800 Series
Layer Two Tunneling Protocol (L2TP)
New Software Features in Release 12.0(4)T
Cisco IOS Firewall Feature Set for the Cisco 800 Series
Forwarding Incoming Call to Unused Port
New Features in Release 12.0(3)T
Automatic Detection of ISDN Switch and SPIDs
Problems Forwarding Incoming Call to Unused Port
Excessive ISDN Line Activation
Phone Mate Answering Machine Model 9200
NVRAM Data Storage Limitation in Release 12.0(4)T and Earlier
Affected Devices and Software Versions
Cisco IOS Software Documentation Set
Release 12.0 Documentation Set
Software Configuration Tips on the Cisco Technical Assistance Center Home Page
Release Notes for Cisco 800 Series Routers for Cisco IOS Release 12.0(7)XV
January 10, 2000
These release notes for Cisco 800 series support Cisco IOS Release 12.0(7)XV. These release notes are updated as needed to describe new features, memory requirements, hardware support, software platform deferrals, and changes to the microcode or modem code and related documents.
For a list of the software caveats that apply to Release 12.0(7)XV, see the Caveats for Cisco IOS Release 12.0 T document that accompanies these release notes. The caveats document is updated for every maintenance release and is located on Cisco Connection Online (CCO) and the Documentation CD-ROM. Use these release notes with Cross-Platform Release Notes for Cisco IOS Release 12.0 on CCO and the Documentation CD-ROM.
Contents
These release notes describe the following topics:
System Requirements
This section describes the system requirements for Release 12.0(7)XV:
•
Determining the Software Version
•
Memory Requirements
Hardware Supported
Cisco IOS Release 12.0(7)XV supports the following Cisco 800 series routers:
•
•
•
•
Caution
For detailed descriptions of the new hardware features, see New and Changed Information.
The Cisco 800 series routers provide the following key hardware features:
•
•
•
•
•
•
•
Determining the Software Version
To determine the version of Cisco IOS software running on your Cisco 800 series, log in to the router and enter the show version EXEC command:
router> show versionCisco Internetwork Operating System SoftwareIOS (tm) 800 Software (C800-Y6-MW), Version 12.0(7)XV, RELEASE SOFTWAREUpgrading to a New Software Release
For information on upgrading to a new software release, see the product bulletin Cisco IOS Software Release 12.0 T Upgrade Paths and Packaging Simplification (#819: 1/99) on CCO at:
http://www.cisco.com/warp/public/cc/cisco/mkt/ios/rel/120/prodlit/819_pp.htm.
Or, follow this path:
Service & Support: Software Center: Cisco IOS Software: Product Bulletins: Software
Under Cisco IOS 12.0, click Cisco IOS Software Release 12.0 T Upgrade (#819: 1/99).
Feature Set Tables
The Cisco IOS software is packaged in feature sets consisting of software images—depending on the platform. Each feature set contains a specific set of Cisco IOS features. Release 12.0(7)XV supports the same feature sets as Release 12.0 T, but Release 12.0(7)XV can include new features supported by the Cisco 800 series.
Table 3 Feature Sets Supported by the Cisco 800 Series
IP
Basic2
c800-y6-mw
Cisco 801-804
IP Plus
Plus3
c800-sy6-mw
Cisco 801-804
IP/IPX Plus
Plus
c800-nsy6-mw
Cisco 801-804
IP/Firewall
Basic
c800-oy6-mw
Cisco 801-804
IP/Firewall Plus
Plus
c800-osy6-mz
Cisco 801-804
(5)T
IP/FW/Plus/IPSEC56
Plus, IPSec 564
c800-osy656i-mw
Cisco 801-804
(5)T
IP/IPX/FW/IPSEC56/Plus
Plus, IPSec 56
c800-nosy656i-mw
Cisco 801-804
(5)T
1 The number in the "In" column indicates the Cisco IOS release when the image was first introduced. For example, (4)T means an image was introduced in Release 12.0(4)T. If a cell in this column is empty, the interface was included in the initial base release.
2 This feature set is offered in the basic feature set.
3 This feature set is offered in the Plus feature set.
4 This feature set is offered in the encryption feature sets, which consist of IPSec 56-bit (Plus IPSec 56) data encryption feature sets.
Caution
Table 4 and Table 5 list the features and feature sets supported by the Cisco 801-804 routers in Cisco IOS Release 12.0(7)XV. Both tables use the following conventions:
•
•
•
Note
Table 4 Feature List by Feature Set for the Cisco 801-804 Routers
IPSEC56 (VPN)
IPSEC56/
PlusPAT (NAT Overload)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
NAT
Yes
Yes
Yes
Yes
Yes
Yes
Yes
NAT with H.323
No
No
No
No
No
No
No
Call Forward (Sweden and Finland only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Call Forward Variable (North America only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Call Hold Retrieve (North America only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Call Transfer (North America only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Call Waiting
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Caller ID (North America only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Data-Over-Voice Bearer (North America only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Distinctive Ringing
Yes
Yes
Yes
Yes
Yes
Yes
Yes
ISDN-Voice Priority
Yes
Yes
Yes
Yes
Yes
Yes
Yes
GRE Tunneling
No
Yes
Yes
No
Yes
Yes
Yes
NAT
Yes
Yes
Yes
Yes
Yes
Yes
Yes
PAP, CHAP, MSCHAP, Local Password
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Auto SPID / Switch Detection
(3)T
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Cisco ConfigMaker
Yes
Yes
Yes2.
Yes
Yes
Yes
Yes
Cisco FastStep
Yes
Yes
Yes2
Yes
Yes
Yes
Yes
Configuration Express
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Easy IP Phase I and II (IPCP Address Negotiation and DHCP Server)
(3)T
Yes
Yes
Yes
Yes
Yes
Yes
Yes
TFTP Client and Server
Yes
Yes
Yes
Yes
Yes
Yes
Yes
AppleTalk
No
No
No
No
No
No
No
IP
Yes
Yes
Yes
Yes
Yes
Yes
Yes
IPX
No
No
Yes
No
No
No
Yes
NetBIOS Access Lists
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Transparent Bridging
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Cisco View
Yes
Yes
Yes
Yes
Yes
Yes
Yes
SNMP, Telnet, Console Port
Yes
Yes
Yes
Yes
Yes
Yes
Yes
SNTP
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Syslog
No
Yes
Yes
No
Yes
Yes
Yes
BGP
No
No
No
No
No
No
No
EGP
No
No
No
No
No
No
No
IGRP
No
No
No
No
No
No
No
IP Enhanced IGRP
No
Yes
Yes
No
Yes
Yes
Yes
IP Multicast (relay only)
No
Yes
Yes
No
Yes
Yes
Yes
IP-Policy Routing
No
Yes
Yes
No
Yes
Yes
Yes
IPXWAN
No
No
Yes
No
No
No
Yes
OSPF
No
No
No
No
No
No
No
RIP, RIPv2, Triggered RIP
Yes
Yes
Yes
Yes
Yes
Yes
Yes
AAA Radius
No
No
No
No
No
No
No
AAA TACACS+
No
No
No
No
No
No
No
Additional Vendor-Proprietary RADIUS Attributes
No
No
No
No
No
No
No
Authenticating ACL
No
No
No
No
No
No
No
Automated Double Authentication (server functionality)
No
No
No
No
No
No
No
Certificate Authority Interoperability3
No
No
No
No
No
No
No
Internet Key Exchange Security Protocol
No
No
No
No
No
No
No
IPSec Network Security
(5)T
No
No
No
No
No
Yes
Yes
IOS Firewall Phase I
–
No
No
No
Yes
Yes
Yes
Yes
–
No
No
No
Yes
Yes
Yes
Yes
–
No
No
No
Yes
Yes
Yes
Yes
–
No
No
No
Yes
Yes
Yes
Yes
IPSec Encryption with 56 bit DES
No
No
No
No
No
Yes
Yes
Lock and Key
Yes
Yes
Yes
Yes
Yes
Yes
Yes
LT2P
No
No
No
No
No
Yes
Yes
Named Method Lists for AAA Authentication & Accounting
No
No
No
No
No
No
No
Route and Router Authentication
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Token Card - Double Authentication
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Called Party Number Port
(5)T
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Frame Relay Encapsulation (for ISDN LL)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
ISDN Digital Subscriber Line (IDSL)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Frame Relay Inverse ARP
No
No
No
No
No
No
No
ISDN
Yes
Yes
Yes
Yes
Yes
Yes
Yes
ISDN Leased Line (up to 144 kbps)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
ML-PPP, PPP Compression
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Mobile IP
No
No
No
No
No
No
No
PPP over Frame Relay (RFC 1973)
No
No
No
No
No
No
No
(Remote) Common Application Programming Interface (CAPI & RCAPI)4
(7)XV
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Always On/Dynamic ISDN (AO/DI)
No
Yes
Yes
No
Yes
Yes
Yes
Bandwidth on Demand (BOD)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Dial on Demand (DDR)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
HRSP
No
No
No
No
No
No
No
IPX and SPX Spoofing
No
No
Yes
No
No
No
Yes
ISDN Caller ID Callback
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Snapshot Routing
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Stac Compression
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Time-based Access Lists
(3)T
Yes
Yes
Yes
Yes
Yes
Yes
Yes
X.25 ID
No
Yes
Yes
No
Yes
Yes
Yes
1 Advanced Telephone Features are available on the Cisco 803 and 804 routers only. These features require supplementary services from a telephone company.
2 The X.25 configuration feature requires the use of the Cisco command line interface (CLI).
3 Interoperability with Certification Authority servers from VeriSign is not supported for IPSec in Release 12.0(5)T and earlier releases on Cisco 800 series routers.
4 The CAPI and RCAPI feature is part of the base software image, therefore it is included in all images.
The Cisco 800 series routers also support the features listed in Table 5.
New and Changed Information
The following sections list the new hardware and software features supported by the Cisco 800 series for Release 12.0(7)XV:
New Software Features in Release 12.0(7)XV
The following new software feature is supported by Cisco 801-804 series routers for Release 12.0(7)XV and later releases:
Common Application Programming Interface
The Common Application Programming Interface (CAPI) is an application programming interface standard used to access ISDN equipment connected to Basic Rate Interfaces (BRIs) and Primary Rate Interfaces (PRIs). Remote Common Application Programming Interface (RCAPI) is the CAPI feature configured remotely from a PC client. CAPI provides the following features:
•
•
Figure 1 shows how CAPI connects applications, drivers, and controllers.
Figure 1 CAPI Connections
The framing protocols supported by CAPI include High-Level Data Link Control (HDLC), HDLC inverted, bit transparent (speech), and V.110 synchronous/asynchronous. CAPI integrates the following data link and network layer protocols:
•
•
•
•
CAPI Features
CAPI supports the following features:
•
•
•
•
•
•
•
•
•
•
•
•
Figure 2 shows the components of the RCAPI implementation.
Figure 2 Components of RCAPI
CAPI and RVS-COM
The router supports the ISDN Device Control Protocol (ISDN-DCP) from RVS-COM. ISDN-DCP allows a workstation on the LAN or router to use legacy dial computer telephony integration (CTI) applications. These applications include placing and receiving telephone calls and transmitting and receiving faxes.
Using ISDN-DCP, the router acts as a DCP server. By default, the router listens for DCP messages on TCP port number 2578 (the Internet-assigned number for RVS-COM DCP) on its LAN port.
When the router receives a DCP message from a DCP client (connected to the LAN port of the router), the router processes the message and acts on it; it can send confirmations to the DCP clients and ISDN packets through the BRI port of the router.
When the router receives packets destined for one of the DCP clients on its BRI port, the router formats the packet as a DCP message and sends it to the corresponding client. The router supports all the DCP messages specified in the ISDN-DCP specifications defined by RVS-COM.
Supported B-Channel Protocols
The router provides two 64-kbps B channels to CAPI clients. Each B channel can be configured separately to work in either HDLC mode or bit transparent mode. For CAPI support, layers B2 through B7 protocols are transparent to the applications using these B channels.
The ISDN Core Engine of RVS-COM supports the following B-channel protocols:
•
–
–
–
–
•
–
–
–
–
•
–
–
–
–
–
•
•
Supported D-Channel Protocols
CAPI support is available only for the ISDN switch type Net3.
Supported Applications
ISDN-DCP supports CAPI and non-CAPI applications. Applications are supported that use one or two B channels for data transfer, different HDLC-based protocols, Euro File transfer, or G4 fax; also supported are applications that send bit-transparent data such as A/Mu law audio, G3 fax, analog modem, or analog telephones.
Requirements
Before you can enable the RCAPI feature on the Cisco 800 series router, the following requirements must be met:
•
•
•
Configuring the 800 Series Router
The following procedure provides step-by-step instructions for configuring RCAPI on the 800 series router:
Step 1
router# configure terminalrouter(config)#Step 2
router(config)# isdn switch-type basic-net3Step 3
router(config)# rcapi number 12345Step 4
router(config)# rcapi server port 2000Step 5
router(config)# int bri0Step 6
router(config-if)# isdn switch-type basic-net3Step 7
router(config-if)# isdn incoming-voice modemStep 8
router(config-if)# exitrouter(config)# exitrouter#Step 9
router# show rcapi statusStep 10
router# debug rcapi eventsStep 11
RCAPI Router Commands
This section describes in detail the Cisco IOS commands for configuring RCAPI on the 800 series routers. These commands are applicable only for ISDN Net3 switch types.
rcapi number
To enable the Cisco 800 series router to distinguish between incoming CAPI calls and incoming non-CAPI calls such as POTS, PPP, and X.25, use the rcapi number command. This command allows the Cisco 800 series router to reserve directory numbers exclusively for incoming calls.
rcapi number directory number[:subaddress]
no rcapi number directory number[:subaddress]
The no rcapi number directory number[:subaddress] command releases the specified directory number from the RCAPI interface. By default, no directory number is set for the RCAPI interface.
Syntax DescriptionThe directory number is the number assigned by the ISDN provider for the PC on which RCAPI is configured. This number should not be set to any other interface.
number directory number
ISDN directory number. Default is none.
[:subaddress]
Optional subaddress of router preceded by a colon (:).
DefaultsThe default is no directory number is set for the RCAPI interface.
Command ModesGlobal configuration.
Command History
Cisco IOS Release 12.0(7)XV
The commands rcapi number and no rcapi number were introduced on the Cisco 800 series router.
Usage GuidelinesThe directory number should not be set to any other interfaces such as POTS and DOV. This command works only with the Net3 switch type.
ExamplesEnter the global configuration mode before configuring the RCAPI number.
router(config)# rcapi number 12345
Enables RCAPI on the 800 series router.
Displays the status of RCAPI and, if enabled, the details of the application.
Displays diagnostic DCP and driver messages.
Related Commandsrcapi server
To enable the RCAPI server on the 800 series router or to set the TCP port number, use the rcapi server global configuration command.
rcapi server [port number]
no rcapi server
The no rcapi server command disables the RCAPI server on the 800 series router.
Syntax Description
DefaultsIf the router is configured for basic Net3 IDSN switch type, by default RCAPI is enabled, and the port number is set to 2578.
Command ModesGlobal configuration.
Cisco IOS Release 12.0(7)XV
The commands rcapi server and no rcapi server were introduced on the Cisco 800 series router.
Command HistoryUsage GuidelinesThis command works only with the Net3 switch type.
ExamplesEnter the global configuration mode before configuring the RCAPI port number:
router(config)# rcapi server port 2000
Related Commandsshow rcapi status
Use the show rcapi command to display:
•
•
Syntax DescriptionThis command contains no arguments or keywords.
Command ModesPrivileged EXEC.
Command History
Cisco IOS Release 12.0(7)XV
The command show rcapi status was introduced on the Cisco 800 series router.
Usage GuidelinesThis command works only with the Net3 switch type.
ExamplesThe following is an example of the output from the show rcapi status command.
router# show rcapi statusRCAPI SERVER ONRCAPI SERVER PORT 2578RCAPI NUMBER 5553000 5553100
Related Commands
Sets the directory number and the subaddress of the router.
Enables RCAPI on the 800 series router.
Displays diagnostic DCP and driver messages.
debug rcapi events
To display diagnostic DCP and driver messages to help in troubleshooting, use the debug rcapi events command.
debug rcapi events
no debug rcapi events
The no debug rcapi events command disables debugging.
Syntax DescriptionThis command contains no arguments or keywords.
DefaultsBy default, debugging is set to off.
Command ModesPrivileged EXEC.
Command History
Cisco IOS Release 12.0(7)XV
The command debug rcapi events was introduced on the Cisco 800 series router.
Usage GuidelinesThis command works for all switch types.
Sets the directory number and the subaddress of the router.
Enables RCAPI on the 800 series router.
Displays the status of RCAPI and, if enabled, the details of the application.
Related CommandsThe RCAPI feature configuration information is also available online on CCO and the Documentation CD-ROM. See the online Feature Module document Configuring the (Remote) Common Application Programming Interface for Cisco 800 Series Routers.
New Hardware Features in Release 12.0(7)T
The following new hardware feature is supported by the Cisco 800 series for Release 12.0(7)T release:
Cisco 805 Router
Cisco IOS Release 12.0(7)T includes support for the Cisco 805 router, which offers flexibility to small offices requiring secure and manageable Internet, intranet, and corporate LAN access. The Cisco 805 router has a fixed hardware configuration with one 10BaseT Ethernet port and one serial port. The serial port can connect X.21, V.35, RS-232, RS-449, RS-530 and RS-530A DTE and DCE.
New Software Features in Release 12.0(7)T
The following new software enhancements are supported by the Cisco 800 series for Release 12.0(7)T and later releases:
TACACS+ on Cisco 800 Series Routers
Cisco 800 series routers now support the Terminal Access Controller Access Control System Plus (TACACS+) protocol through Telnet. TACACS+ is a Cisco proprietary authentication protocol that provides remote access authentication and related network security services, such as event logging. User passwords are administered in a central database rather than in individual routers.
The TACACS+ security application provides the centralized validation of users attempting to gain access to a router or network access server. TACACS+ services are maintained in a database on a TACACS+ daemon that typically runs on a UNIX or Windows NT workstation. The goal of TACACS+ is to provide a methodology for managing multiple network access points from a single management service. You must have access to and must configure a TACACS+ server before the configured TACACS+ features on your network access server are available.
The TACACS+ feature is supported by the authentication, authorization, and accounting (AAA) facility, which is configured at individual routers. However, Cisco 800 series routers do not support the RADIUS or Kerberos protocols. The TACACS+ AAA services are defined as follows:
Authentication--Provides complete control of authentication through login and password dialog, challenge and response, messaging support. The authentication facility provides the ability to conduct an arbitrary dialog with the user (for example, after a login and password are provided, to challenge a user with a number of questions, like home address, mother's maiden name, service type, and social security number. In addition, the TACACS+ authentication service supports sending messages to user screens. For example, a message could notify users that their passwords must be changed because of a company password aging policy.
Authorization--Provides fine-grained control over user capabilities for the duration of the a user session, including but not limited to setting autocommands, access control, session duration, or protocol support. You can also enforce restrictions on what commands a user can execute with the TACACS+ authorization feature.
Accounting--Collects and sends information used for billing, auditing, and reporting to the TACACS+ daemon. Network managers can use the accounting facility to track user activity for a security audit or to provide information for user billing. Accounting records include user identities, start and stop times, executed commands (such as PPP), number of packets, and number of bytes.
For additional information, see and the Cisco 800 Series Routers Software Configuration Guide and the security-related configuration guides and command references located on CCO and the Documentation CD-ROM:
To reach the Cisco 800 Series Routers Software Configuration Guide
•
Technical Documents: Documentation Home Page: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 801-804 Routers: Cisco 800 Series Routers Software Configuration Guide
•
Cisco Product Documentation: Access Servers and Access Routers: Fixed Configuration Access Routers: Cisco 801-804 Routers: Cisco 800 Series Routers Software Configuration Guide
To reach the security-related configuration guides and command references
•
–
–
•
–
–
Multicast Source Discovery Protocol
Multicast Source Discovery Protocol (MSDP) connects multiple PIM sparse-mode (SM) domains. MSDP allows multicast sources for a group to be known to all rendezvous points (RPs) in different domains. Each PIM-SM domain uses its own RPs and need not depend on RPs in other domains. An RP runs MSDP over TCP to discover multicast sources in other domains.
An RP in a PIM-SM domain has an MSDP peering relationship with MSDP-enabled routers in another domain. The peering relationship occurs over a TCP connection, where primarily a list of sources sending to multicast groups is exchanged. The TCP connections between RPs are achieved by the underlying routing system. The receiving RP uses the source lists to establish a source path.
The purpose of this topology is to have domains discover multicast sources in other domains. If the multicast sources are of interest to a domain that has receivers, multicast data is delivered over the normal, source-tree building mechanism in PIM-SM.
MSDP is also used to announce sources sending to a group. These announcements must originate at the domain RP.
MSDP depends heavily on (M)BGP for interdomain operation. You should run MSDP in your domain RPs that act as sources, sending to global groups for announcement to the Internet.
New Software Features in Release 12.0(5)T
The following new software enhancements are supported by the Cisco 800 series in Release 12.0(5)T and later releases.
Cisco IOS Firewall Feature Set for the Cisco 800 Series
Cisco IOS Firewall Feature Set is not new to Release 12.0(5)T; however, the Cisco IOS Firewall Feature Set combined with IPSEC is new to this release.
Enhancements to the Cisco IOS Firewall feature set are now available on the Cisco 800 series routers. This feature set is available on the IP Firewall, IP Firewall Plus, IP Firewall Plus IPSec, and IP/IPX Firewall Plus IPSec images only. This feature set provides the following additional capabilities:
•
•
•
•
The Cisco IOS Firewall Feature Set feature module provides several sample firewall configurations, including the following examples for small-office environments:
•
•
If you want to configure a firewall in an IP-network-to-Internet network, you can use the Cisco 800 Fast Step application (recommended for inexperienced network administrators) or the Cisco IOS software command-line interface (CLI) (recommended for more experienced network administrators). You can also configure a firewall by using Cisco ConfigMaker software version 2.3.
With the Cisco 800 Fast Step application, you can configure CBAC only. For information on how to use the Cisco 800 Fast Step application, refer to the application online help.
If you want to configure a firewall in a remote-office-to-corporate-office network, you must use the Cisco IOS CLI. For information on how to configure a firewall using the CLI, refer to the following online documents:
•
•
•
IPSec Network Security
The IPSec network security feature is now available on the Cisco 800 series routers (IP/Firewall/Plus/IPSec56 and IP/IPX/Firewall/IPSec56/Plus images only). This feature supports the 56-bit Data Encryption Standard (DES); it does not support the triple DES. Enabling this feature can impact your router performance.
IPSec is a framework of open standards that provides data confidentiality, data integrity, and data authentication between participating peers, such as two routers. IPSec provides these security services on IP datagrams. For information on configuring this feature, refer to the Cisco IOS Release 12.0 Security Configuration Guide.
Called Party Number Port
Some switches do not include a called party number when they send a voice call to a Cisco 800 router. These calls are directed to port 1 by default. The feature Called Party Number Port allows the router to direct calls of this type to a specified port. When this feature is combined with the command forward-to-unused-port, the router can direct a second call to the same port as the first call or to another port.
Layer Two Tunneling Protocol (L2TP)
Layer Two Tunneling Protocol (L2TP) is an emerging Internet Engineering Task Force (IETF) standard that combines the best features of two existing tunneling protocols: Cisco's Layer Two Forwarding (L2F) and Microsoft's Point-to-Point Tunneling Protocol (PPTP). L2TP is an extension to the Point-to-Point Protocol (PPP), which is an important component for Access Virtual Private Networks (VPNs). Access VPNs allow mobile users to connect to their corporate intranets or extranets, thus improving flexibility and reducing costs.
Traditional dial-up networking services only supported registered IP address, which limited the types of applications that could be implemented over Virtual Private Networks (VPNs). L2TP supports multiple protocols and unregistered and privately administered IP addresses over the Internet. This allows the existing access infrastructure, such as the Internet, modems, access servers, and ISDN terminal adaptors (TAs), to be used.
L2TP can be initiated wherever PPTP or L2F is currently deployed and can be operated as a client initiated tunnel, such as PPTP, or a network access server (NAS) initiated tunnel, such as L2F.
New Software Features in Release 12.0(4)T
The following new software enhancements are supported by the Cisco 800 series in Release 12.0(4)T1 and later releases.
Cisco IOS Firewall Feature Set for the Cisco 800 Series
The Cisco IOS Firewall feature set is now available on the Cisco 800 series routers. This feature set is available on the IP/Firewall image only; the product code for this image is S8CH-12.0(4)T. This feature set provides the following capabilities:
•
•
•
•
The Cisco IOS Firewall Feature Set feature module provides several sample firewall configurations, including the following examples for small-office environments:
•
•
If you want to configure a firewall in an IP-network-to-Internet network, you can use the Cisco 800 Fast Step application (recommended for inexperienced network administrators) or the Cisco IOS software command-line interface (CLI) (recommended for more experienced network administrators). You can also configure a firewall by using Cisco ConfigMaker software version 2.3.
With the Cisco 800 Fast Step application, you can configure CBAC only. If you want to configure a firewall in a remote-office-to-corporate-office network, you must use the Cisco IOS CLI.
For information on how to use the Cisco 800 Fast Step application, refer to the application online help. For information on how to configure a firewall using the CLI, refer to the Cisco IOS Firewall Feature Set feature module. (See the "Feature Modules" section.)
Forwarding Incoming Call to Unused Port
A new command forward-to-unused-port has been added to the dial peer configuration. The default is no forward-to-unused-port.
Here are some examples of command use when the command forward-to-unused-port is enabled. If a call to 555-1111 is received, its dial peer is fetched, this points to port 1, and the new call is forwarded as shown in the following examples:
•
•
•
•
•
•
•
See the "Important Notes" section for information about known problems with the command forward-to-unused-port.
Outgoing SPID Hunt
Outgoing service profile identifiers (SPID) hunt is now a POTS feature on the Cisco 800 series. This feature is available for U.S. switch types only. When enabled, the CSM looks for a free SPID for outgoing voice calls. If no calls are in progress then the SPID associated with the dial-peer destination is used. You must continue to program dial peers. By default, this feature is off.
Command syntax:
pots outgoing-huntno pots outgoing-huntNew Features in Release 12.0(3)T
Cisco IOS Release 12.0(3)T was the first 12.0 T release to support Cisco 800 series routers.
The following new software enhancements, which were introduced in Release 12.0(1)T, are supported by the Cisco 800 series beginning in this release.
Voice Features Over ISDN
The Cisco 800 series routers support the connection of analog telephones, fax machines, and modems. These devices are connected to basic telephone services through the ISDN line. The routers support the following supplementary services, which can be ordered from the telephone service provider:
•
•
•
•
•
The ISDN voice priority feature controls the priority of data and voice calls for the devices connected to the router telephone ports. If an ISDN circuit endpoint is busy with a data call or calls, and either a voice call comes in or you attempt to place a voice call, the data call is handled per the voice priority setting.
Automatic Detection of ISDN Switch and SPIDs
This feature applies to North America only. The Cisco 800 series routers can detect the ISDN switch that supports the ISDN line and the service profile identifiers (SPIDs) assigned by the telephone service provider. SPIDs identify the ISDN B channels. The SPID format is generally an ISDN telephone number with numbers added to it, for example, 40855522220101. Depending on the switch that supports the ISDN line, the ISDN line could be assigned zero, one, or two SPIDs.
Easy IP Phase 2-DHCP Server
With the introduction of Easy IP Phase 2, Cisco IOS software also supports Intelligent DHCP Relay functionality. A DHCP Relay Agent is any host that forwards DHCP packets between clients and servers. A DHCP Relay Agent enables the client and server to reside on separate subnets. If the Cisco IOS DHCP server cannot satisfy a DHCP request from its own database, it can forward the DHCP request to one or more secondary DHCP servers defined by the network administrator using standard Cisco IOS IP helper-address functionality.
Time-Based Access Lists
It is now possible to implement access lists based on the time of day. To do so, you create a time range that defines specific times of the day and week. The time range is identified by a name, and then referenced by a function, so that those time restrictions are imposed on the function itself.
Currently, IP and IPX extended access lists are the only functions that can use time ranges. The time range allows the network administrator to define when the permit or deny statements in the access list are in effect. Prior to this feature, access list statements were always in effect once they were applied. Both named or numbered access lists can reference a time range.
RIP Enhancements
Triggered extensions to IP RIP increase efficiency of RIP on point-to-point, serial interfaces. Routers are used on connection-oriented networks to allow potential connectivity to many remote destinations. Circuits on the WAN are established on demand and are relinquished when the traffic subsides. Depending on the application, the connection between any two sites for user data could be short and relatively infrequent.
There were two problems using RIP to connect to a WAN:
•
•
To overcome these limitations, triggered extensions to RIP cause RIP to send information on the WAN only when there has been an update to the routing database. Periodic update packets are suppressed over the interface on which this feature is enabled.
ISDN MIB RFC2127
The new Integrated Services Digital Network (ISDN) Management Information Base (MIB) RFC2127 has been designed to provide useful information in accordance with the IETF's new standard for the management of ISDN interfaces. It controls all aspects of ISDN interfaces. RFC2127 provides information on the physical Basic Rate Interfaces (BRIs), control and statistical information for B (bearer) and D (signaling) channels, terminal endpoints, and directory numbers.
Important Notes
The following sections contain important notes about Cisco IOS Release 12.0(7)XV that can apply to the Cisco 800 series.
Downloading Images
Before attempting to download new images, you must first delete files in your router's Flash memory. Be sure to use the delete command, not erase, to free up space. Entering erase will remove all files, including the configuration.
Problems Forwarding Incoming Call to Unused Port
The following are known problems associated with using the command forward-to-unused-port for dial peer configuration.
•
Suppose we have the following SPIDs and dial peers:
isdn spid1 40855511110101 5551111 5552222dial-peer v 1 pdestination-pattern 5551111forward-to-unused-portport 1dial-peer v 2 pdestination-pattern 5552222forward-to-unused-portport 1In this example, a call for 555-1111 is first received and is connected to port 1. A call to 555-2222 is then received. Since port 2 has no calls, the new call is sent to port 2. The DMS NI1 releases the second call because it expects the first call to be put on hold.
•
This feature works only if a called party number is received inside the incoming call. If no called part number is received, the incoming call is directed to port 1.
Cisco IOS Release 12.0(4)XM
The images introduced in Release 12.0(4)XM apply to the Cisco 805 router only. They are not supported by the Cisco 801, 802, 803 or 804. For more information about this special release, see the Release Notes for the Cisco 805 Router for Cisco IOS Release 12.0(4)XM on CCO.
Dial Peer Limitation
The isdn answer1 and isdn answer2 commands determine which called telephone numbers, for example, 555-1111 and 555-2222, a Cisco 800 series router can answer. Using these commands limits a router to using the two dial peers that contain the telephone numbers 555-1111 and 555-2222. (When not using these commands, a router can use up to six dial peers.) A sample scenario in which the isdn answer1 and isdn answer2 commands are used is when a Cisco 801-804 series router is connected with other ISDN devices to an ISDN S-bus.
Excessive ISDN Line Activation
The following protocols send updates that can cause an ISDN line to be activated excessively thereby increasing your monthly ISDN line cost:
•
•
•
•
•
For information on preventing this situation, refer to the Cisco 800 Series Routers Software Configuration Guide. This guide contains information on setting up extended access lists to prevent IP, UDP, IPX, and SNTP updates from activating the ISDN line. For CDP, make certain that you enter the command no cdp enable to disable CDP.
Hanging During Boot
If an illegal console configuration is issued to the router, the console will then fail the POST test during boot and cause the router to hang. There is no way to recover a unit in this state except for pulling the soldered Boot Flash and re-burning the Boot ROM.
This problem has been resolved in TinyROM version 1.0(3), a downloadable ROM upgrade available from CCO. Please contact Cisco to upgrade to this version or later, and prevent this problem from occurring.
Phone Mate Answering Machine Model 9200
Phone Mate answering machine model 9200 fails to recognize the ringing signal sent by AMD R79 ringing SLIC. This was confirmed by testing against Phone Mate model 3750 and newer model 9300.
NVRAM Data Storage Limitation in Release 12.0(4)T and Earlier
The Cisco 800 router nonvolatile RAM (NVRAM) has a configuration data storage limitation in Cisco IOS Release 12.0(4)T and earlier releases. This problem was resolved in Release 12.0(5)T. Because of this limitation, you might not be able to save the digital certificate into the NVRAM if a large amount of other configuration data already exists. Cisco recommends that you not power off your router if you were not able to save the digital certificate. If you power off your router without successfully saving the digital certificate, you will need to generate the keys and request a new digital certificate from the Certificate Authority (CA) server after powering on the router again.
B Channel Activation
When a call comes in, a B channel is activated. If the amount of traffic on the B channel exceeds a threshold, the other B channel is activated. If the amount of traffic falls below the threshold, one of the B channels is deactivated. The B channel that is initially activated when the call comes in is not necessarily B1 nor is the B channel that is deactivated when the traffic level lessens necessarily B2.
Cisco IOS Syslog Failure
Certain versions of Cisco IOS software may fail or hang when they receive invalid User Datagram Protocol (UDP) packets sent to their syslog ports (port 514). At least one commonly used Internet scanning tool generates packets that cause such problems. This fact has been published on public Internet mailing lists, which are widely read both by security professionals and by security crackers. This information should be considered in the public domain.
Attackers can cause Cisco IOS devices to repeatedly fail and reload, resulting in a completely disabled Cisco IOS device that needs to be reconfigured by its administrator. Some Cisco IOS devices have been observed to hang instead of failing when attacked. These devices do not recover until they are manually restarted by reset or power cycling. An administrator must personally visit an attacked, hung device to restart it, even if the attacker is no longer actively sending any traffic. Some devices have failed without providing stack traces; some devices may indicate that they were "restarted by power-on," even when that is not the case.
Assume that any potential attacker is likely to know that existence of this problem and the ways to exploit it. An attacker can use tools available to the public on the Internet and does not need to write any software to exploit the vulnerability. Minimal skill is required and no special equipment is required.
Despite Cisco specifically inviting such reports, Cisco has received no actual reports of malicious exploitation of this problem.
This vulnerability notice was posted on Cisco's World Wide Web site:
http://www.cisco.com/warp/public/770/iossyslog-pub.shtml
This information was also sent to the following e-mail and USENET news recipients:
•
•
•
•
•
•
•
Affected Devices and Software Versions
Vulnerable devices and software versions are specified in Table 6, Affected and Repaired Software Versions. Affected versions include Releases 11.3 AA, 11.3 DB, and all 12.0 versions (including 12.0 mainline, 12.0 S, 12.0 T, and any other regular released version whose number starts with 12.0), up to the repaired releases listed in Table 6. Cisco is correcting the problem in certain special releases and will correct it in future maintenance and interim releases. See Table 6, Affected and Repaired Software Versions for details. Cisco intends to provide fixes for all affected IOS variants.
No particular configuration is needed to make a Cisco IOS device vulnerable. It is possible to filter out attack traffic by using access lists. See the "Workarounds" section for techniques. However, except at Internet firewalls, the appropriate filters are not common in customer configurations. Carefully evaluate your configuration before assuming that any filtering you have protects you against this attack.
The most commonly used or asked-about products are listed below. If you are unsure whether your device is running Cisco IOS software, log in to the device and issue the show version command. Cisco IOS software will identify itself simply as "IOS" or "Internetwork Operating System Software". Other Cisco devices will not have the show version command, or they will identify themselves differently in their output. The most common Cisco devices that run Cisco IOS software include the following:
•
•
•
•
Affected software versions, which are relatively new, are not necessarily available on every device listed above. If you are not running Cisco IOS software, you are not affected by this problem.
The following Cisco devices are not affected:
•
•
•
•
•
•
•
•
This vulnerability has been assigned Cisco bug ID CSCdk77426.
Solution
Cisco offers free software updates to correct this vulnerability for all affected customers—regardless of their contract status. However, because this vulnerability information has been disseminated by third parties, Cisco has released this notice before updates are available for all software versions. Table 6 gives Cisco's projected fix dates.
Make sure your hardware has adequate RAM to support the new software before installing it. The amount of RAM is seldom a problem when you upgrade within a major release (say, from 11.2[11]P to 11.2[17]P), but it is often a factor when you upgrade between major releases (say, from 11.2 P to 11.3 T).
Because fixes will be available for all affected releases, this vulnerability will rarely, if ever, require an upgrade to a new major release. Cisco recommends very careful planning for any upgrade between major releases. Make certain no known bugs will prevent the new software from working properly in your environment.
Further upgrade planning assistance is available on Cisco's World Wide Web site at:
http://www.cisco.com
If you have service contracts you can obtain new software through your regular update channels (generally through Cisco's World Wide Web site). You can upgrade to any software release, but you must remain within the boundaries of the feature sets you have purchased.
If you do not have service contracts, you can upgrade to obtain only the bug fixes; free upgrades are restricted to the minimum upgrade required to resolve the defects. In general, you will be restricted to upgrading within a single row of Table 6, except when no upgrade within the same row is available in a timely manner. Obtain updates by contacting one of the following Cisco Technical Assistance Centers (TACs):
•
•
•
Give the URL of this notice (http://www.cisco.com/warp/public/770/iossyslog-pub.shtml) as evidence for a free update. Non-contract customers must request free updates through the TAC. Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software updates.
Workarounds
You can work around this vulnerability by preventing any affected Cisco IOS device from receiving or processing UDP datagrams addressed to its port 514. This can be done either by using packet filtering on surrounding devices, or by using input access list filtering on the affected IOS device itself.
If you use an input access list, apply that list to all interfaces to which attackers may be able to send datagrams. Interfaces include not only physical LAN and WAN interfaces but also virtual subinterfaces of those physical interfaces, as well as virtual interfaces and interface templates corresponding to GRE, L2TP, L2F, and other tunneling protocols.
The input access list must block traffic destined for UDP port 514 at any of the Cisco IOS device's own IP addresses, as well as at any broadcast or multicast addresses on which the Cisco IOS device may be listening. Be sure to block both old-style "all-zeros" broadcasts and new-style "all-ones" broadcasts. It is not necessary to block traffic being forwarded to other hosts—only traffic actually addressed to the Cisco IOS device is of interest.
No single input access list works in all configurations. Know the effect of your access list in your specific configuration before activating it.
The following example shows a possible access list for a three-interface router, along with the configuration commands needed to apply the list. The example assumes input filtering is not needed, other than as a workaround for this problem:
! Deny all multicasts, and all unspecified-net broadcasts, to port 514access-list 101 deny udp any 224.0.0.0 31.255.255.255 eq 514! Deny old-style unspecified-net broadcastsaccess-list 101 deny udp any host 0.0.0.0 eq 514! Deny network-specific broadcasts. This example assumes that all of! the local interfaces are on the class B network 172.16.0.0, subnetted! everywhere with mask 255.255.255.0. This will differ from network! to network. Note that we block both new-style and old-style broadcasts.access-list 101 deny udp any 172.16.0.255 0.0.255.0 eq 514access-list 101 deny udp any 172.16.0.0 0.0.255.0 eq 514! Deny packets sent to the addresses of our own network interfaces.access-list 101 deny udp any host 172.16.1.1 eq 514access-list 101 deny udp any host 172.16.2.1 eq 514access-list 101 deny udp any host 172.16.3.3 eq 514! Permit all other traffic (default would be to deny)access-list 101 permit ip any any! Apply the access list to the input side of each interfaceinterface ethernet 0ip address 172.16.1.1 255.255.255.0ip access-group 101 ininterface ethernet 2ip address 172.16.2.1 255.255.255.0ip access-group 101 ininterface ethernet 3ip address 172.16.3.3 255.255.255.0ip access-group 101 inListing all possible addresses—especially all possible broadcast addresses—to which attack packets may be sent is complicated. If you do not need to forward any legitimate syslog traffic received on an interface, you can block all syslog traffic arriving on that interface. Remember that blocking will affect traffic routed through the Cisco IOS device as well as traffic destined to the device; if the IOS device is expected to forward syslog packets, you will have to do the detailed filtering. Because input access lists impact system performance, install them with caution—especially on systems running very near their capacity.
Software Versions and Fixes
Many Cisco software images have been or will be specially reissued to correct this vulnerability. For example, regular released Cisco IOS version 12.0(2) is vulnerable, as are interim versions 12.0(2.1) through 12.0(2.3). The first fixed interim version of Release12.0 mainline software is Release12.0(2.4). However, a special release, 12.0(2a), contains only the fix for this vulnerability and does not include any other bug fixes from later 12.0 interim releases.
If you are running Release 12.0(2) and want to fix this problem without risking possible instability presented by installing the 12.0(2.4) interim release, you can upgrade to Release 12.0(2a). Release 12.0(2a) is a "code branch" from the Release 12.0(2) base, which will merge back into the Release 12.0 mainline at Release 12.0(2.4).
Special releases, like 12.0(2a), are one-time, spot fixes, and they will not be maintained. Thus, the upgrade path from Release 12.0(2a) is to Release 12.0(3).
Table 6 specifies information about affected and repaired software versions.
Note
Table 6 Affected and Repaired Software Versions
11.2 and earlier releases—all variants
Unaffected early releases (no syslog server)
Unaffected
Unaffected
Unaffected
11.3, 11.3 T, 11.3 DA, 11.3 MA, 11.3 NA, 11.3 WA, 11.3(2)XA
11.3 releases without syslog servers
Unaffected
Unaffected
Unaffected
11.3 AA
11.3 early deployment for AS58xx
11.3(7)AA2, 8-JAN-19994
11.3(7.2)AA
11.3(8)AA, 15-FEB-1999
11.3 DB
11.3 for Cisco NRP routing blade in Cisco 6400 xDSL DSLAM
11.3(7)DB2, 18-JAN-1999
12.0
12.0 Mainline
12.0(2a), 8-JAN-1999
12.0(2.4)
12.0(3), 1-FEB-1999
12.0 T
12.0 new technology early deployment
12.0(2a)T1, 11-JAN-1999
12.0(2.4)T
12.0(3)T, 15-FEB-1999
12.0 S
ISP support; 7200, RSP, GSR
12.0(2.3)S, 27-DEC-1998
12.0(2)S5 , 18-JAN-1999
12.0 DB
12.0 for Cisco 6400 universal access concentrator node switch processor (lab use)
12.0(2)DB, 18-JAN-1999
12.0(1)W
12.0 for Catalyst 8500 and LS1010
12.0(1)W5(5a) and 12.0(1a)W5(5b) (LS1010 platform only)
12.0(1)W5(5.15)
12.0(1)W5(6) (platform support for Catalyst 8540M will be in 12.0(1)W5(7))
12.0(0.6)W5
One-time early deployment for CH-OC-12 module in Catalyst 8500 series switches
Unaffected; one-time release
Unaffected
Unaffected; To upgrade use 12.0(1)W5 releases.
12.0(1)XA3
Short-life release; merged to 12/0T at 12.0(2)T
Obsolete
Merged
Upgrade to 12.0(2a)T1 or to 12.0(3)T.
12.0(1)XB
Short-life release for Cisco 800 series; merged to 12.0 T and 12.0 (3)T
12.0(1)XB1
Merged
Upgrade to 12.0(3)T.
12.0(2)XC
Short-life release for new features in Cisco 2600, Cisco 3600, uBR7200, uBR900 series; merged to 12.0 T at 12.0(3)T
12.0(2)XC1, 7-JAN-1999
Merged
Upgrade to 12.0(3)T
12.0(2)XD
Short-life release for ISDN voice features; merged to 12.0 T at 12.0(3)T
12.0(2)XD1, 18-JAN-1999
Merged
Upgrade to 12.0(3)T
12.0(1)XE
Short-life release
12.0(2)XE, 18-JAN-1999
Merged
Upgrade to 12.0(3)T
1 A special fix is a one-time release that provides the most stable immediate upgrade path.
2 Interim releases are tested less rigorously than regular maintenance releases; interim releases can contain serious bugs.
3 Fixed maintenance releases are on a long-term upgrade path. Other long-term upgrade paths also exist.
4 All dates in this table are estimates and are subject to change.
5 This entry is not a misprint. The 12.0(2.3)S interim release is available before the 12.0(2)S regular release.
Caveats
Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. This section only contains open and resolved caveats for the current Cisco IOS maintenance release. All caveats in Release 12.0 are also in Releases 12.0 T and 12.0(7)XV.
For information on caveats in Cisco IOS Release 12.0, see Caveats for Cisco IOS Release 12.0. For information on caveats in Cisco IOS Release 12.0 T, see Caveats for Cisco IOS Release 12.0 T. Both documents list severity 1 and 2 caveats and are located on CCO and the Documentation CD-ROM.
Note
Caveats for Release 12.0(7)T
This section describes possibly unexpected behavior by Release12.0(7)T that is additional to the information contained in the Caveats for Cisco IOS Release 12.0 T document. Only severity 1 and 2 caveats are included.
Miscellaneous
•
To run IPSec successfully, the Cisco 800 series router clock needs to be set accurately. Cisco 800 series router clocks are set and maintained using Simple Network Time Protocol (SNTP). For best results, set up a Network Time Protocol (NTP) server to periodically send time information messages to Cisco 800 series routers. See the SNTP configuration and command reference documentation for configuration instructions. If you do not have an NTP server, you must reset the Cisco 800 series router clock using the clock set command each time you restart the router.
The SNTP configuration documentation is available in the chapter "Monitoring the Router and Network" in the "System Management" volume of the Configuration Fundamentals Configuration Guide in the Cisco IOS documentation set.
The SNTP command reference documentation is available in the chapter "Router and Network Monitoring Commands" in the "System Management Commands" volume of the Configuration Fundamentals Command Reference manual in the Cisco IOS documentation set.
Related Documentation
The following sections describe the documentation available for the Cisco 800 series. These documents consist of hardware and software installation guides, Cisco IOS configuration and command references, system error messages, feature modules, and other documents.
Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on CCO and the Documentation CD-ROM.
Use these release notes with these documents:
•
Release-Specific Documents
The following documents are specific to Release 12.0 and are located on CCO and the Documentation CD-ROM:
•
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Release Notes: Cross-Platform Release Notes
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Release Notes: Cross-Platform Release Notes
•
Service & Support: Technical Documents
•
This document contains caveats applicable to all platforms for all maintenance releases of Release 12.0 T.
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Caveats
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Caveats
Note
Platform-Specific Documents
These documents are available for the Cisco 800 series on CCO and the Documentation CD-ROM:
•
•
•
•
•
•
•
•
•
On CCO at:
Technical Documents: Documentation Home Page: Access Servers and Access Routers: Fixed Access Routers: Cisco 801-804 Routers
On the Documentation CD-ROM at:
Cisco Product Documentation: Access Servers and Access Routers: Fixed Access Routers: Cisco 801-804 Routers
Feature Modules
Feature modules describe new features supported by Release 12.0 XV and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0: New Feature Documentation: New Features in 12.0-Based Limited Lifetime Releases: New Features in Release 12.0 XV: Configuring the RCAPI for Cisco 800 Routers
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: New Feature Documentation: New Features in 12.0-Based Limited Lifetime Releases: New Features in Release 12.0 XV: Configuring the RCAPI for Cisco 800 Routers
Cisco IOS Software Documentation Set
The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents that are shipped with your order in electronic form on the Documentation CD-ROM—unless you specifically ordered the printed versions.
Documentation Modules
Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference. Chapters in a configuration guide describe protocols, configuration tasks, Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.
On CCO and the Documentation CD-ROM, two master hot-linked documents provide information for the Cisco IOS software documentation set.
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0:Configuration Guides and Command References
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Configuration Guides and Command References
Release 12.0 Documentation Set
Table 7 describes the contents of the Cisco IOS Release 12.0 software documentation set, which is available in electronic form and in printed form upon request.
Note
On CCO at:
Technical Documents: Documentation Home Page: Cisco IOS Software Configuration: Cisco IOS Release 12.0
On the Documentation CD-ROM at:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0
Note
Service and Support
For service and support for a product purchased from a reseller, contact the reseller, who offers a wide variety of Cisco service and support programs described in "Service and Support" of Cisco Information Packet that shipped with your product.
Note
For service and support for a product purchased directly from Cisco, use CCO.
Software Configuration Tips on the Cisco Technical Assistance Center Home Page
If you have a CCO login account, you can access the following URL, which contains links and tips on configuring your Cisco products:
http://www.cisco.com/kobayashi/serv_tips.shtml
This URL is subject to change without notice. If it changes, point your Web browser to CCO and click on this path: Products & Technologies: Products: Technical Tips.
The following sections are provided from the Technical Tips page:
•
•
•
•
•
•
•
•
•
Cisco Connection Online
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can reach CCO in the following ways:
•
•
•
•
•
For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.
Note
Documentation CD-ROM
Cisco documentation and additional literature are available in a CD-ROM package, which package that ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.
Guest
