Cisco 8100 Series Secure Routers, Release 17.18.x
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- US/Canada 800-553-2447
- Worldwide Support Phone Numbers
- All Tools
Feedback
Feedback
Cisco 8100 Series Secure Routers, Release 17.18.x
Cisco 8100 Series Secure Routers, Release 17.18.x
Cisco IOS XE 17.18.1a is the first release for the Cisco 8100 Series Secure Routers in the Cisco IOS XE 17.18.x release series.
The Cisco 8100 Series Secure Routers offer simplified, secure networking, powered by a custom secure networking processor (SoC) for integrated security and routing. These routers provide robust, platform-level security, advanced routing and SD-WAN performance, and flexible management options (on-premises, infrastructure-as-code, or cloud) for seamless scalability. Purpose-built for small branch environments, they deliver enterprise-grade security and high performance in a compact, energy-efficient design, featuring integrated next-generation firewall, zero trust capabilities, and SASE-ready architecture to ensure secure and reliable operations.
For information on the hardware features supported on the Cisco 8100 Series Secure Routers, refer to the Cisco 8100 Series Secure Routers datasheet.
This section provides a brief description of the new software features introduced in this release.
New software features in Cisco IOS XE 17.18.2
Table 1. New software features for Cisco 8100 Series Secure Routers, Release 17.18.2
| Product impact |
Feature |
Description |
| Security |
Infrastructure resiliency
|
Starting with the Cisco IOS XE 17.18.2 release and in future releases, Cisco software will display warning messages when configuring features or protocols that do not provide sufficient security such as those transmitting sensitive data without encryption or using outdated encryption mechanisms. Warnings will also appear when security best practices are not followed, along with suggestions for secure alternatives.
This list is subject to change, but the following is a list of features and protocols that are planned to generate warnings in releases beyond the version Cisco IOS XE 17.18.1. Release notes for each release will describe exact changes for that release:
· Plain-text and weak credential storage: Type 0 (plain text), 5 (MD5), or 7 (Vigenère cipher) in configuration files.
· SSHv1
· SNMPv1 and SNMPv2, or SNMPv3 without authentication and encryption
· MD5 (authentication) and 3DES (encryption) in SNMPv3
· IP source routing based on IP header options
· TLS 1.0 and TLS 1.1
· TLS ciphers using SHA1 for digital signatures
· HTTP
· Telnet
· FTP and TFTP
· On-Demand Routing (ODR)
· BootP server
· TCP and UDP small servers (echo, chargen, discard, daytime)
· IP finger
· NTP control messages
· TACACS+ using pre-shared keys and MD5 |
| Ease of Setup
|
From Cisco IOS XE 17.18.2, you can configure IPv6 data prefix lists, rule with rule sets, and object groups in security policy using Cisco SD-WAN Manager. |
|
| Upgrade
|
IPv6 GRE-TP tunnel as protected link support for SRv6 TI-LFA with IS-IS |
From Cisco IOS XE 17.18.2, this feature extends IPv6 GRE-TP tunnel as protected link support for SRv6 TILFA with ISIS.
|
| Upgrade |
IPv4 GRE-TP tunnel as protected link support for SR-MPLS TI-LFA with OSPFv2 |
From Cisco IOS XE 17.18.2 this feature extends IPv4 GRE-TP tunnel as protected link support for SR-MPLS TILFA with OSPFv2. |
| Upgrade
|
IPv4 GRE-TP tunnel as protected link support for SR-MPLS TI-LFA with IS-IS |
From Cisco IOS XE 17.18.2 this feature extends IPv4 GRE-TP tunnel as protected link support for SR-MPLS TILFA with ISIS.
|
This section provides a brief description of the new hardware features introduced in this release.
New hardware features in Cisco IOS XE 17.18.1
Table 2. New hardware features for Cisco 8100 Series Secure Routers, Release 17.18.1
| Product impact |
Description |
| Cisco 8100 Series Secure Routers |
From Cisco IOS XE 17.18.1a, Cisco 8100 Series Secure Routers are available in these models: · C8130-G2 · C8140-G2 · C8151-G2 · C8161-G2 |
This section lists the resolved issues in this specific software release.
Note: This software release may contain bug fixes first introduced in other releases. To see additional information, click the bug ID to access the Cisco Bug Search Tool. To search for a documented Cisco product issue, type in the browser: <bug_number> site:cisco.com.
Resolved issues in Cisco IOS XE 17.18.2
Table 3. Resolved issues for Cisco 8100 Series Secure Routers, Release 17.18.2
| Bug ID |
Description |
| SDWAN On-Demand Tunnels Do Not Expire When UMTS Is Enabled |
|
| On TPM based platform continuously control TLOC flapping will cause all SDWAN/SD-Routing control connections down |
|
| NAT64 static entry removed when command to delete non-existent entry is applied. |
|
| cEdge: device may boot up into prev_packages.conf due to power outage |
|
| NWPI not capturing self-generated syslog traffic |
|
| After upgrade to 17.15 for earlier releases sd-wan service-tracker in vrf selects source IP address from GRT when MPLS Inter-AS VPN option B configured |
|
| ISR exporters with ETA enabled are generating invalid template data errors in SNA |
|
| EPBR set interface action get missing after reboot |
|
| vDaemon crash when initializing DNS channels |
Resolved issues in Cisco IOS XE 17.18.1a
There are no customer impacting bugs that were fixed in this release.
This table lists the open issues in this specific software release.
Note: This software release may contain open bugs first identified in other releases. To see additional information, click the bug ID to access the Cisco Bug Search Tool. To search for a documented Cisco product issue, type in the browser: <bug_number> site:cisco.com.
Open issues in Cisco IOS XE 17.18.2
Table 4. Open issues for Cisco 8100 Series Secure Routers, Release 17.18.2
| Bug ID |
Description |
| cedge ignore the keepalive command under the SIG tunnel interface pushed by the vmanage |
|
| Incorrect NAT translation from service-vrf to global for self-generated ICMP 11 (Time Exceeded) packets |
|
| fman crash after fnf config changes |
|
| Cedge port forward issue with multiple ISP |
|
| Out of sync when CLI Template was attached (missing element: authentication in /ios:native/ios:line/ios:vty[ios:first='0']/ios:login/ios:authentication) |
|
| strange behavior with the Cisco Umbrella SIG tunnels configured from vManage to Umbrella. |
|
| TLOC Extension unable to program due to module boot up timing |
|
| Cipher Suites TLS 1.2 for control connections |
|
| Router crashes when configuring SSL VPN with Policy-Based Routing (PBR) and NAT |
|
| There seems to be an issue where the NAT router is not responding to ARP requests |
|
| SDWAN C-Edge Router Crashes - CPU Usage due to Memory Pressure exceeds threshold |
|
| Slow performance on Netconf RPC on 17.15.2a on stateless static NAT translation |
|
| FIB table routes: Next Hop (NH) ID 0 is getting corrupted and assigned to a value other than Blackhole |
|
| dmiauthd process crashes, due to which the configuration does not sync between startup-config and the running-config. |
|
| 17.9 cEdges - Control Connection to vManage is only Attempted over Highest Priority TLOC |
|
| Add CLI to change per MPLS label CEF statistics query interval on FMAN FP |
|
| Router crash in TDM-TDM call when debug voip fpi enabled |
|
| [XE MCAST] Multicast traffic not forwarded over P2P DMVPN phase 1 tunnel |
|
| BFD sessions flapping and not recovering - SYMNAT port not updating to data-plane |
|
| SD-WAN Edge: Periodic Service Restart May Generate Crash Files |
|
| Unexpected reload on ftmd SDWAN device |
|
| cEdge experiences an unexpected reboot due to NAT in the data-plane after a policy push |
|
| v1718/polaris: flapping nat will casue bfd session down with ipsec session shown |
|
| BFD SD-WAN PMTUD: PMTU Converges Unexpectedly to 970 Bytes After dbg2:1 Event |
|
| SD-routing: Vmanage deploy config group to Charon with LTE module/Hydra, loss the config "controller Cellular 0/2/0" |
Open issues in Cisco IOS XE 17.18.1a
Table 5. Open issues for Cisco 8100 Series Secure Routers, Release 17.18.1a
| Bug ID |
Description |
| On TPM based platform continuously control TLOC flapping will cause all SDWAN/SD-Routing control connections down |
· Hardware Installation Guide for Cisco 8100 Series Secure Routers
· Software Configuration Guide for Cisco 8100 Series Secure Routers
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2025 Cisco Systems, Inc. All rights reserved.