First Published: August 15, 2025

Last Updated: December 3, 2025

About Cisco 1000 Series Integrated Services Routers

The Cisco 1000 Series Integrated Services Routers (also referred to as router in this document) are powerful fixed branch routers based on the Cisco IOS XE operating system. They are multi-core routers with separate core for data plane and control plane. There are two primary models with 8 LAN ports and 4 LAN ports. Features such as Smart Licensing, VDSL2 and ADSL2/2+, 802.11ac with Wave 2, 4G LTE-Advanced and 3G/4G LTE and LTEA Omnidirectional Dipole Antenna (LTE-ANTM-SMA-D) are supported on the router.


Note

Cisco IOS XE 17.18.1a is the first release for Cisco 1000 Series Integrated Services Routers in the Cisco IOS XE 17.18.x release series.


Note
Starting with Cisco IOS XE Amsterdam 17.3.2 release, with the introduction of Smart Licensing Using Policy, even if you configure a hostname for a product instance or device, only the Unique Device Identifier (UDI) is displayed. This change in the display can be observed in all licensing utilities and user interfaces where the hostname was displayed in earlier releases. It does not affect any licensing functionality. There is no workaround for this limitation.

The licensing utilities and user interfaces that are affected by this limitation include only the following:

  • Cisco Smart Software Manager (CSSM),

  • Cisco Smart License Utility (CSLU), and

  • Smart Software Manager On-Prem (SSM On-Prem).

Product Field Notice

Cisco publishes Field Notices to notify customers and partners about significant issues in Cisco products that typically require an upgrade, workaround or other user action. For more information, see https://www.cisco.com/c/en/us/support/web/field-notice-overview.html.

We recommend that you review the field notices to determine whether your software or hardware platforms are affected. You can access the field notices from https://www.cisco.com/c/en/us/support/web/tsd-products-field-notice-summary.html#%7Etab-product-categories.

New and Changed Hardware Features

New and Changed Software Features in Cisco IOS XE 17.18.1a

Table 1. New software features for Cisco 1000 Series Integrated Services Routers, Release 17.18.1a

Product impact

Feature

Description

Ease of Use

 Support to upgrade Firmware From Cisco IOS XE 17.18.1a release, you can now upgrade the firmware image for cellular module, LTE module, or Wi-Fi module of supported devices using Cisco Catalyst SD-WAN Manager, without configuring and managing multiple commands for each device and its associated modules.

Ease of Use

 Hosted Edge Services for SD-Routing Devices From Cisco IOS XE 17.18.1a release, Cisco Catalyst SD-WAN Manager supports deployment of IOx applications such as Cyber Vision, Thousand Eyes, UTD, and so on. The support to monitor these applications is introduced through Hosted Edge Services monitoring dashboard which offers a simplified user experience for overseeing IOx container applications across multiple devices. The Hosted Edge Services monitoring dashboard is introduced on Cisco Catalyst SD-WAN Manager version 20.18.x.

Ease of setup

Cisco Secure Routers SWIM and Onboarding Tool

 Cisco IOS XE 17.18.1a introduces the Cisco Secure Routers Software Image Management (SWIM) and Onboarding tool that helps customers upgrade and onboard autonomous hardware devices to cloud-hosted or on-premises Catalyst Cisco SD-WAN Manager.

Security

 Custom IPS signature sets From Cisco IOS XE 17.18.1a release, Custom IPS signature sets are supported in Cisco SD-WAN Manager, which allows you to create and deploy personalized Snort3 IPS signature sets.This feature allows direct modification of actions for existing IPS rules within profiles and supports building custom rules using rule groups or existing rules. With Custom IPS signature sets, organizations can gain greater control and precision in tailoring threat detection to their specific security needs.

Ease of Use

 Certificate Management on SD-Routing Devices This feature introduces a new certificate authorization setting, Enterprise Certificate Settings, which unifies certificate configurations for SD-Routing devices. Cisco SD-WAN Manager automates certificate management by leveraging protocols like EST (Enrolment over Secure Transport) and SCEP (Simple Certificate Enrolment Protocol). The feature automates the enrolment, and renewal of certificates.

Ease of use

 Configure cellular band select for cellular interfaces on SD-Routing devices You can select specific frequency bands to which the device can connect to, allowing optimized connection depending on location and network availability. This configuration can be done using Feature Parcels in Catalyst Cisco SD-WAN Manager.

Ease of use

 Configure logging of crash dump events for cellular interfaces on SD-Routing devices You can configure the device to collect the crash dump logs by enabling the boot-and-hold mode on the device using the lte modem crash-action boot-and-hold command.

Ease of use

 Reset cellular profile for cellular interfaces on SD-Routing devices You can reset the cellular network profile settings on a specific interface to a factory default state using the cellular<slot> lte profile reset command.

Ease of use

 Enable diagnostic monitoring for SD-Routing devices You can enable diagnostic monitoring log capture for devices with cellular interfaces using Catalyst Cisco SD-WAN Manager.

Ease of Use

Show drops command

 The show drops command is introduced in Cisco IOS XE 17.18.1a. This command consolidates multiple platform and protocol-specific debugging tools into a single, user-friendly interface, enabling network operators to efficiently identify the root causes of packet drops. By streamlining the troubleshooting process, this feature significantly improves operational efficiency and network performance.

Upgrade

 MVPN Ingress Replication (IR) over SRv6 This feature enables the transport of IPv4 MVPN traffic across an SRv6 network. It simplifies multicast deployment by using the existing SRv6 unicast infrastructure as the underlay. With this feature, the ingress PE router receives multicast traffic and creates a separate unicast SRv6-encapsulated copy for each egress PE router in the multicast group.

Upgrade

 SRv6 Path MTU Discovery This feature introduces a mechanism to determine the maximum transmission unit (MTU) for packets traversing an SRv6 underlay network. It ensures efficient packet forwarding by preventing fragmentation and packet drops, thereby allowing network devices to dynamically adjust packet sizes to avoid exceeding link MTU limits. The system relays ICMP Packet Too Big (PTB) messages from the SRv6 underlay to the IPv6/IPv4 overlay network, supporting both Transit-node and Headend-node PTB relay methods.

Upgrade

 SRv6 Flex-Algo with TI-LFA and uLoop Avoidance From Cisco IOS XE 17.18.1a, Flexible Algorithm enhances SRv6 by including functions like Topology Independent Loop-Free Alternate (TI-LFA) and microloop (uLoop) avoidance. This feature improves network resilience and efficiency.

CUBE FEATURES

Ease of Use

 Enhanced support for serviceability in SIP recording From Cisco IOS XE 17.18.1a onwards, serviceability is enhanced to display consolidated information on forked and associated anchor call legs.

Upgrade

 Third-Party GUID capture for correlation between call transfers and SIP-based recording From Cisco IOS XE 17.18.1a onwards, the Third-Party GUID capture for correlation between calls and SIP-based recording is extended to support transmission of globally unique identifiers (GUIDs) to the recording server during call transfers.

Upgrade

 IOS UC apps reports smart licensing flex subscription entitlement tag From Cisco IOS XE 17.18.1a onwards, CUBE and SRST smart licensing reports flex subscription entitlement tag on all the supported platforms.

Note

From Cisco IOS XE Release 17.18.1a, guestshell is removed from the IOS XE software image. As a result, Zero Touch Provisioning (ZTP) python script is no longer supported on Cisco 1000 Series Integrated Services Routers. If you need to use guestshell, then download it from https://developer.cisco.com/docs/iox/#!iox-resource-downloads/downloads. For more information, see Guestshell installation procedure.

Cisco ISR1000 ROMmon Compatibility Matrix

The following table lists the ROMmon releases supported in Cisco IOS XE 16.x.x releases and Cisco IOS XE 17.x.x releases.


Warning
Device unrecoverable after upgrade failure

If a device running certain older Cisco IOS XE releases (earlier than 17.5.x) has password recovery disabled and experiences an upgrade failure to Cisco IOS XE 17.11.x or later, the device may become unrecoverable.

To mitigate this risk, upgrade the device to any Cisco IOS XE image between 17.5.x and 17.10.x before upgrading to the destination Cisco IOS XE release (17.11.x or later). Refer to the Release Notes for Cisco 1000 Series Integrated Services Routers, Cisco IOS XE 17.11.x for specific upgrade steps.

Subsequent release notes include this guidance. For example, refer to the Release Notes for Cisco ISR 1000 Series, Cisco IOS XE Dublin 17.13.1.


Warning
Recommendations before upgrade

Before you upgrade, consider these actions:

  • Configure the old working image as a backup image before performing the upgrade. For example:

Router(config)# no boot system
Router(config)# boot system bootflash:new.bin
Router(config)# boot system bootflash:old.bin

  • Enable password recovery before you upgrade. After the upgrade, reapply no service password-recovery for security. For example: 

Router(config)# service password-recovery

(After upgrade)

Router(config)# no service password-recovery

Note
Reset button behavior

The Reset button behavior changes when specific ROMmon and Cisco IOS XE versions are in use:

  • If ROMmon is 16.12(2r) or later, and Cisco IOS XE is 17.2.1 or later:

    The Reset button does not take effect if no service password-recovery strict is configured.

  • If ROMmon is earlier than 16.12(2r):

    The factory reset does not take effect, regardless of whether the strict option is included.

Note

To identify the manufacturing date, use the show license udi command. For example: 

Router#show license udi 
UDI: PID:C1131-8PLTEPWB,SN:FGLxxxxLCQ6

The xxxx in the command output represents the manufacturing date.

  • If the manufacturing date is greater than or equal to 0x2535, the manufactured ROMmon version is 17.6(1r) or higher.

  • If the manufacturing date is less than 0x2535, the ROMmon will be automatically upgraded to 17.5(1r) or above when the Cisco IOS XE 17.9.x release is installed.

  • The minimal or recommended ROMmon version for devices using Cisco IOS XE 17.5 or later is 17.5(1r) or later.

Note

To upgrade to Cisco IOS XE Dublin 17.12.x, follow these steps:

  1. If you are on a device that is running software version between Cisco IOS XE 16.x to Cisco IOS XE 17.4.x, upgrade to any IOS XE image between Cisco IOS XE 17.5.x to Cisco IOS XE 17.10.x.

  2. After performing step a, upgrade to Cisco IOS XE 17.12.x.

  3. For devices that are running on software version Cisco IOS XE 17.5.x or later, you can upgrade to Cisco IOS XE 17.12.x directly.
Table 2. Minimum and Recommended ROMmon Releases Supported on Cisco 1000 Series Integrated Services Routers

Cisco IOS XE Release

Minimum ROMmon Release for IOS XE

Recommended ROMmon Release for IOS XE

17.18.x

17.5(1r)

17.5(1r)

17.16.x

17.5(1r)

17.5(1r)

17.15.x

17.5(1r)

17.5(1r)

17.14.x

17.5(1r)

17.5(1r)

17.13.x

17.5(1r)

17.5(1r)

17.12.x

17.5(1r)

17.5(1r)

17.11.x

17.5(1r)

17.5(1r)

17.10.x

17.5(1r)

17.5(1r)

17.9.x

17.5(1r)

17.5(1r)

17.8.x

17.5(1r)

17.5(1r)

17.7.x

17.5(1r)

17.5(1r)

17.6.x

17.5(1r)

17.5(1r)

17.5.x

17.5(1r)

17.5(1r)

17.4.x

16.12(2r)

16.12(2r)

17.3.x

16.12(2r)

16.12(2r)

17.2.x

16.9(1r)

16.12(1r)

17.1.x

16.9(1r)

16.12(1r)

16.12.x

16.9(1r)

16.12(1r)

16.11.x

16.9(1r)

16.9(1r)

16.10.x

16.9(1r)

16.9(1r)

16.9.x

16.9(1r)

16.9(1r)

16.8.x

16.8(1r)

16.8(1r)

16.7.x

16.6(1r)

16.6(1r)

16.6.x

16.6(1r)

16.6(1r)

Resolved and Open Bugs in Cisco IOS XE 17.18.x

Resolved Bugs in Cisco IOS XE 17.18.1a


Note

Note: This software release may contain bug fixes first introduced in other releases. To see additional information, click the bug ID to access the Cisco Bug Search Tool. To search for a documented Cisco product issue, type in the browser: <bug_number> site:cisco.com.
Table 3. Resolved issues for Cisco 1000 Series Integrated Services Routers, Release 17.18.1a
Bug ID Description
CSCwp23487

SGW offline with SSH error Unable to open socket while establishing netconf session
CSCwn12594

17.16 SIG zscaler ipsec - vpn credentials for primary tunnel not created
CSCwn42496

Device crashed @bfd_send_and_detect_sleep_time during soak run
CSCwn69868

Unable to come up control connections with controllers after controllers added and down/up
CSCwo72675

All BFD sessions for dialer interfaces are down. SA ID is 0 for all of them
CSCwo84428

Memory leak under vdaemon process with DTLS on SNMP polling
CSCwp24639

Device reloads after VPN config changes on SDWAN
CSCwm27749

Speed test download / throughput issue on device seen with IPSEC ESP-NULL transform using Zscaler
CSCwm72336

CXP with Data Policy redirect-DNS via overlay causes blackhole
CSCwn26353

BFD sessions via TLOC-Ext do not come up when IPv6 is dynamically changed
CSCwo05703

SD-WAN: VFR is not dynamically disabled After ZBFW Removal
CSCwo75657

Maximum control connection is not equal to maximum omp sessions
CSCwp91064

FTMD zero pointer dereferences leading to crash

Open Bugs in Cisco IOS XE 17.18.1a

This software release may contain open bugs first identified in other releases. To see additional information, click the bug ID to access the Cisco Bug Search Tool. To search for a documented Cisco product issue, type in the browser: <bug_number> site:cisco.com.

Table 4. Open issues for Cisco 1000 Series Integrated Services Routers, Release 17.18.1a
Bug ID Description
CSCwp12196 Device unexpectedly reloads due to memory corruption on a notification queue in FTMd
CSCwq27426 BFD session down due to unencrypted outbound BFD packets despite active IPsec SA
CSCwe19394 Device may boot up into prev_packages.conf due to power outage
CSCwo42664 Keyman core files on device
CSCwp01089 EPFR-High latency times are observed on the hub device
CSCwp81539 Memory leak under cfgmgr process on SNMP polling
CSCwq20326 Device does not install service-side static route to CEF after upgrade
CSCwq40026 Unexpected reboot occurs due to process FTMD
CSCwq68385 TLOC disabled after link down; no automatic tunnel recovery after link restores and TLOC state Is Up
CSCwq60993 EM9293 module not able to acquire GPS coordinates

Communications, Services, and Additional Information

  • To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

  • To get the business results you’re looking for with the technologies that matter, visit Cisco Services.

  • To submit a service request, visit Cisco Support.

  • To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco DevNet.

  • To obtain general networking, training, and certification titles, visit Cisco Press.

  • To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Cisco Bug Search Tool

Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.

Documentation Feedback

To provide feedback about Cisco technical documentation, use the feedback form available in the right pane of every online document.

Troubleshooting

For the most up-to-date, detailed troubleshooting information, see the Cisco TAC website at https://www.cisco.com/en/US/support/index.html.

Go to Products by Category and choose your product from the list, or enter the name of your product. Look under Troubleshoot and Alerts to find information for the issue that you are experiencing.