The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco 4000 Series Integrated Services Routers Release Notes, Cisco IOS XE Denali 16.2
Cisco 4000 Series Integrated Services Routers Overview
Migrating to Cisco IOS XE Denali 16.2
Determining the Software Version
Upgrading to a New Software Release
Upgrading the ROMMON Version on the Cisco 4000 Series ISR
Upgrading Field-Programmable Hardware Devices
New Features and Important Notes About Cisco 4000 Series ISRs Release Denali 16.2.1
New Software Features in Cisco 4000 Series ISR Release Cisco IOS XE Denali 16.2.1
Configure the Router for Web User Interface
Entering the Configuration Commands Manually
Using the Cisco Bug Search Tool
Caveats in Cisco 4000 Series Integrated Services Routers
Open Caveats - Cisco IOS XE Denali 16.2.2
Resolved Caveats - Cisco IOS XE Denali 16.2.2
Open Caveats - Cisco IOS XE Denali 16.2.1
Resolved Caveats - Cisco IOS XE Denali 16.2.1
Cisco IOS Software Documentation
Obtaining Documentation and Submitting a Service Request
This document provides information about the Cisco IOS XE Denali 16.2 software release for the Cisco 4000 Series Integrated Services Routers (ISRs) and consists of the following sections:
The Cisco 4000 Series ISRs are modular routers with LAN and WAN connections that can be configured by means of interface modules, including Cisco Enhanced Service Modules (SM-Xs), and Network Interface Modules (NIMs).
The following table lists the router models that belong to the Cisco 4000 Series ISRs.
The Cisco IOS XE Denali 16.2 Migration Guide for Access and Edge Routers contains important information for migrating successfully from Cisco IOS XE 3S to Cisco IOS XE 16.2. Before you begin the migration, read this information to ensure that you have completed all the prerequisites and understand the migration process.
For a list of caveats in this release, see the Open Caveats - Cisco IOS XE Denali 16.2.1 section.
You can use the following commands to verify your software version:
To install or upgrade, obtain a Cisco IOS XE Denali 16.2 consolidated package (image) from Cisco.com. You can find software images at http://software.cisco.com/download/navigator.html. To run the router using individual sub-packages, you also need to first download the consolidated package and extract the individual sub-packages from a consolidated package.
For information about upgrading software, see the “How to Install and Upgrade Software” section in the Software Configuration Guide for the Cisco 4000 Series ISRs.
Table 1 provides information about the recommended Rommon and CPLD versions for releases prior to Cisco IOX XE Denali 16.2.1.
Note Upgrade CLI output has a typo and it would show the version incorrectly as 15010738 instead of 15010638. This does not impact the upgrade.
Note Upgrade CLI output has a typo and it would show the version incorrectly as 15010738 instead of 15010638. This does not impact the upgrade.
For information about ROMMON version that is needed to load the Cisco IOS Denaili 16.2.1 image on a Cisco ISR 4000 Series, see the Cisco IOS XE Denali 16.2 Migration Guide for Access and Edge Routers.
For information about ROMMON and upgrading procedure, see the "ROM Monitor Overview and Basic Procedures” section in the Hardware Installation Guide for the Cisco 4000 Series Integrated Services Routers.
The hardware-programmable firmware is upgraded when Cisco 4000 Series ISR contains an incompatible version of the hardware-programmable firmware. To do this upgrade, a hardware-programmable firmware package is released to customers.
Generally, an upgrade is necessary only when a system message indicates one of the field-programmable devices on the Cisco 4000 Series ISR needs an upgrade, or a Cisco technical support representative suggests an upgrade.
From Cisco IOS XE Release 3.10S onwards, you must upgrade the CPLD firmware to support the incompatible versions of the firmware on the Cisco 4000 Series ISR. For upgrade procedures, see the Upgrading Field-Programmable Hardware Devices for Cisco 4000 Series ISRs.
You can use Cisco Feature Navigator to find information about feature, platform, and software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on cisco.com is not required.
The following limitations and restrictions apply to all releases:
The Cisco Unified Threat Defense (UTD) service requires a minimum of 8GB of DRAM and 200GB SSD.
The Cisco ISR-WAAS/AppNav service requires a system to be configured with a minimum of
8GB of DRAM and 16GB flash storage. For large service profiles, 16GB of DRAM and 32GB flash storage is required. Also, Cisco ISR-WAAS requires a minimum of 200GB SSD.
IPsec traffic is restricted on the Cisco ISR 4451-X. The router has the same IPsec functionality as a Cisco ISR G2. The default behavior of the router will be as follows (unless an HSECK9 license is installed):
This section describes new features in Cisco IOS XE Denali 16.2.1 that are supported on the Cisco 4000 Series ISRs.
The following features are supported by the Cisco 4000 Series Integrated Services Routers for Cisco IOS XE Denali 16.2.1:
This section explains how to configure the router to access Web User Interface.
Web User Interface require the following basic configuration to connect to the router and manage it.
If you don’t want to use the factory default configuration because the router already has a configuration, or for any other reason, you can use the procedure in this section to add each required command to the configuration.
To enter the Cisco IOS commands manually, complete the following steps:
Step 1 Log on to the router through the Console port or through an Ethernet port.
Step 2 If you use the Console port, and no running configuration is present in the router, the Setup command Facility starts automatically, and displays the following text:
Enter no so that you can enter Cisco IOS CLI commands directly.
If the Setup Command Facility does not start automatically, a running configuration is present, and you should go to the next step.
Step 3 When the router displays the user EXEC mode prompt, enter the enable command, and the enable password, if one is configured, as shown in the following example:
Step 4 Enter config mode by entering the config terminal command, as shown in the following example.
Step 5 Using the command syntax shown, create a user account with privilege level 15.
Step 6 If no router interface is configured with an IP address, configure one so that you can access the router over the network. The following example shows the interface Fast Ethernet 0 configured.
If you are going to connect the PC directly to the router, the PC must be on the same subnet as this interface.
Step 7 Configure the router as an http server for nonsecure communication, or as an https server for secure communication.
To configure the router as an http server, enter the ip http server command shown in the example:
To configure the router as an https server, enter the ip http secure-server command shown in the example:
Step 8 Configure the router for local authentication, by entering the ip http authentication local command, as shown in the example:
Step 9 Configure the vty lines for privilege level 15. For nonsecure access, enter the transport input telnet command. For secure access, enter the transport input telnet ssh command. An example of these commands follows:
This section provides information about the caveats in Cisco 4000 Series Integrated Services Routers routers, Cisco IOS XE Denali 16.2.1 Caveats describe unexpected behavior. Severity 1 caveats are the most serious caveats. Severity 2 caveats are less serious. Severity 3 caveats are moderate caveats. This section includes severity 1, severity 2, and selected severity 3 caveats.
The open and resolved bugs for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about bugs and vulnerabilities in this product and other Cisco hardware and software products. Within the Cisco Bug Search Tool, each bug is given a unique identifier (ID) with a pattern of CSCxxNNNNN, where x is any letter (a-z) and N is any number (0-9). The bug IDs are frequently referenced in Cisco documentation, such as Security Advisories, Field Notices and other Cisco support documents. Technical Assistance Center (TAC) engineers or other Cisco staff can also provide you with the ID for a specific bug. The Cisco Bug Search Tool enables you to filter the bugs so that you only see those in which you are interested.
In addition to being able to search for a specific bug ID, or for all bugs in a product and release, you can filter the open and/or resolved bugs by one or more of the following criteria:
You can save searches that you perform frequently. You can also bookmark the URL for a search and email the URL for those search results.
Note If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.
We recommend that you view the field notices for the current release to determine whether your software or hardware platforms are affected. You can access the field notices from the following location:
For more information about how to use the Cisco Bug Search Tool, including how to set email alerts for bugs and to save bugs and searches, see Bug Search Tool Help & FAQ.
Note You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, you can register for an account.
Step 1 In your browser, navigate to the Cisco Bug Search Tool.
Step 2 If you are redirected to a Log In page, enter your registered Cisco.com username and password and then, click Log In.
Step 3 To search for a specific bug, enter the bug ID in the Search For field and press Enter.
Step 4 To search for bugs related to a specific software release, do the following:
a. In the Product field, choose Series/Model from the drop-down list and then enter the product name in the text field. If you begin to type the product name, the Cisco Bug Search Tool provides you with a drop-down list of the top ten matches. If you do not see this product listed, continue typing to narrow the search results.
b. In the Releases field, enter the release for which you want to see bugs.
The Cisco Bug Search Tool displays a preview of the results of your search below your search criteria.
Step 5 To see more content about a specific bug, you can do the following:
Step 6 To restrict the results of a search, choose from one or more of the following filters:
A predefined date range, such as last week or last six months.
The bug severity level as defined by Cisco. For definitions of the bug severity levels, see Bug Search Tool Help & FAQ.
The rating assigned to the bug by users of the Cisco Bug Search Tool.
Your search results update when you choose a filter.
All resolved bugs for this release are available in the Cisco Bug Search Tool.
Cisco 4300 Series ISR platform crashes while executing the show platform hardware crypto-device utilization command.
Cisco 4451 ISR may experience a reload when you configure the MGCP and SIP gateway.
One way audio via Cisco 4000 Series ISR is resumed from IP phone after SNR.
Unable to upgrade firmware for xDSL modules on Cisco 4000 Series ISR platforms.
Physical interface issue is seen with primary and backup with PPPoE.
Zone-based firewall asynchronous memory API change for Cisco 4300 Series platform.
All open bugs for this release are available in the Cisco Bug Search Tool.
Cisco 4431 ISR does not scale at the level of Cisco 4451 ISR for multiple features.
UP37: Performance degradation with IPSEC + QoS combination of >-30%.
Cisco 4451 ISR displays Kernel messages with overnight traffic.
IPv4 uncap CEF: Cisco 4331 ISR and Cisco 4351 ISR has performance drop for CEF of >-5%.
CGE7: PPC kernel core dump is not generated, which triggers the kernel crash.
Web User Interface does not list any L3 interface if VRF is set to None for Call Home profile.
ISR-WAAS instance is lost after upgrading router image from mcp_dev to Cisco IOS XE Denali 16.2.
You need to enter “webui” in the URL to access Web User Interface for Cisco 4421 router.
Cisco 4451 ISR and Cisco 4421 ISR disk performance is not good with 3.10 kernel.
Issues in snap shot values in alerts tab of the Smart call page.
Cisco 4000 series snort activation fails after Cisco IOS XE Denali 16.2 upgrade
For information about the Cisco 4000 Series ISRs and associated services and modules, see:
Documentation Roadmap for the Cisco 4000 Series ISRs,Cisco IOS XE Denali 16.x.
The Cisco IOS XE Denali 16.x software documentation set consists of Cisco IOS XE Denali 16.x configuration guides and Cisco IOS command references. The configuration guides are consolidated platform-independent configuration guides organized and presented by technology. There is one set of configuration guides and command references for the Cisco IOS XE Denali 16.x release train. These Cisco IOS command references support all Cisco platforms that are running any Cisco IOS XE Denali 16.x software image.
Information in the configuration guides often includes related content that is shared across software releases and platforms.
Additionally, you can use Cisco Feature Navigator to find information about feature, platform, and software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on cisco.com is not required.
For information on obtaining documentation, submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.