cc/td/doc/product/software/ios122/122relnt
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table Of Contents

Release Notes for Cisco 3600 Series for Cisco IOS Release 12.2(2)XB15

Contents

Introduction

System Requirements

Memory Recommendations

Supported Hardware

Determining the Software Version

Upgrading to a New Software Release

Feature Set Tables

New and Changed Information

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB13 to Cisco IOS Release 12.2(2)XB15

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB12

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB11

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB9 to Cisco IOS Release 12.2(2)XB10

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB6 to Cisco IOS Release 12.2(2)XB8

New Hardware Features in Cisco IOS Release 12.2(2)XB5

New Software Features in Cisco IOS Release 12.2(2)XB5

New Hardware and Software Features from Cisco IOS Release 12.2(2)XB1 to Cisco IOS Release 12.2(2)XB4

New Hardware Features in Cisco IOS Release 12.2(2)XB

New Software Features in Cisco IOS Release 12.2(2)XB

MIBs

Current MIBs

Deprecated and Replacement MIBs

Important Notes

Addition of squeeze Command for Cisco 2600 and Cisco 3600 Series Routers

CLI Command Added

Changes to output attenuation Command

Field Notices and Bulletins

Caveats for Cisco IOS Release 12.2 XB

Open Caveats—Cisco IOS Release 12.2(2)XB15

Resolved Caveats—Cisco IOS Release 12.2(2)XB15

Open Caveats—Cisco IOS Release 12.2(2)XB14

Resolved Caveats—Cisco IOS Release 12.2(2)XB14

No Caveats—Cisco IOS Release 12.2(2)XB12 to Cisco IOS Release 12.2(2)XB13

Open Caveats—Cisco IOS Release 12.2(2)XB11

Resolved Caveats—Cisco IOS Release 12.2(2)XB11

Open Caveats—Cisco IOS Release 12.2(2)XB9 to Cisco IOS Release 12.2(2)XB10

Resolved Caveats—Cisco IOS Release 12.2(2)XB9 to Cisco IOS Release 12.2(2)XB10

Open Caveats—Cisco IOS Release 12.2(2)XB8

Resolved Caveats—Cisco IOS Release 12.2(2)XB8

Open Caveats—Cisco IOS Release 12.2(2)XB7

Resolved Caveats—Cisco IOS Release 12.2(2)XB7

Open Caveats—Cisco IOS Release 12.2(2)XB6

Resolved Caveats—Cisco IOS Release 12.2(2)XB6

Open Caveats—Cisco IOS Release 12.2(2)XB5

Resolved Caveats—Cisco IOS Release 12.2(2)XB5

Open Caveats—Cisco IOS Release 12.2(2)XB4

Resolved Caveats—Cisco IOS Release 12.2(2)XB4

Open Caveats—Cisco IOS Release 12.2(2)XB3

Resolved Caveats—Cisco IOS Release 12.2(2)XB3

Open Caveats—Cisco IOS Release 12.2(2)XB2

Resolved Caveats—Cisco IOS Release 12.2(2)XB2

Open Caveats—Cisco IOS Release 12.2(2)XB1

Resolved Caveats—Cisco IOS Release 12.2(2)XB1

Open Caveats—Cisco IOS Release 12.2(2)XB

Resolved Caveats—Cisco IOS Release 12.2(2)XB

Related Documentation

Release-Specific Documents

Platform-Specific Documents

Feature Modules

Feature Navigator

Cisco IOS Software Documentation Set

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center


Release Notes for Cisco 3600 Series for Cisco IOS Release 12.2(2)XB15


January 13, 2004

Cisco IOS Release 12.2(2)XB15

OL-1675-02 Rev. N1

These release notes for the Cisco 3600 series describe the enhancements provided in Cisco IOS Release 12.2(2)XB15. These release notes are updated as needed.

For a list of the software caveats that apply to Cisco IOS Release 12.2(2)XB15, see the "Caveats for Cisco IOS Release 12.2 XB" section and Caveats for Cisco IOS Release 12.2. The caveats document is updated for every maintenance release and is located on Cisco.com and the Documentation CD-ROM.

Use these release notes with Cross-Platform Release Notes for Cisco IOS Release 12.2 located on Cisco.com and the Documentation CD-ROM.

Cisco recommends that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/warp/customer/tech_tips/index/fn.html.

Contents

These release notes describe the following topics:

Introduction

System Requirements

New and Changed Information

MIBs

Important Notes

Caveats for Cisco IOS Release 12.2 XB

Related Documentation

Obtaining Documentation

Obtaining Technical Assistance

Introduction

The Cisco 3600 series includes the Cisco 3620, Cisco 3640, and Cisco 3660 routers. As modular solutions, the Cisco 3600 series routers enable corporations to increase dialup density and take advantage of current and emerging WAN technologies and networking capabilities. The Cisco 3600 series routers are fully supported by Cisco IOS software, which includes dialup connectivity, LAN-to-LAN routing, data and access security, WAN optimization, and multimedia features.

For information on new features and Cisco IOS commands supported by Cisco IOS Release 12.2(2)XB15, see the "New and Changed Information" section and the "Related Documentation" section.

System Requirements

This section describes the system requirements for Cisco IOS Release 12.2 XB and includes the following sections:

Memory Recommendations

Supported Hardware

Determining the Software Version

Upgrading to a New Software Release

Feature Set Tables

Memory Recommendations

Table 1 Cisco IOS Release 12.2(2)XB15 Memory Recommendations for the Cisco 3600 Series Routers 

Platform
Feature Set
Image Name
Recommended Flash Memory
Recommended DRAM Memory
Runs From

Cisco 36201

Enterprise/SNASW Plus IPsec 56

c3620-a3jk8s-mz

16 MB

64 MB

RAM

Enterprise/SNASW Plus IPsec 3DES

c3620-a3jk9s-mz

16 MB

64 MB

RAM

Enterprise/SNASW Plus

c3620-a3js-mz

16 MB

64 MB

RAM

IP/IPX/AT/DEC/FW/IDS Plus

c3620-do3s-mz

16 MB

64 MB

RAM

IP/IPX/AT/DEC Plus

c3620-ds-mz

16 MB

64 MB

RAM

IP/FW/IDS Plus IPsec 56

c3620-ik8o3s-mz

16 MB

64 MB

RAM

IP Plus IPsec 56

c3620-ik8s-mz

16 MB

48 MB

RAM

IP/FW/IDS Plus IPsec 3DES

c3620-ik9o3s-mz

16 MB

64 MB

RAM

IP Plus IPsec 3DES

c3620-ik9s-mz

16 MB

64 MB

RAM

IP

c3620-i-mz

8 MB

32 MB

RAM

IP Plus

c3620-is-mz

16 MB

64 MB

RAM

IP/H323

c3620-ix-mz

8 MB

48 MB

RAM

Enterprise/FW/IDS PLUS IPsec 56

c3620-jk8o3s-mz

32 MB

96 MB

RAM

Enterprise PLUS IPsec 56

c3620-jk8s-mz

32 MB

96 MB

RAM

Enterprise/FW/IDS Plus IPsec 3DES

c3620-jk9o3s-mz

32 MB

96 MB

RAM

Enterprise Plus IPsec 3DES

c3620-jk9s-mz

32 MB

96 MB

RAM

Enterprise Plus

c3620-js-mz

32 MB

96 MB

RAM

Enterprise Plus/H.323 MCM

c3620-jsx-mz

32 MB

96 MB

RAM

Cisco 36402

Enterprise/SNASW PLUS IPsec 56

c3640-a3jk8s-mz

16 MB

64 MB

RAM

Enterprise/SNASW Plus IPsec 3DES

c3640-a3jk9s-mz

16 MB

64 MB

RAM

Enterprise/SNASW Plus

c3640-a3js-mz

16 MB

64 MB

RAM

IP/IPX/AT/DEC/FW/IDS Plus

c3640-do3s-mz

16 MB

64 MB

RAM

IP/IPX/AT/DEC Plus

c3640-ds-mz

32 MB

96 MB

RAM

IP/FW/IDS Plus IPsec 56

c3640-ik8o3s-mz

32 MB

96 MB

RAM

IP Plus IPsec 56

c3640-ik8s-mz

16 MB

64 MB

RAM

IP/FW/IDS Plus IPsec 3DES

c3640-ik9o3s-mz

32 MB

96 MB

RAM

IP Plus IPsec 3DES

c3640-ik9s-mz

32 MB

96 MB

RAM

IP

c3640-i-mz

8 MB

32 MB

RAM

IP Plus

c3640-is-mz

32 MB

96 MB

RAM

IP/H323

c3640-ix-mz

8 MB

48 MB

RAM

Enterprise/FW/IDS Plus IPsec 56

c3640-jk8o3s-mz

16 MB

64 MB

RAM

Enterprise Plus IPsec 56

c3640-jk8s-mz

16 MB

64 MB

RAM

Enterprise/FW/IDS Plus IPsec 3DES

c3640-jk9o3s-mz

32 MB

96 MB

RAM

Enterprise Plus IPsec 3DES

c3640-jk9s-mz

32 MB

96 MB

RAM

Enterprise Plus

c3640-js-mz

32 MB

96 MB

RAM

Enterprise Plus/H.323 MCM

c3640-jsx-mz

32 MB

96 MB

RAM

Cisco 36603

Enterprise/SNASW Plus IPsec 56

c3660-a3jk8s-mz

32 MB

64 MB

RAM

Enterprise/SNASW Plus IPsec 3DES

c3660-a3jk9s-mz

32 MB

64 MB

RAM

Enterprise/SNASW Plus

c3660-a3js-mz

16 MB

64 MB

RAM

IP/IPX/AT/DEC/FW/IDS Plus

c3660-do3s-mz

16 MB

64 MB

RAM

IP/IPX/AT/DEC Plus

c3660-ds-mz

32 MB

96 MB

RAM

IP/FW/IDS Plus IPsec 56

c3660-ik8o3s-mz

32 MB

96 MB

RAM

IP Plus IPsec 56

c3660-ik8s-mz

32 MB

96 MB

RAM

IP/FW/IDS Plus IPsec 3DES

c3660-ik9o3s-mz

32 MB

96 MB

RAM

IP Plus IPsec 3DES

c3660-ik9s-mz

32 MB

96 MB

RAM

IP

c3660-i-mz

8 MB

64 MB

RAM

IP Plus

c3660-is-mz

32 MB

96 MB

RAM

Enterprise/FW/IDS Plus IPsec 3DES

c3660-jk9o3s-mz

32 MB

96 MB

RAM

Enterprise Plus IPsec 3DES

c3660-jk9s-mz

32 MB

96 MB

RAM

Enterprise Plus

c3660-js-mz

32 MB

96 MB

RAM

Enterprise Plus/H.323 MCM

c3660-jsx-mz

32 MB

96 MB

RAM

Telco Plus IPsec 3DES

c3660-telcoentk9-mz

32 MB

96 MB

RAM

Telco Plus

c3660-telcoent-mz

32 MB

96 MB

RAM

1 The Cisco 3620 router is not supported in Cisco IOS Release 12.2(2)XB11.

2 The Cisco 3640 router is not supported in Cisco IOS Release 12.2(2)XB11.

3 The Cisco 3660 router uses SDRAM.


Supported Hardware

Cisco IOS Release 12.2(2)XB15 supports the following Cisco 3660 routers:

Cisco 3661

Cisco 3662


Note The Cisco 3620 and Cisco 3640 routers are not supported in Cisco IOS Release 12.2(2)XB15. However, Cisco 3620, Cisco 3640, Cisco 3661, and Cisco 3662 routers are supported in prior Cisco IOS 12.2(2)XB releases.


For detailed descriptions of the new hardware features, see the "New and Changed Information" section.

Table 2 lists the supported interfaces for the Cisco 3600 series routers for Cisco IOS Release 12.2(2)XB15.

For additional information about supported hardware for this platform and release, please refer to the Hardware/Software Compatibility Matrix in the Cisco Software Advisor at the following location:

http://www.cisco.com/cgi-bin/front.x/Support/HWSWmatrix/hwswmatrix.cgi

Table 2 Supported Interfaces for the Cisco 3600 Series Routers 

Interface, Network Module, or Data Rate
Platforms Supported
Dial Access Network Modules

16- and 32-port asynchronous (NM-16A and NM-32A)

All Cisco 3600 series platforms1

4- and 8-port synchronous/asynchronous (NM-4A/S and NM-8A/S)

All Cisco 3600 series platforms 1

6- to 30-port integrated digital modems network modules (NM-6DM, NM-12-DM, NM-18DM, NM-24DM, NM-40DM)

All Cisco 3600 series platforms 1

6 digital modem upgrade (MICA-6MOD)

All Cisco 3600 series platforms 1

8- or 16-port integrated analog network modules (NM-8AM and NM16AM)

All Cisco 3600 series platforms 1

WIC-1AM and WIC-2AM

All Cisco 3600 series platforms 1

LAN Interfaces

1- and 4-port Ethernet (AUI and 10BASE-T, NM-1E, and NM-4E)

All Cisco 3600 series platforms 1

1-port Fast Ethernet (100BASE-TX and 100BASE-FX, NM-1FE-TX and NM-1FE-FX)

All Cisco 3600 series platforms 1

Mixed Media Network Modules

1-port 10/100BASE-TX with 1-port channelized/PRI/E1 balanced mode (NM-1FE1CE1B)

All Cisco 3600 series platforms 1

1-port 10/100BASE-TX with 1-port channelized/PRI/E1 unbalanced mode (NM-1FE1CE1U)

All Cisco 3600 series platforms 1

1-port 10/100BASE-TX with 1-port channelized/PRI/T1 (NM-1FE1CT1)

All Cisco 3600 series platforms 1

1-port 10/100BASE-TX with 1-port channelized/PRI/T1 with CSU (NM-1FE1CT1-CSU)

All Cisco 3600 series platforms 1

1-port 10/100BASE-TX with 2-port channelized/PRI/E1 balanced mode (NM-1FE2CE1B)

All Cisco 3600 series platforms 1

1-port 10/100BASE-TX with 2-port channelized/PRI/E1 unbalanced mode (NM-1FE2CE1U)

All Cisco 3600 series platforms 1

1-port 10/100BASE-TX with 2-port channelized/PRI/T1 (NM-1FE2CT1)

All Cisco 3600 series platforms 1

1-port 10/100BASE-TX with 2-port channelized/PRI/T1 with CSU (NM-1FE2CT1-CSU)

All Cisco 3600 series platforms 1

1 Ethernet and 2 WAN card slots (NM-1E2W)

All Cisco 3600 series platforms 1

1 Ethernet, 1 Token Ring, and 2 WAN card slots (NM-1E1R2W)

All Cisco 3600 series platforms 1

Mixed Media Network Modules Continued

2 Ethernet and 2 WAN card slots (NM-2E2W)

All Cisco 3600 series platforms 1

1-port fast Ethernet, 1-port Token Ring with 2 WAN card slots (NM-1FE1R2W[=])

All Cisco 3600 series platforms 1

1-port Fast Ethernet with 2 WAN card slots (NM-1FE2W[=])

All Cisco 3600 series platforms 1

2-port Fast Ethernet with 2 WAN card slots (NM-2FE2W[=])

All Cisco 3600 series platforms 1

2 WAN card slots (NM-2W[=])

All Cisco 3600 series platforms 1

ATM Network Modules 2

1-port ATM-25 network modules (NM-1ATM-25)1

All Cisco 3600 series platforms 1

1-port ATM T3 network module (NM-1A-T3) 2

All Cisco 3600 series platforms 1

4-port T1 ATM network module with IMA (NM-4T1-IMA)

All Cisco 3600 series platforms 1

4-port E1 ATM network module with IMA (NM-4E1-IMA)

All Cisco 3600 series platforms 1

8-port T1 ATM network module with IMA (NM-8T1-IMA)

All Cisco 3600 series platforms 1

8-port E1 ATM network module with IMA (NM-8E1-IMA)

All Cisco 3600 series platforms 1

1-port ATM E3 network module (NM-1A-E3) 2

All Cisco 3600 series platforms 1

1-port ATM OC-3 network module with multimode fiber (NM-1A-OC3MM) 2

All Cisco 3600 series platforms 1

1-port ATM OC-3 network module with single-mode intermediate reach fiber (NM-1A-OC3SMI) 2

All Cisco 3600 series platforms 1

1-port ATM OC-3 network module with single-mode long reach fiber (NM-1A-OC3SML) 2

All Cisco 3600 series platforms 1

1-port ATM OC-3 multimode network module and circuit emulation service (NM-1A-OC3MM-1V) 2, 3

All Cisco 3600 series platforms 1

1-port ATM OC-3 single-mode, intermediate reach network module and circuit emulation service (NM-1A-OC3SMI-1V) 2, 3

All Cisco 3600 series platforms 1

1-port ATM OC-3 single-mode, long reach network module and circuit emulation service (NM-1A-OC3SML-1V) 2, 3

All Cisco 3600 series platforms 1

Digital T1/E1 Packet Voice Trunk Network Modules and Spare Components

1-port, 24-channel T1 voice/fax module supports 24 channels of medium-complexity codecs: G.729a/b, G.726, G.711, and fax; or 12 channels of G.726, G.729, G.723.1, G.728, G.729a/b, G.711, and fax. Consists of one NM-HDV, two PVDM-12s, and one VWIC-1MFT-T1.4 Part number: NM-HDV-1T1-24.

All Cisco 3600 series platforms 1

1-port, enhanced 24-channel T1 voice/fax module, supports 24 channels of high- and medium-complexity codecs: G.729a/b, G.726, G.729, G.728, G.723.1, G.711, and fax. Consists of one NM-HDV, four PVDM-12s, and one VWIC-1MFT-T1.2 Part number: NM-HDV-1T1-24E.

All Cisco 3600 series platforms 1

2-port, 48-channel T1 voice/fax module supports add/drop multiplexing (drop and insert); 48 channels of medium-complexity codecs: G.729a/b, G.726,G.711, and fax; or 24 channels of G.726, G.729, G.723.1, G.728, G.729a/b, G.711, and fax. Consists of one NM-HDV, four PVDM-12, and one VWIC-2MFT-T1-DI.2 Part number: NM-HDV-2T1-48.

All Cisco 3600 series platforms 1

1-port, 30-channel E1 voice/fax module, supports 30 channels of G.729a/b, G.726, G.711 and fax or 18 channels of G.726, G.729, G.723.1, G.728, G.729a/b, G.711, and fax. Consists of one NM-HDV, three PVDM-12s, and one VWIC-1MFT-E1 4. Part number: NM-HDV-1E1-30(=)

All Cisco 3600 series platforms 1

Digital T1/E1 Packet Voice Trunk Network Modules and Spare Components (continued)

1-port, enhanced 30-channel E1 voice/fax module supports 30 channels of G.729a/b, G.726, G.729, G.728, G.723.1, G.711, and fax. Consists of one NM-HDV, five PVDM-12s, and one VWIC-1MFT-E1. 4 (NM-HDV-1E1-30E(=)).

All Cisco 3600 series platforms 1

2-port, 60-channel E1 voice/fax module supports add/drop multiplexing (drop and insert); 60 channels of G.729a/b, G.726, G.711, and fax or 30 channels of G.726, G.729, G.723.1, G.728, G.729a/b, G.711, and fax. Consists of one NM-HDV, five PVDM-12s, and one VWIC-2MFT-E1-D1. 4 Part number NM-HDV-2E1-60(=)

All Cisco 3600 series platforms 1

High-density voice/fax network module spare. Part number: NM-HDV.

Digital T1 packet voice trunk network modules spare component

12-channel packet voice DSP module upgrade spare. Part number: PVDM-12=.

Digital T1 packet voice trunk network modules spare component

1-port RJ-48 multiflex trunk—T1 (VWIC-1MFT-T1)2

Digital T1 packet voice trunk network modules spare component

2-port RJ-48 multiflex trunk—T1 (VWIC-2MFT-T1)2

Digital T1 packet voice trunk network modules spare component

2-port RJ-48 multiflex trunk with drop and insert—T1 (VWIC-2MFT-T1-DI(=))2

Digital T1 packet voice trunk network modules spare component

T1/E1 Multiflex Voice/WAN Interface Cards

1-port T1 multiflex trunk interface (VWIC-1MFT-T1)

All Cisco 3600 series platforms 1

1-port E1 multiflex trunk interface (VWIC-1MFT-E1)

All Cisco 3600 series platforms 1

2-port T1 multiflex trunk interface (VWIC-2MFT-T1)

All Cisco 3600 series platforms 1

2-port T1 multiflex trunk interface with drop and insert (VWIC-2MFT-T1-DI)5

All Cisco 3600 series platforms 1

2-port E1 multiflex trunk interface with drop and insert (VWIC-2MFT-E1-DI)

All Cisco 3600 series platforms 1

Voice/Fax Interfaces and Network Modules1

1- and 2-port voice/fax network module (NM-1V and NM-2V)

All Cisco 3600 series platforms 1

2-port E&M voice interface card (VIC-2E/M)

All Cisco 3600 series platforms with voice/fax network module 1

2-port FXO voice interface card (VIC-2FXO, VIC-2FXO-M3, and VIC-2FXO-EU)

All Cisco 3600 series platforms with voice/fax network module 1

2-port FXS voice interface card

All Cisco 3600 series platforms with voice/fax network module 1

2-port BRI voice interface card (VIC-2BRI-S/T-TE)

Cisco 3620 and 3640 platforms with voice/fax network module 1

WAN Data Rates

48/56/64 kbps

All Cisco 3600 series platforms 1

1.544/2.048 Mbps

All Cisco 3600 series platforms 1

Up to 8 Mbps on 4-port serial network module

All Cisco 3600 series platforms 1

34.368 Mbps using ATM E3 network module

All Cisco 3600 series platforms 1

44.736 Mbps using T3 network module

All Cisco 3600 series platforms 1

Up to 52 Mbps max using HSSI network module

All Cisco 3600 series platforms 1

Up to 155 Mbps on ATM OC3 network modules

All Cisco 3600 series platforms 1

ISDN Channelized and Serial Network Modules

1- and 2-port channelized T1 modules without CSUs (NM-1CT1 and NM-1CT1)

All Cisco 3600 series platforms 1

1- and 2-port channelized T1 network modules with CSUs (NM-1CT1-CSU and NM-2CT1-CSU)

All Cisco 3600 series platforms 1

1- and 2-port E1 network modules unbalanced mode (NM-1CE1U and NM-2CE1U)

All Cisco 3600 series platforms 1

1- and 2-port E1 network modules balanced mode (NM-1CE1B and NM-2CE1B)

All Cisco 3600 series platforms 1

1-port high-speed serial interface (HSSI) network module

All Cisco 3600 series platforms 1

4- and 8-port BRI network module with NT-1 (NM-4B-U and NM-8B-U)

All Cisco 3600 series platforms 1

4- and 8-port BRI network module with S/T interface (NM-4B-S/T and NM-8B-S/T)

All Cisco 3600 series platforms 1

4-port serial (NM-4T)

All Cisco 3600 series platforms 1

Other Network Modules

Compression network module (NM-COMPR)

Cisco 3620 and 3640 series platforms 1

4 E1 data compression Advanced Integration Module (AIM-COMPR4)

Cisco 3660 series platforms 1

Hardware encryption network module6

All Cisco 3620 and 3640 series platforms 1

Hardware encryption Advanced Integration Module (AIM) 6

All Cisco 3660 series platforms 1

WAN Interface Cards

1-port T1/fractional T1/DSU/CSU WAN interface card (WIC-1DSU-T1)

All Cisco 3600 series platforms 1

1-port T1/fractional T1 56/64-kbps DSU/CSU WAN interface card (WIC-1DSU-56K4)

All Cisco 3600 series platforms 1

1-port ISDN with NT-1 WAN interface card (WIC-1B-U)

All Cisco 3600 series platforms 1

1-port ISDN WAN interface card (WIC-1B-S/T)

All Cisco 3600 series platforms 1

1-port serial WAN interface card (WIC-1T)

All Cisco 3600 series platforms 1

2-port serial (WIC-2T[=])7

All Cisco 3600 series platforms 1

2-port asynchronous/synchronous (WIC-2A/S[=]) 7

All Cisco 3600 series platforms 1

1 The Cisco 3640A series router is not supported. The Cisco 3620 and Cisco 3640 routers are not supported in Cisco IOS Release 12.2(2)XB11.

2 Requires the Cisco IOS Plus feature sets.

3 For the Cisco 3660 series only, online insertion and removal (OIR) is now supported in Cisco IOS Release 12.2 T.

4 See T1/E1 multiflex voice/WAN interface cards in this table.

5 For Cisco 3660 series, only supported in T1/E1 digital packet voice trunk network modules and new Fast Ethernet mixed media network modules: NM-1FE2W, NM-2FE2W, NM-1FE1R2W, NM-2W. For Cisco 3620 and 3640, supported in T1/E1 digital packet voice trunk network modules or in
1- or 2-port Ethernet and Fast Ethernet network modules (NM-1E2W, NM-2E2W, NM-1E1R2W, NM-1FE2W, NM-2FE2W, NM-1FE1R2W, NM-2W).

6 A Cisco 3600 series router with a VPN module installed will run with any feature set for the Cisco IOS 12.1(5)T and later software, but the module is utilized only with IPSec feature sets. For example, Cisco 3600 series Cisco IOS IP-only software for 12.1(5)T will run on a Cisco 3600 series router with the VPN module installed, but it will not be enabled for IPSec and will not exploit the features of the VPN module.

7 Supported in Fast Ethernet mixed media network modules: NM-1FE2W, NM-2FE2W, NM-1FE1R2W, NM-2W.


Determining the Software Version

To determine the version of Cisco IOS software running on your Cisco 3600 series, log in to the Cisco 3600 series and enter the show version EXEC command:

Router> show version
Cisco Internetwork Operating System Software
IOS (tm) 12.2 XB Software c3660-a3js-mz, Version 12.2(2)XB15, RELEASE SOFTWARE

Upgrading to a New Software Release

For general information about upgrading to a new software release, refer to Software Installation and Upgrade Procedures located at the following URL:

http://www.cisco.com/warp/public/130/upgrade_index.shtml

Feature Set Tables

The Cisco IOS software is packaged in feature sets consisting of software images—depending on the platform. Each feature set contains a specific set of Cisco IOS features.

Cisco IOS Release 12.2(2)XB15 supports the same feature sets as Cisco IOS Release 12.2(4) T, but Cisco IOS Release 12.2(2)XB15 can include new features supported by the Cisco 3600 series.


Caution Cisco IOS images with strong encryption (including, but not limited to, 168-bit Triple Data Encryption Standard [3DES] data encryption feature sets) are subject to United States government export controls and have limited distribution. Strong encryption images to be installed outside the United States are likely to require an export license. Customer orders may be denied or subject to delay because of United States government regulations. When applicable, purchaser and user must obtain local import and use authorizations for all encryption strengths. Please contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com.

Table 3, and Table 4 list the features and feature sets supported by the Cisco 3620 router in releases prior to Cisco IOS Release 12.2(2)XB15. Table 5 and Table 6 list the features and feature sets supported by the Cisco 3640 router in releases prior to Cisco IOS Release 12.2(2)XB15. The Cisco 3620 and Cisco 3640 routers are not supported in Cisco IOS Release 12.2(2)XB15.

Table 7, Table 8, and Table 9 list the features and feature sets supported by the Cisco 3660 routers in Cisco IOS Release 12.2(2)XB15. These tables all use the following conventions:

Yes—The feature is supported in the software image.

No—The feature is not supported in the software image.

In—The number in the "In" column indicates the Cisco IOS release in which the feature was introduced.


Note These release notes are not cumulative and only list features that are new to Cisco IOS Release 12.2(2)XB15. The parent release for Cisco IOS Release 12.2(2)XB15 is Cisco IOS Release 12.2(4) T. To find information about inherited features, refer to Cisco.com or Feature Navigator. For Cisco.com, go to http://www.cisco.com/univercd/home/index.htm, select the appropriate software release under Cisco IOS Software, and click Release Notes. If you have a Cisco.com login account, you can use the Feature Navigator tool at http://www.cisco.com/go/fn.


Table 3 Feature List by Feature Set for the Cisco 3620 Router, Part 1 of 2 

Features
In
Software Images by Feature Sets
IP1
IP Plus
IP/FW/IDS Plus
IPsec 56
IP Plus
IPsec 3DES
IP/FW/IDS
Plus IPsec 3DES
Dial Services

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 series

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

IP Routing Protocols

SIP INVITE Request with Malformed Via Header

12.2(2)XB

No

Yes

No

No

No

Multiservice Applications—Voice

ATM Software Segmentation and Reassembly (SAR)

12.2(2)XB

No

Yes

Yes

Yes

Yes

Call Transfer Capabilities Using Refer

12.2(2)XB

No

Yes

No

No

No

Cisco Gateway Management Agent (CGMA)

12.2(2)XB

No

Yes

No

No

No

Configurable PSTN Cause Code to SIP Response Mapping

12.2(2)XB

No

Yes

No

No

No

DTMF Relay using NTE

12.2(2)XB

No

Yes

No

No

No

GKTMP Interface Resiliency Enhancement

12.2(2)XB

No

No

No

No

No

GKTMP Security Token Enhancement

12.2(2)XB

No

No

No

No

No

IOS Telephony Services - IP-Keyswitch

12.2(2)XB

No

Yes

Yes

Yes

Yes

RFC2782 Compliance for DNS SRV

12.2(2)XB

No

Yes

No

No

No

SIP Gateway Support for Bind Command

12.2(2)XB

No

Yes

No

No

No

SIP Gateway support of RSVP and "tel" URL

12.2(2)XB

No

Yes

No

No

No

SIP Intra-gateway Hairpinning

12.2(2)XB

No

Yes

No

No

No

SIP T.38 Fax Relay

12.2(2)XB

No

Yes

No

No

No

Survivability Remote Site Telephony

12.2(2)XB

No

Yes

Yes

Yes

Yes

Other
 

SIP T.37 and Cisco Fax

12.2(2)XB

No

Yes

No

No

No

1 The IP Image was added in Cisco IOS Release 12.2(2)XB1


Table 4 Feature List by Feature Set for the Cisco 3620 Router, Part 2 of 2 

Features
In
Software Images by Feature Sets
IP/IPX/AT/
DEC Plus
Enterprise
Plus
Enterprise Plus IPsec
3DES
Enterprise/
FW/IDS Plus
IPsec 3DES
Enterprise
Plus/H.323
MCM
Dial Services

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 series

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

IP Routing Protocols

SIP INVITE Request with Malformed Via Header

12.2(2)XB

No

Yes

No

No

No

Multiservice Applications—Voice
       

ATM Software Segmentation and Reassembly (SAR)

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

Call Transfer Capabilities Using Refer

12.2(2)XB

No

Yes

No

No

No

Cisco Gateway Management Agent (CGMA)

12.2(2)XB

No

Yes

No

No

No

Configurable PSTN Cause Code to SIP Response Mapping

12.2(2)XB

No

Yes

No

No

No

DTMF Relay using NTE

12.2(2)XB

No

Yes

No

No

No

GKTMP Interface Resiliency Enhancement

12.2(2)XB

No

No

No

No

No

GKTMP Security Token Enhancement

12.2(2)XB

No

No

No

No

No

IOS Telephony Services - IP-Keyswitch

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

RFC2782 Compliance for DNS SRV

12.2(2)XB

No

Yes

No

No

No

SIP Gateway Support for Bind Command

12.2(2)XB

No

Yes

No

No

No

SIP Gateway support of RSVP and "tel" URL

12.2(2)XB

No

Yes

No

No

No

SIP Intra-gateway Hairpinning

12.2(2)XB

No

Yes

No

No

No

SIP T.38 Fax Relay

12.2(2)XB

No

Yes

No

No

No

Survivability Remote Site Telephony

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

Other

SIP T.37 and Cisco Fax

12.2(2)XB

No

Yes

No

No

No


Table 5 Feature List by Feature Set for the Cisco 3640 Router, Part 1 of 2 

Features
In
Software Images by Feature Sets
IP1
IP Plus
IP Plus
IPsec 3DES
IP/FW/IDS
Plus IPsec 3DES
IP/FW/IDS Plus
IPsec 56
Dial Services

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 series

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

IP Routing Protocols

SIP INVITE Request with Malformed Via Header

12.2(2)XB

No

Yes

No

No

No

Multiservice Applications—Voice

ATM Software Segmentation and Reassembly (SAR)

12.2(2)XB

No

Yes

Yes

Yes

Yes

Call Transfer Capabilities Using Refer

12.2(2)XB

No

Yes

No

No

No

Cisco Gateway Management Agent (CGMA)

12.2(2)XB

No

Yes

No

No

No

Configurable PSTN Cause Code to SIP Response Mapping

12.2(2)XB

No

Yes

No

No

No

DTMF Relay using NTE

12.2(2)XB

No

Yes

No

No

No

GKTMP Interface Resiliency Enhancement

12.2(2)XB

No

No

No

No

No

GKTMP Security Token Enhancement

12.2(2)XB

No

No

No

No

No

IOS Telephony Services - IP-Keyswitch

12.2(2)XB

No

Yes

Yes

Yes

Yes

RFC2782 Compliance for DNS SRV

12.2(2)XB

No

Yes

No

No

No

SIP Gateway Support for Bind Command

12.2(2)XB

No

Yes

No

No

No

SIP Gateway support of RSVP and "tel" URL

12.2(2)XB

No

Yes

No

No

No

SIP Intra-gateway Hairpinning

12.2(2)XB

No

Yes

No

No

No

SIP T.38 Fax Relay

12.2(2)XB

No

Yes

No

No

No

Survivability Remote Site Telephony

12.2(2)XB

No

Yes

Yes

Yes

Yes

Other

SIP T.37 and Cisco Fax

12.2(2)XB

No

Yes

No

No

No

1 The IP Image was added in Cisco IOS Release 12.2(2)XB1


Table 6 Feature List by Feature Set for the Cisco 3640 Router, Part 2 of 2 

Features
In
Software Images by Feature Sets
IP/IPX/AT/
DEC Plus
Enterprise Plus
Enterprise Plus
IPsec 3DES
Enterprise/
FW/IDS Plus
IPsec 3DES
Enterprise
Plus/H.323
MCM
Dial Services

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 series

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

IP Routing Protocols

SIP INVITE Request with Malformed Via Header

12.2(2)XB

No

Yes

No

No

No

Multiservice Applications—Voice

ATM Software Segmentation and Reassembly (SAR)

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

Call Transfer Capabilities Using Refer

12.2(2)XB

No

Yes

No

No

No

Cisco Gateway Management Agent (CGMA)

12.2(2)XB

No

Yes

No

No

No

Configurable PSTN Cause Code to SIP Response Mapping

12.2(2)XB

No

Yes

No

No

No

DTMF Relay using NTE

12.2(2)XB

No

Yes

No

No

No

GKTMP Interface Resiliency Enhancement

12.2(2)XB

No

No

No

No

No

GKTMP Security Token Enhancement

12.2(2)XB

No

No

No

No

No

IOS Telephony Services - IP-Keyswitch

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

RFC2782 Compliance for DNS SRV

12.2(2)XB

No

Yes

No

No

No

SIP Gateway Support for Bind Command

12.2(2)XB

No

Yes

No

No

No

SIP Gateway Support of RSVP and "tel" URL

12.2(2)XB

No

Yes

No

No

No

SIP Intra-Gateway Hairpinning

12.2(2)XB

No

Yes

No

No

No

SIP T.38 Fax Relay

12.2(2)XB

No

Yes

No

No

No

Survivability Remote Site Telephony

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

Other

SIP T.37 and Cisco Fax

12.2(2)XB

No

Yes

No

No

No


Table 7 Feature List by Feature Set for the Cisco 3660 Router, Part 1 of 3 

Features
In
Software Images by Feature Sets
IP1
IP Plus
IP/FW/IDS Plus
IPsec 56
IP Plus
IPsec 3DES
IP/FW/IDS Plus
IPsec 3DES
Dial Services

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 series

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

IP Routing Protocols

SIP INVITE Request with Malformed Via Header

12.2(2)XB

No

Yes

No

No

No

Interfaces

AIM-Voice-30, AIM-ATM-Voice-30

12.2(2)XB

No

Yes

No

Yes

Yes

Multiservice Applications—Voice

ATM Software Segmentation and Reassembly (SAR)

12.2(2)XB

No

Yes

No

Yes

Yes

Call Transfer Capabilities Using Refer

12.2(2)XB

No

Yes

No

No

No

Cisco Gateway Management Agent (CGMA)

12.2(2)XB

No

Yes

No

No

No

Configurable PSTN Cause Code to SIP Response Mapping

12.2(2)XB

No

Yes

No

No

No

DTMF Relay using NTE

12.2(2)XB

No

Yes

No

No

No

Full Functionality Long Pound

12.2(2)XB

No

Yes

Yes

Yes

Yes

GKTMP Interface Resiliency Enhancement

12.2(2)XB

No

No

No

No

No

GKTMP Security Token Enhancement

12.2(2)XB

No

No

No

No

No

IOS Telephony Services - IP-Keyswitch

12.2(2)XB

No

Yes

No

Yes

Yes

MGCP based Fax (T.38) and DTMF Relay

12.2(2)XB

No

Yes

Yes

Yes

Yes

RADIUS Packet of Disconnect

12.2(2)XB

No

Yes

Yes

Yes

Yes

RFC2782 Compliance for DNS SRV

12.2(2)XB

No

Yes

No

No

No

SIP Gateway Support for Bind Command

12.2(2)XB

No

Yes

No

No

No

SIP Gateway support of RSVP and "tel" URL

12.2(2)XB

No

Yes

No

No

No

SIP Intra-gateway Hairpinning

12.2(2)XB

No

Yes

No

No

No

SIP T.38 Fax Relay

12.2(2)XB

No

Yes

No

No

No

Survivability Remote Site Telephony

12.2(2)XB

No

Yes

No

Yes

Yes

Other

SIP T.37 and Cisco Fax

12.2(2)XB

No

Yes

No

No

No

Quality of Service

MGCP VoIP Call Admission Control

12.2(2)XB

No

Yes

Yes

Yes

Yes

1 The IP Image was added in Cisco IOS Release 12.2(2)XB1


Table 8 Feature List by Feature Set for the Cisco 3660 Router, Part 2 of 3 

Features
In
Software Images by Feature Sets
IP Plus
IPsec 56
IP/IPX/AT/
DEC Plus
Enterprise
Plus
Enterprise
Plus IPsec
3DES
Enterprise
/FW/IDS
Plus IPsec
3DES
Dial Services

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 series

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

IP Routing Protocols

SIP INVITE Request with Malformed Via Header

12.2(2)XB

No

No

Yes

No

No

Interfaces

AIM-Voice-30, AIM-ATM-Voice-30

12.2(2)XB

No

 

Yes

Yes

Yes

Multiservice Applications—Voice

ATM Software Segmentation and Reassembly (SAR)

12.2(2)XB

No

Yes

Yes

Yes

Yes

Call Transfer Capabilities Using Refer

12.2(2)XB

No

No

Yes

No

No

Cisco Gateway Management Agent (CGMA)

12.2(2)XB

No

No

Yes

No

No

Configurable PSTN Cause Code to SIP Response Mapping

12.2(2)XB

No

No

Yes

No

No

DTMF Relay using NTE

12.2(2)XB

No

No

Yes

No

No

Full Functionality Long Pound

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

GKTMP Interface Resiliency Enhancement

12.2(2)XB

No

No

No

No

No

GKTMP Security Token Enhancement

12.2(2)XB

No

No

No

No

No

IOS Telephony Services - IP-Keyswitch

12.2(2)XB

No

Yes

Yes

Yes

Yes

MGCP based Fax (T.38) and DTMF Relay

12.2(2)XB

Yes

No

Yes

Yes

Yes

RADIUS Packet of Disconnect

12.2(2)XB

Yes

Yes

Yes

Yes

Yes

RFC2782 Compliance for DNS SRV

12.2(2)XB

No

No

Yes

No

No

SIP Gateway Support for Bind Command

12.2(2)XB

No

No

Yes

No

No

SIP Gateway support of RSVP and "tel" URL

12.2(2)XB

No

No

Yes

No

No

SIP Intra-gateway Hairpinning

12.2(2)XB

No

No

Yes

No

No

SIP T.38 Fax Relay

12.2(2)XB

No

No

Yes

No

No

Survivability Remote Site Telephony

12.2(2)XB

No

Yes

Yes

Yes

Yes

Other

SIP T.37 and Cisco Fax

12.2(2)XB

No

No

Yes

No

No

Quality of Service

MGCP VoIP Call Admission Control

12.2(2)XB

Yes

No

Yes

Yes

Yes


Table 9 Feature List by Feature Set for the Cisco 3660 Router, Part 3 of 3

Features
In
Software Images by Feature Sets
Enterprise
Plus/H.323 MCM
Telco Plus
Telco Plus
IPsec 3DES
Dial Services

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 series

12.2(2)XB

Yes

Yes

Yes

IP Routing Protocols

SIP INVITE Request with Malformed Via Header

12.2(2)XB

No

No

No

Interfaces

AIM-Voice-30, AIM-ATM-Voice-30

12.2(2)XB

Yes

Yes

No

Multiservice Applications—Voice

ATM Software Segmentation and Reassembly (SAR)

12.2(2)XB

Yes

Yes

No

Call Transfer Capabilities Using Refer

12.2(2)XB

No

No

No

Cisco Gateway Management Agent (CGMA)

12.2(2)XB

No

No

No

Configurable PSTN Cause Code to SIP Response Mapping

12.2(2)XB

No

No

No

DTMF Relay using NTE

12.2(2)XB

No

No

No

Full Functionality Long Pound

12.2(2)XB

Yes

Yes

Yes

GKTMP Interface Resiliency Enhancement

12.2(2)XB

No

No

No

GKTMP Security Token Enhancement

12.2(2)XB

No

No

No

IOS Telephony Services - IP-Keyswitch

12.2(2)XB

Yes

Yes

No

MGCP based Fax (T.38) and DTMF Relay

12.2(2)XB

Yes

No

No

RADIUS Packet of Disconnect

12.2(2)XB

Yes

Yes

Yes

RFC2782 Compliance for DNS SRV

12.2(2)XB

No

No

No

SIP Gateway Support for Bind Command

12.2(2)XB

No

No

No

SIP Gateway support of RSVP and "tel" URL

12.2(2)XB

No

No

No

SIP Intra-gateway Hairpinning

12.2(2)XB

No

No

No

SIP T.38 Fax Relay

12.2(2)XB

No

No

No

Survivability Remote Site Telephony

12.2(2)XB

Yes

Yes

No

Other

SIP T.37 and Cisco Fax

12.2(2)XB

No

No

No

Quality of Service

MGCP VoIP Call Admission Control

12.2(2)XB

Yes

No

No


New and Changed Information

The following sections list the new hardware and software features supported by the Cisco 3600 series for Cisco IOS Release 12.2(2)XB15.

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB13 to Cisco IOS Release 12.2(2)XB15

No new hardware and software features are supported by the Cisco 3600 series for Cisco IOS Release 12.2(2)XB13 to Cisco IOS Release 12.2(2)XB15.


Note Cisco IOS Release 12.2(2)XB13 does not exist.


New Hardware and Software Features in Cisco IOS Release 12.2(2)XB12

Cisco IOS Release 12.2(2)XB12 does not support the Cisco 3600 series.

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB11

No new hardware or software features are supported by the Cisco 3600 series in Cisco IOS Release 12.2(2)XB11.

New Hardware and Software Features in Cisco IOS Release 12.2(2)XB9 to Cisco IOS Release 12.2(2)XB10

Cisco IOS Release 12.2(2)XB9 to Cisco IOS Release 12.2(2)XB10 do not support the Cisco 3600 series.


Note Cisco IOS Release 12.2(2)XB9 is not distributed for widespread availability.


New Hardware and Software Features in Cisco IOS Release 12.2(2)XB6 to Cisco IOS Release 12.2(2)XB8

No new hardware or software features are supported by the Cisco 3600 series for Cisco IOS Release 12.2(2)XB6 to Cisco IOS Release 12.2(2)XB8.

New Hardware Features in Cisco IOS Release 12.2(2)XB5

No new hardware features are supported by the Cisco 3600 series for Cisco IOS Release 12.2(2)XB5.

New Software Features in Cisco IOS Release 12.2(2)XB5

The following new software features are supported by the Cisco 3600 series for Cisco IOS Release 12.2(2)XB5:

EAP RADIUS Support

The EAP RADIUS Support feature allows users to apply to the client authentication methods that may not be supported by the network access server; this is done via the Extensible Authentication Protocol (EAP). Before this feature was introduced, support for various authentication methods for PPP connections required custom vendor-specific work and changes to the client and NAS.

EAP is an authentication protocol for PPP that supports multiple authentication mechanisms that are negotiated during the authentication phase (instead of the link control protocol [LCP] phase). EAP allows a third-party authentication server to interact with a PPP implementation through a generic interface.

MS CHAP Version 2

The MS CHAP Version 2 feature in Cisco IOS Release 12.2(2)XB5 introduces the ability of Cisco routers to utilize Microsoft Challenge Handshake Authentication Protocol Version 2 (MSCHAP V2) authentication for PPP connections between a computer using a Microsoft Windows operating system and a network access server (NAS). MSCHAP V2 authentication is an updated version of MSCHAP that is similar to, but incompatible with MSCHAP. MSCHAP V2 introduces mutual authentication between peers and a change password feature.

New Hardware and Software Features from Cisco IOS Release 12.2(2)XB1 to Cisco IOS Release 12.2(2)XB4

No new hardware or software features are supported by the Cisco 3600 series from Cisco IOS Release 12.2(2)XB1 to Cisco IOS Release 12.2(2)XB4.

New Hardware Features in Cisco IOS Release 12.2(2)XB

The following new hardware features are supported by the Cisco 3600 series for Cisco IOS Release 12.2(2)XB:

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 Series

The 1- and 2-port V.90 modem WAN interface cards (WICs) for Cisco 2600 and 3600 series multiservice platforms provide low-density integrated modems for remote management, dial-backup, and low-density remote-access servers (RAS).

Refer to the Cisco WAN Interface Card Hardware Installation Guide for further information at http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis2600/hw_inst/wic_inst/wic_doc/index.htm.

See also the "1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 Series" below.

New Software Features in Cisco IOS Release 12.2(2)XB

The following new software features are supported by the Cisco 3600 series for Cisco IOS Release 12.2(2)XB:

1- and 2- Port V.90 Modem WICs for Cisco 2600 and 3600 Series

Three applications are available for the V.90 modem WIC on the Cisco 2600 and Cisco 3600 series Multiservice Platforms:

Remote Router Management and Out-of-Band Access

In this mode, the modem WIC is used as a dial-in modem for remote terminal access to the router's command-line interface (CLI) for configuration, troubleshooting, and monitoring. The modem WIC acts similar to a modem that is connected to the AUX port of a router, but the integrated nature of the modem WIC greatly decreases customer configuration time and deployment and sustaining costs. Typically, the 1-port modem WIC is used for this application. Connection speeds of up to 33.6 kbps are possible.

Asynchronous Dial-on-Demand Routing and Dial-Backup

In this mode, the V.90 modem WIC transports network traffic. When ISDN service is not available and the traffic load does not justify a leased-line or Frame Relay connection, asynchronous dial-on-demand routing (DDR) is often the only choice for making a WAN connection. Even at sites that do have leased-line or Frame Relay connection, asynchronous DDR can increase bandwidth during sustained traffic load. In addition, when the primary leased-line or Frame Relay link is down during an outage, asynchronous dial-backup provides a secondary way to make the WAN connection. Both the 1-port and 2-port versions of the V.90 modem WIC can be used for this application.

Low-Density Analog RAS Access

In this application, the V.90 modem WIC enables the platform to provide the services of a typical small remote access server (RAS). One service allows remote users to dial in and gain access to resources on the LAN (or even across the WAN). The analog modems in the modem WIC allow dial-in connection speeds of up to 33.6 kbps, but MLP can bind multiple links together and increase the throughput.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ft12pwic.htm

ATM Software Segmentation and Reassembly (SAR)

The Cisco 2600 series T1/E1 ATM AAL2 and AAL5 support and Cisco 3660 T1 IMA AAL2 Support feature allows the Cisco 2600 series to carry voice and data traffic over ATM networks using AAL2 and AAL5 and the Cisco 3660 to support AAL2 voice traffic.

For the Cisco 2600 series, this feature works in conjunction with the T1/E1 Multiflex Voice/WAN interface card (VWIC), which is plugged into a WIC slot to provide one ATM WAN interface at a T1/E1 rate supporting up to 24/30 channels of voice.

T1/E1 ATM support is a time-to-market feature that helps service providers take advantage of the inherent quality of service (QoS) features of ATM multiservice applications. FR-ATM (FRF.5 and FRF.8) internetworking is supported on the Cisco 2600 series.

On the Cisco 3660 a T1 IMA Network Module is used as the IMA interface providing a maximum of one ATM IMA interface that supports up to 48/60 voice channels. Up to eight T1/E1s and multiple IMA groups are permitted, but only the first IMA group supports voice over AAL2 for up to 48/60 voice channels. NM-IMA already supports AAL5 on both the Cisco 2600 and Cisco 3600 series (not just 3660).

The Cisco 2600 series T1/E1 ATM portion of this feature provides a shared implementation of the ATM features currently available on the Cisco MC3810 with the Cisco 2600 series.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ft_t1atm.htm

AIM-Voice-30, AIM-ATM-Voice-30

Three types of Advanced Integration Module (AIM) provide components that provide segmentation and reassembly (SAR) of packets for ATM transport over a wide-area network (WAN) and voice digital signal processing (DSP) services. The Cisco 2600 series has one internal slot for an AIM, and the Cisco 3660 has two. The three types of AIM are as follows:

AIM-ATM—A High-Performance ATM AIM, which enables voice and data traffic to be carried over ATM networks using AAL2 and AAL5 encapsulation, when installed in Cisco 2600 series or Cisco 3660 routers. If used in conjunction with a T1/E1 multiflex trunk voice/WAN interface card (VWIC-MFT) for circuit-mode data and frame-mode data over ATM infrastructures, it supports up to four T1 or E1 WAN interfaces. These interfaces may be four independent links or four inverse multiplexing over ATM (IMA) groups. When using the voice DSP capability of a digital T1/E1 packet voice trunk network module (NM-HDV) and a T1/E1 multiflex trunk VWIC, it supports as many as 30 channels of compressed voice over a T1/E1 trunk using AAL2 or AAL5. Analog Voice over ATM (VoATM) is enabled with a voice/fax network module (NM-1V or NM-2V) and a voice interface card, which support as many as four analog voice calls using AAL5. All voice interface cards are supported: FXS, FXO, Analog-DID, E&M, and BRI.

AIM-VOICE-30—An advanced integration module capable of supporting up to 30 voice or fax channels when used with one of the T1/E1 voice/WAN interface cards (such as VWIC-1T1). This AIM includes powerful DSPs that are used for a number of voice processing tasks such as voice compression and decompression, voice activity detection or silence suppression, and private branch exchange (PBX) or public switched telephone network (PSTN) signaling protocols. By using the AIM-VOICE-30 in a Cisco 2600 series router, customers can support Voice over IP (VoIP) or Voice over Frame Relay (VoFR) while leaving the router's network module slot open for other functions such as asynchronous or synchronous serial concentration. When used in combination with one of the various ATM network modules, VoATM or VoIP over ATM can be provisioned using AAL5 and Voice over AAL2 (VoAAL2).

AIM-ATM-VOICE-30—a combined ATM and DSP AIM that supports voice over ATM (VoATM), voice over IP (VoIP), and voice over Frame Relay (VoFR). It supports as many as four T1 or E1 trunks when installed in a Cisco 2600 series or Cisco 3660 router. This AIM is used in combination with one T1/E1 multiflex trunk interface (VWIC-MFT) to provide PBX or PSTN signaling protocols. It uses VoAAL2 (ITU I.366.1/I.363.2) and VoAAL5, and does not require use of a digital T1/E1 packet voice trunk network module. This AIM has an onboard ATM coprocessor for increased AAL2 and AAL5 performance, and for as many as four IMA groups, enabling fractional T3 or E3 bandwidth performance.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ft_gins2.htm

Call Transfer Capabilities Using Refer

Call transfer allows a wide variety of decentralized multiparty call operations. These decentralized call operations form the basis for third-party call control, and thus are important features for Voice over IP (VoIP) and SIP. Call transfer is also critical for conference calling, where calls can transition smoothly between multiple point-to-point links and IP level multicasting.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ftrefer.htm

Cisco Gateway Management Agent (CGMA)

The CGMA feature provides an extensible markup language (XML) interface to support real-time management of a Cisco IOS gateway (GW). Currently, GWs provide statistics using Simple Network Management Protocol (SNMP) and do not support real-time polling. The CGMA feature allows GWs to communicate with third-party management applications using XML over TCP/IP.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ft_cgma.htm

Configurable PSTN Cause Code to SIP Response Mapping

For calls to be established between a SIP network and a PSTN network, the two networks must be able to interoperate. One aspect of their interoperation is the mapping of PSTN cause codes, which indicate reasons for PSTN call failure or completion, to SIP status codes or events. The opposite is also true: SIP status codes or events are mapped to PSTN cause codes. Event mapping tables found in this document show the standard or default mappings between SIP and PSTN.

However, you may want to customize the SIP user agent software to override the default mappings between the SIP and PSTN networks. The Configurable PSTN Cause Code to SIP Response Mapping feature allows you to configure specific map settings between the PSTN and SIP networks. Thus, any SIP status code can be mapped to any PSTN cause code, or vice versa. When set, these settings can be stored in the NVRAM and are restored automatically on bootup.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ftmap.htm

DTMF Relay using NTE

The SIP NTE DTMF relay feature is used for the following applications:

Reliable DTMF Relay

SIP Phone Support


Note The SIP NTE DTMF relay feature is implemented for SIP calls only on Cisco Voice-over-IP (VoIP) gateways.


Reliable DTMF Relay

The SIP NTE DTMF relay feature provides reliable digit relay between Cisco VoIP gateways when a low bandwidth codec is used. Using NTE to relay DTMF tones provides a standardized means of transporting DTMF tones in Real-Time Transport Protocol (RTP) packets according to section 3 of RFC 2833, RTP Payload for DTMF Digits, Telephony Tones and Telephony Signals, developed by the Internet Engineering Task Force (IETF) Audio/Video Transport (AVT) working group. RFC 2833 defines formats of NTE RTP packets used to transport DTMF digits, hookflash, and other telephony events between two peer endpoints.


Note The SIP NTE DTMF relay feature does not support hookflash generation for advanced features such as call waiting and conferencing.


SIP Phone Support

The SIP NTE DTMF relay feature adds SIP phone support. When SIP IP phones are running software that does not have the capability to generate DTMF tones, the phones use NTE packets to indicate DTMF digits. With the SIP NTE DTMF relay feature, Cisco VoIP gateways can communicate with SIP phones that use NTE packets to indicate DTMF digits. The Cisco VoIP gateways can relay the digits to other endpoints.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ft_dtmf.htm

Full Functionality Long Pound

This feature allows an IVR application to detect a long pound (new call request) at any point after the gateway accepts the incoming call. When the calling-party presses "long #", the gateway terminates any current or pending call state and initiates a new call setup.

For further information, refer to the TCL IVR API Version 2.0 Programmer's Guide at http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/vapp_dev/tclivrv2.htm.

GKTMP Security Token Enhancement

GKTMP Security Token Enhancement enhances the passing of clear tokens up to the RouteServer and then down to the endpoints from the RouteServer. This feature provides enhancements to mix and match local (in domain) gateways with remote access server determinations. It also adds new parameters to the following commands

Response ARQ

Request LRQ

Response LRQ

Request LCF

Response LCF

Request DRQ

These new parameters can be found in GKTMP Messages (GK API Guide Version 3.1) chapter of the Gatekeeper External Interface Reference, Version 3.1 at http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/rel_docs/gktmpv31/gk_tmp.htm

GKTMP Interface Resiliency Enhancement

Gatekeeper Transaction Message Protocol (GKTMP) is used between the Cisco IOS Gatekeeper and a server to provide enhanced call routing and address translation services. The GKTMP Interface Resiliency Enhancement feature adds the following robustness and load balancing functionality.

Enhanced REQUEST DRQ Message—The Gatekeeper Transaction Message Protocol (GKTMP) Interface Resiliency Enhancement feature provides additional parameters in the disengage request (REQUEST DRQ) message sent from the GK to the server.

New REQUEST ALV and RESPONSE ALV Messages— The REQUEST ALV message is sent to detect server failures and is sent from the GK to the GKTMP server as soon as the server registers with the GK. The GKTMP server responds to the REQUEST ALV message with a RESPONSE ALV message.

Server Failure Detection and Flow Control—The GKTMP Interface Resiliency Enhancement feature provides a new command to start the GK's flow-control and failure detection features. Using the server flow-control command, you can set a timeout value for responses from the server to the GK. The GK measures the average time taken by the server to process each transaction. If the time period for processing reaches 80 percent of the configured timeout value, the server is marked as unavailable. The GK routes transactions bound for this server to alternate servers if they are available. If no alternate servers are available, the GK handles the calls.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ftgkire.htm

IOS Telephony Services - IP-Keyswitch

The IP Keyswitch feature provides Cisco IP phone call-handling capabilities in a LAN environment. This feature enables the Cisco IAD2400 series to provide IP Keyswitch capability integrated in the router for the Cisco IP Phone 7960, Cisco IP Phone 7940, and Cisco IP Phone 7910. It loads phone images, and configures, and manages the Cisco IP phones in your LAN. It also provides a host of features such as call forwarding, call transfer, and hold, for example. The IP Keyswitch feature provides you with integrated call processing capabilities for a small office with up to 48 extensions.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/access/ip_ph/ip_ks/index.htm

MGCP-Based Fax (T.38) and DTMF Relay

The MGCP Based Fax (T.38) and DTMF (IETF) Relay feature adds support for fax relay and DTMF relay with MGCP. The fax relay component conforms to ITU-T T.38, Procedures for real-time Group 3 facsimile communication over IP networks, which determines procedures for real-time facsimile communication in various gateway control protocol (XGCP) applications. The DTMF relay component conforms to RFC 2833, RTP Payload for DTMF Digits, Telephony Tones and Telephony Signals, developed by the Internet Engineering Task Force (IETF) Audio/Video Transport (AVT) working group. Per RFC 2833, DTMF is relayed using Named Telephony Events (NTEs) in Real-Time Transport Protocol (RTP) packets.

This feature provides two modes of implementation for each component: gateway (GW)-controlled mode and call agent (CA)-controlled mode. In GW-controlled mode, GWs negotiate DTMF and fax relay transmission by exchanging capability information in Session Description Protocol (SDP) messages. That transmission is transparent to the CA. GW-controlled mode allows use of the MGCP Based Fax (T.38) and DTMF (IETF) Relay feature without upgrading the CA software to support the feature.

In CA-controlled mode, CAs use MGCP messaging to instruct GWs to process fax and DTMF traffic. For MGCP T.38 Fax Relay, the CAs can also instruct GWs to revert to GW-controlled mode if the CA is unable to handle the fax control messaging traffic; for example, in overloaded or congested networks.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ftmgcpfx.htm

MGCP VoIP Call Admission Control

MGCP CAC determines if calls can be accepted on the IP network based on available network resources. Prior to this release, MGCP VoIP calls were established regardless of the available resources on the gateway or network. The gateway had no mechanism for gracefully refusing calls if resources were not available to process the call. New calls would fail with unexpected behavior and in-progress calls would experience quality-related problems.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ftmgcpma.htm

RADIUS Packet of Disconnect

This feature consists of a method for terminating a call that has already been connected. This "Packet of Disconnect" (POD) is a RADIUS access_reject packet and is intended to be used in situations where the AAA server wants to disconnect the user after the session has been accepted by the RADIUS access_accept packet. This may be needed in at least two situations:

Detection of fraudulent use, which cannot be performed before accepting the call.

A price structure so complex that the maximum session duration cannot be estimated before accepting the call. This may be the case when certain types of discounts are applied or when multiple users use the same subscription simultaneously.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ft_pod.htm

RFC2782 Compliance for DNS SRV

SIP on Cisco VoIP gateways uses Domain Name System Server (DNS SRV) query to determine the IP address of the user endpoint. The query string has a prefix in the form of "protocol.transport." and is attached to the fully qualified domain name (FQDN) of the next hop SIP server. This prefix style, from RFC 2052, has always been available; however, with this release, a second style is also available. The second style is in compliance with RFC 2782, and prepends the protocol label with an underscore "_"; as in "_protocol._transport.". The addition of the underscore reduces the risk of the same name being used for unrelated purposes. The form compliant with RFC 2782 is the default style.

Use the srv version command to configure the DNS SRV feature.

For further information, refer to the RFC2782 Compliance (Style of DNS SRV Queries) section at http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/vvfresrv.htm.

SIP Gateway Support for Bind Command

In previous releases of Cisco IOS software, the source address of a packet going out of the gateway was never deterministic. That is, the session protocols and VoIP layers always depended on the IP layer to give the best local address. The best local address was then used as the source address (the address showing where the SIP request came from) for signaling and media packets. Using this nondeterministic address occasionally caused confusion for firewall applications, as a firewall could not be configured with an exact address and would take action on several different source address packets.

However, the bind interface command allows you to configure the source IP address of signaling and media packets to a specific interface's IP address. Thus, the address that goes out on the packet is bound to the IP address of the interface specified with the bind command. Packets that are not destined to the bound address are discarded.

When you do not want to specify a bind address, or if the interface is down, the IP layer still provides the best local address.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ftbind.htm

SIP Gateway Support of RSVP and "tel" URL

The SIP Gateway Support of RSVP and TEL URL feature provides the following SIP enhancements:

RSVP

Telephone URL Format in SIP Messages

Interaction with Forking Proxies

SIP Hairpinning

Reliability of SIP Provisional Responses

Configurable Screening Indicator

RFC2782 Compliance (Style of DNS SRV Queries)

RSVP

In previous Cisco IOS releases, SIP applications over IP networks functioned as best-effort services — their media packets were delivered with no performance guarantees. However, SIP Gateway Support of RSVP and TEL URL ensures quality of service (QoS) by coordinating SIP call signaling and RSVP resource management. This feature reserves sufficient network-layer resources to guarantee bandwidth and bounds on packet loss, delay, and jitter; thus ensuring that the called party's phone rings only after bandwidth required for the call has been successfully reserved.

Telephone URL Format in SIP Messages

The SIP Gateway Support of RSVP and TEL URL feature also supports Telephone Uniform Resource Locators or TEL URL. Currently SIP gateways support URLs in the SIP format. SIP URLs are used in SIP messages to indicate the originator, recipient, and destination of the SIP request. However, SIP gateways may also encounter URLs in other formats, such as TEL URLs. TEL URLs describe voice call connections. They also enable the gateway to accept TEL calls sent through the Internet, and to generate TEL URLs in the request line of outgoing INVITEs requests.

Interaction with Forking Proxies

Support for call forking enables the terminating gateway to handle multiple requests and the originating gateway to handle multiple provisional responses for the same call. Interaction with forking proxies applies to gateways acting as a user agent client (UAC), and takes place when a user is registered to several different locations. When the UAC sends an INVITE message to a proxy, the proxy forks the request and sends it to multiple user agents (UAs). The SIP gateway processes multiple 18X responses by treating them as independent transactions under the same call ID. When the relevant dial peers are configured for QoS, the gateway maintains state and initiates RSVP reservations for each of these independent transactions. When it receives an acknowledgment, such as a 200 OK, the gateway accepts the successful acknowledgment and destroys state for all other transactions.

The forking functionality sets up RSVP for each transaction only if the dial peers are configured for QoS. If not, the calls proceed as best-effort.

SIP Hairpinning

SIP hairpinning is a call routing capability in which an incoming call on a specific gateway is signaled through the IP network and back out the same gateway. This can be a public switched telephone network (PSTN) call routed into the IP network and back out to the PSTN over the same gateway. Similarly, SIP hairpinning can be a call signaled from a line (for example, a telephone line) to the IP network and back out to a line on the same access gateway. With SIP hairpinning, unique gateways for ingress and egress are no longer necessary.

Reliability of SIP Provisional Responses

SIP reliable provisional responses ensure that media information is exchanged and resource reservation can take place prior to connecting the call. Provisional acknowledgement (PRACK) and conditions met (COMET) are two methods that have been implemented.

PRACK allows reliable exchanges of SIP provisional responses between SIP endpoints. COMET indicates if the pre-conditions for a given call or session have been met.

Configurable Screening Indicator

Screening Indicator (SI) is a signaling-related information element found in octet 3a of the ISDN SETUP message that can be used as an authorization mechanism for incoming calls. Enhancements have been made to the Tool Command Language (TCL) Interactive Voice Response (IVR) 2.0 command set that allow SIP terminating gateways to assign a specific value to the screening indicator through the use of TCL scripts.

RFC2782 Compliance (Style of DNS SRV Queries)

SIP on Cisco VoIP gateways uses Domain Name System Server (DNS SRV) query to determine the IP address of the user endpoint. The query string has a prefix in the form of "protocol.transport." and is attached to the fully qualified domain name (FQDN) of the next hop SIP server. This prefix style, from RFC 2052, has always been available; however, with this release, a second style is also available. The second style is in compliance with RFC 2782, and prepends the protocol label with an underscore "_"; as in "_protocol._transport." The addition of the underscore reduces the risk of the same name being used for unrelated purposes. The form compliant with RFC 2782 is the default style.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/vvfresrv.htm

SIP Intra-Gateway Hairpinning

Voice SIP hairpinning is a call routing capability in which an incoming call on a specific gateway is signaled through the IP network and back out the same gateway. This can be a public switched telephone network (PSTN) call routed into the IP network and back out to the PSTN over the same gateway.

Similarly, SIP hairpinning can be a call signaled from a line (for example, a telephone line) to the IP network and back out to a line on the same access gateway. With SIP hairpinning, unique gateways for ingress and egress are no longer necessary.

For further information refer to the Session Interface Protocol section in the "Voice, Video, and Fax Overview" chapter of the Cisco IOS Voice, Video, and Fax Configuration Guide, Release 12.2 at http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fvvfax_c/vvfover.htm.

SIP INVITE Request with Malformed Via Header

A SIP INVITE requests that a user or service participate in a session. Each INVITE contains a Via header that indicates the transport path taken by the request so far, and where to send a response.

In the past, when an INVITE contained a malformed Via header, the gateway would print a debug message and discard the INVITE without incrementing a counter. However, the printed debug message was often inadequate, and it was difficult to detect that messages were being discarded.

The SIP INVITE Request with Malformed Via Header feature provides a response to the malformed request. A counter, Client Error: Bad Request, increments when a response is sent for a malformed Via field. Bad Request is a class 400 response and includes the explanation Malformed Via Field. The response is sent to the source IP address (the IP address where the SIP request originated) at User Datagram Protocol (UDP) port 5060.


Note This feature applies to messages arriving on UDP, because the Via header is not used to respond to messages arriving on TCP.


Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122x/122xb/122xb_2/ftmalvia.htm

SIP T.37 and Cisco Fax

SIP T.37 is an ITU specification that enables store and forward fax applications, as well as toggling from voice to fax, for example, providing an IVR front-end to a fax store and forward application.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/dtfaxrly.htm

Survivability Remote Site Telephony

The Survivable Remote Site Telephony feature provides the Cisco CallManager with fallback support for the Cisco IP phones attached to the router on your local Ethernet. Cisco IOS Release 12.1(5)YD integrates this feature on the Cisco IAD2400 series and enables the routers to provide call handling support for the Cisco IP phones when the Cisco IP phones lose connection to the remote primary, secondary, or tertiary Cisco CallManager or when the WAN connection is down.

The Cisco CallManager 3.0 supports Cisco IP phones at remote sites attached to Cisco branch office multi-service routers across the WAN. Prior to Survivable Remote Site Telephony, when the WAN connection between the remote branch office router and the Cisco CallManager failed, or connectivity with the Cisco CallManager was lost for some other reason, the Cisco IP phones at the branch office became unusable for the duration of the failure. To overcome this problem the Survivable Remote Site Telephony feature was developed. The feature provides call-handling support on the branch-office router for its attached Cisco IP phones when a failure occurs. The system automatically detects the failure, and using Simple Network Auto Provisioning (SNAP) technology, auto configures the branch office router to provide call processing service for the local IP phones. When the failure is restored, call-handling capabilities for the Cisco IP phones switch back to the primary Cisco CallManager. During a failure, the Cisco IP phone displays a message to inform the user that the Cisco IP phone is in the Cisco CallManager fallback mode and is able to perform a limited set of functions.

Refer to the following document for further information:

http://www.cisco.com/univercd/cc/td/doc/product/access/ip_ph/srs/index.htm

MIBs

Current MIBs

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://tools.cisco.com/ITDIT/MIBS/servlet/index

If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco MIBs page at the following URL:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:

http://www.cisco.com/register

Deprecated and Replacement MIBs

Old Cisco MIBs will be replaced in a future release. Currently, OLD-CISCO-* MIBs are being converted into more scalable MIBs without affecting existing Cisco IOS products or network management system (NMS) applications. You can update from deprecated MIBs to the replacement MIBs as shown in Table 10.

Table 10 Deprecated and Replacement MIBs 

Deprecated MIB
Replacement

OLD-CISCO-APPLETALK-MIB

RFC1243-MIB

OLD-CISCO-CHASSIS-MIB

ENTITY-MIB

OLD-CISCO-CPUK-MIB

To be determined

OLD-CISCO-DECNET-MIB

To be determined

OLD-CISCO-ENV-MIB

CISCO-ENVMON-MIB

OLD-CISCO-FLASH-MIB

CISCO-FLASH-MIB

OLD-CISCO-INTERFACES-MIB

IF-MIB CISCO-QUEUE-MIB

OLD-CISCO-IP-MIB

To be determined

OLD-CISCO-MEMORY-MIB

CISCO-MEMORY-POOL-MIB

OLD-CISCO-NOVELL-MIB

NOVELL-IPX-MIB

OLD-CISCO-SYS-MIB

(Compilation of other OLD* MIBs)

OLD-CISCO-SYSTEM-MIB

CISCO-CONFIG-COPY-MIB

OLD-CISCO-TCP-MIB

CISCO-TCP-MIB

OLD-CISCO-TS-MIB

To be determined

OLD-CISCO-VINES-MIB

CISCO-VINES-MIB

OLD-CISCO-XNS-MIB

To be determined


Important Notes

The following sections contain important notes about Cisco IOS Release 12.2 XB that can apply to the Cisco 3600 series.

Addition of squeeze Command for Cisco 2600 and Cisco 3600 Series Routers

The squeeze command, which is used to erase all files marked for deletion on a Flash file system, is now available on Cisco 2600 and Cisco 3600 series routers.

CLI Command Added

The following command-line interface (CLI) command was added to Cisco IOS Release 12.2(2)T and is available in later versions:

ip qos dscp [0-63 | af11-af43 | cs1-cs7 | default | ef] [media | signaling]

This command replaces the ip precedence 0-7 VoIP dial-peer command. It implements RFC 2474, which specifies bits 0 to 5 of the IP ToS byte as the Differentiated Services Code Point (DSCP), with acceptable values ranging from 0 to 63. Traffic is treated in a unique manner according to the value of the DSCP. The expected treatment of this marked traffic is defined as a per-hop behavior (PHB). RFC 2474 also defines a set of PHBs to forward traffic at least as well as expected with the IP precedence bits (bits 0 to 2) of the old ToS byte marked. The DSCP values for these precedence compatible behaviors are xxx000, with the values of xxx ranging from 1 to 7 and the code points called Class Selector Code Points (cs1-cs7 in the command above). The default value is 000000 for media and signaling.

Two other RFCs have also defined PHBs. RFC 2597 defines the Assured Forwarding PHB Group. With Assured Forwarding (af11-af43), bits 0 to 2 represent the class of traffic stream, and bits 3 to 5 represent the drop priority of a traffic stream. RFC 2598 defines the Expedited Forwarding PHB Group and is intended to be used with media streams. Because it is possible that more PHB groups will be defined or that end users will want to experiment with a DSCP of their own, you may configure a DSCP with a value of 0 to 63 (rather than being limited to only the currently-defined PHBs).

The recommended values are ip qos dscp ef media and ip qos dscp af31 signaling.

Changes to output attenuation Command

In Cisco IOS Release 12.2(2), the range of the output attenuation command for voice ports has changed from 0-14 to -6-14.

Field Notices and Bulletins

For general information about the types of documents listed in this section, refer to the following document:

http://www.cisco.com/warp/customer/cc/general/bulletin/software/general/1654_pp.htm

Field Notices—Cisco recommends that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/warp/customer/tech_tips/index/fn.html.

Product Bulletins—If you have an account on Cisco.com, you can find product bulletins at http://www.cisco.com/warp/customer/cc/general/bulletin/index.shtml. If you do not have a Cisco.com login account, you can find product bulletins at http://www.cisco.com/warp/public/cc/general/bulletin/iosw/index.shtml.

What's Hot for IOS Releases: Cisco IOS 12.1—What's Hot for IOS Releases: Cisco IOS 12.1 provides information about caveats that are related to deferred software images for Cisco IOS Release 12.1. If you have an account with Cisco.com, you can access What's Hot for IOS Releases: Cisco IOS 12.1 at http://www.cisco.com/kobayashi/sw-center/sw-ios.shtml or by logging in and selecting Software Center: Cisco IOS Software.

What's New for IOS — What's New for IOS lists recently posted Cisco IOS software releases and software releases that have been removed from Cisco.com. If you have an account with Cisco.com you can access What's New for IOS at http://www.cisco.com/kobayashi/sw-center/sw-ios.shtml or by logging in and selecting Software Center: Cisco IOS Software.

Caveats for Cisco IOS Release 12.2 XB

Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only select severity 3 caveats are included in the caveats document.

This section contains only open and resolved caveats for the current Cisco IOS maintenance release.

All caveats in Cisco IOS Release 12.2 and Cisco IOS Release 12.2 T are also in Cisco IOS Release 12.2(2)XB15.

For information on caveats in Cisco IOS Release 12.2, see Caveats for Cisco IOS Release 12.2

For information on caveats in Cisco IOS Release 12.2(2) T, see Caveats for Cisco IOS Release 12.2(2) T, which lists severity 1 and 2 caveats and select severity 3 caveats and is located on Cisco.com and the Documentation CD-ROM.


Note If you have an account with Cisco.com, you can also use the Bug Toolkit to find caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and click Technical Support: Tools & Utilities: More: Software Bug Toolkit (under Troubleshooting Tools). Another option is to go to http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl.


Open Caveats—Cisco IOS Release 12.2(2)XB15

There are no open caveats specific to Cisco IOS Release 12.2(2)XB15 that require documentation in the release notes.

Resolved Caveats—Cisco IOS Release 12.2(2)XB15

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB15. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 11 Resolved Caveats for Cisco IOS Release 12.2(2)XB15 

DDTS ID Number
Description

CSCec87533

ios fw hang then crash with h323 corrupt packet

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.


Open Caveats—Cisco IOS Release 12.2(2)XB14

There are no open caveats specific to Cisco IOS Release 12.2(2)XB14 that require documentation in the release notes.

Resolved Caveats—Cisco IOS Release 12.2(2)XB14

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB14. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 12 Resolved Caveats for Cisco IOS Release 12.2(2)XB8 

DDTS ID Number
Description

CSCdx76632

as5300 crashed in MultiBitDecode

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea19885

Bus error at address 0xD0D0D0B, Process CCH323_CT

Symptoms: A Cisco router that has a voice feature such as H.323 enabled may reload because of a bus error at address 0xD0D0D0B.

Conditions: This symptom is observed on a Cisco 3700 series but may also occur on other routers.

Workaround: There is no workaround.

CSCea27536

Router crash when H323v3/v4 pkts pass through NAT router

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

NAT router (which is H323v2 stack aware) crashes when H323v3/v4 pkt is processed as "ip nat service h323all" is turned on.

Workaround: Turn off "ip nat service h323all" or move to 12.3T image (which has NAT-H323v3/v4) support

CSCea32240

H323 crashes in strncpy when receiving invalid setup packet

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea33065

H323 Spurious memory access in h450ProcRcvdApdus

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea36231

Router hangs when receive in invalid h225 setup

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea46342

h.323 crashes in ACFnonStandardInfo DEC_ERR=13

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea51030

h323: proxy crashes when malformed h225 setup message received

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea51076

h323: proxy crashes when processing invalid h225 setup messafe

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCea54851

h323 proxy: crash at pxy_proc_recv_SETUP when invalid h225 setup rx

Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.

Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.

CSCeb78836

h323: software forced crash if bad packet received and debug opened

Symptoms: Cisco IOS software may cause a Cisco router to reload unexpectedly when the router receives a malformed H.225 setup message.

Conditions: This symptom is observed on a Cisco 1700 series that runs Cisco IOS Release 12.2(13c). The symptom occurs when the following debug privileged EXEC commands are enabled:

debug h225 asn1

debug h225 events

debug h225 q931

Workaround: There is no workaround.


No Caveats—Cisco IOS Release 12.2(2)XB12 to Cisco IOS Release 12.2(2)XB13

Cisco IOS Release 12.2(2)XB13 does not exist so no caveats are documented. Cisco IOS Release 12.2(2)XB12 does not support the Cisco 3600 series.

Open Caveats—Cisco IOS Release 12.2(2)XB11

There are no open caveats specific to Cisco IOS Release 12.2(2)X11 that require documentation in the release notes.

Resolved Caveats—Cisco IOS Release 12.2(2)XB11

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB11. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 13 Resolved Caveats for Cisco IOS Release 12.2(2)XB11 

DDTS ID Number
Description

CSCdu15973

ISDN should reject V110 calls based on LLC octet 5a

Symptom: When router receive a V.110 call with User rate = 0, even it is async call and not in-band negotiable, ISDN still passes it to the application.

Conditions: V.110 call, User Rate = 0, Async call AND NOT in-band negotiable

Workaround: There is no workaround.

CSCdu47222

Modem status messages passed to EXEC process

Symptoms: When a user is logged in to a Cisco 3620 router using an external modem, the RING and CONNECT status messages are passed to the EXEC process. An unknown command error results when the status messages that are passed to the EXEC process are interpreted as commands.

Workaround: There is no workaround.

CSCdu73001

call-record username still empty for reverse telnet session

Symptoms: On an AS5300, the username field in the modem call-record (MCR) and Call Tracker call record is left blank for a reverse telnet session.

Workaround: Run AAA accounting in conjunction with Call Tracker or MCR. Correlate the accounting records, based upon line identifier and time of day, with the call records.

CSCdu80540

System crashes when user tries to delete file with ciscoFlashMiscOpT

Symptoms: When user tries to delete a file using ciscoFlashMiscOpTable with ciscoFlashMiscOpDestinationName set to a string greater than 33 characters, the system may crash. This bug has been fixed in Cisco IOS Release 12.1(8)ES and later releases.

Workaround: There is no workaround.

CSCdv29225

5300 returns channel state to IDLE after receiving GSM OOS from SC

Symptoms: On a Cisco AS5300 universal access server that is running Cisco IOS Release 12.2(2)XA1 in a Signaling System 7 (SS7) Interconnect for Voice Gateway solution, if a call is made ingress to the solution from a Public Switched Telephone Network (PSTN) and if a requested continuity test (COT) fails, the Cisco SC2200 signaling controller will send a group service message to the Cisco AS5300 and puts the associated channel on the access server into the maintenance state. However, the Cisco AS5300 puts the associated channel into the idle state a few seconds later. This behavior creates a mismatch in the channel state between the signaling controller and the Cisco AS5300.

Workaround: There is no workaround.

CSCdw18198

Parser cache entry may get deleted when in use

Symptom: Under rare circumstances a router will generate a traceback error or reload if both of the following conditions occur:

A background process is processing a parser command (for example: pre-clone command or no pre-clone command for vtemplate), and

Another command is issued at the console (most common is the show interface virt 1 command).

Workaround: There is no workaround.

CSCdw24379

RADIUS attribute Framed-Filter attribute parsing incorrect

Symptoms: Framed-Filter attributes with a value which contains multiple "." characters will not be parsed correctly.

Workaround: Do not use the "." character unless it is used to delimit the suffix with ".in" or ".out".

CSCdx11089

Change password sequence broken: 12.2T + CS Unix

Symptoms: It may not be possible to activate the change password sequence through a Telnet session to a router that is using TACACS+ user authentication.

Conditions: This symptom is observed on a Cisco router that is using a CiscoSecure UNIX (CSUNIX) TACACS+ server and that is running Cisco IOS Release 12.2 T.

Workaround: There is no workaround.

CSCdx28879

Spurious mem access due to preauth_do_author() for vpdn call initiat

Symptoms: When a virtual private dial-up network (VPDN) call is made with authentication, authorization, and accounting (AAA) preauthorization, a traceback is observed because of a spurious memory access made by a preauth_do_author function call.

Conditions: This symptom is observed on a Cisco AS5300 when preauthorization is configured with only the aaa group server radius 7777 command.

Workaround: Configure the dnis required customer profile configuration command.

CSCdx32763

RADIUS decode error when Filter-Id attribute is null terminated

Symptom: A Cisco access server running Cisco IOS Release 12.2(4)T or later may reject a RADIUS authentication response from a RADIUS server when the profile includes the Filter-Id attribute which is terminated with a NULL.

Workaround: Stop the RADIUS server from including the NULL character at the end of the Filter-Id attribute or to downgrade to mainline Cisco IOS Release 12.2 software.

CSCdx54449

router crashed when 100 concurrent x25 sync telnet sessions issued

Symptoms: Router reloads when 100 concurrent x25 sync telnet sessions are issued.

Conditions: Only happens with large number of simultaneous x25 sync telnet sessions.

Workaround: There is no workaround.

CSCdx56527

Memory leak of 20M/Day until crash

Symptoms: A router may reload after a memory leak occurs.

Conditions: This symptom is observed on any Cisco router that is running Cisco IOS Release 12.2 (or Cisco IOS Release 12.2B or Cisco IOS Release 12.2T). The memory leak is triggered by authentication, authorization, and accounting (AAA) when AAA attempts to enable TCP header compression twice within the same user session.

Workaround: Disable TCP header compression when a RADIUS or AAA database is used.

CSCdx72670

router reload in ip_build_outputQ on clear ip mroute

Symptoms: Between PIM process and timer wheel process, there is data corruption which causes crash.

Workaround: There is no workaround.

CSCdy07358

Alignment errors in ipfrag_init process

Symptoms: A Cisco 7200 router running Cisco IOS Release 12.1(15.5) configured as an LNS in a VPDN environment may suffer alignment errors in the ipfrag_init function. The problem does not have any adverse reaction on the router but could impact performance slightly.

Workaround: There is no workaround.

CSCdy63815

OLD-CISCO-TS-MIB tsLineUser empty with AAA radius and local user

Symptoms: An empty value is returned for the tsLineUser value in the OLD-CISCO-TS-MIB MIB.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.2(2)XB6 with authentication, authorization, and accounting (AAA) RADIUS and that has a local user configuration. The tsLineUser value of the OLD-CISCO-TS-MIB is populated when Cisco IOS 12.1(5)T8 is used.

Workaround: There is no workaround.

CSCdy72086

Torch RSC drops all digital calls after the 421st call is setup.

Symptoms: The 421st call cannot be made and existing calls thereafter drop.

Conditions: With a configuration to bring up 450 digital calls, existing digital calls start dropping after the 421st call.

Workaround: Need to configure 'dialer pool-member 1' on serial6/1:15

CSCdy73370

Invalid user info displayed in CallTracker

Symptom: Calltracker records are incorrectly reported for modem calls. The userid, ip address and mask are wrong.

Workaround: There is no workaround.

CSCdz00204

no aaa nas port extended has no effect

Symptoms: With the XB6 image the nas port format is the same (for example "Async1/01*Serial3/0:2") with and without the no aaa nas port extende command configured. With the 12.2(2)XA5 image this is not a case.

Workaround: There is no workaround.

CSCdz00304

Acct-Authentic attribute not correct in some scenarios

Symptoms: Radius accounting attribute 45 (Acct-Authentic) may have a wrong value under some circumstances.

Workaround: There is no workaround.

CSCdz01366

Multihop router Crashs with port flap: PPPoA/L2TP multihop

Symptom: A multihop router may reload because of a port flap.

Conditions: This symptom is observed when there are 940 PPP over ATM (PPPoA) sessions with 50 ingress and 10 egress tunnels configured on a Cisco router running Cisco IOS that is employed as a multihop router.

Workaround: There is no workaround.

CSCdz04349

User-name not included in accounting with nocallback-verify

Symptom: When nocallback-verify is configured for a ppp microsoft callback client, dialing into a Cisco Access Server, it is possible that the username attribute is not included in the aaa accounting records.

Workaround: There is no workaround.

CSCdz18330

Tacacs cmd authorization doesnt work with directed requests

Symptoms: Tacacs+ command authorization on a Cisco router running Cisco IOS Release 12.2(11)T1 fails when used by users that logged in using the Tacacs directed-requests feature (user@<address>). The router incorrectly uses the full username (including the @<address>) to authorize commands against the Tacacs server.

Workaround: There is no workaround.

CSCdz23256

SYS-2-LINKED: Bad dequeue messages periodically reported on AS5800

Symptoms: The following message has been periodically reported on all platforms running Cisco IOS Release 12.2(12.6):

Nov 6 09:22:17.364 CET: %SYS-2-LINKED: Bad dequeue of 62C3B194 in queue 69408DAC
-Process= "<interrupt level>", ipl= 4
-Traceback= 6055A354 604FFAFC 60398F10 60398E44 60B94720 60398C24 6039B380 6039A018 6000F8C4 6015EA80 601624CC 605BDD20 60162358 60B94484 60B92B68 60B295D8

Condition: Problem happens on all platforms running Cisco IOS Release 12.2(12.6), with active X.25 or LAPB serial connections, when LAPB retransmissions are occurring with moderate-to-heavy traffic.

Workaround: There is no workaround.

CSCdz34487

tacacs+ password change sequence broken

Symptoms: The password change sequence does not work as expected when it is used with Cisco Secure Access Control Server software. The user can still access the router with the old password. User can change the existing password to a new password at a later time.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.2(11)T. This problem was not noticed in 12.2(13)T image with Cisco Secure Access Control Server running on an NT box.

Workaround: There is no workaround.

CSCdz38708

5800 with E1R2 may not accept modem calls

Symptoms: When terminating incoming E1 R2 calls on an AS5800 Access Server with MICA modems, a large percentage (up to 100%) of calls may fail. Debugging on the NAS shows that ANI/DNIS collection succeeds and the call is cleared by the switch shortly after sending the line answer ABCD bits. Debugging on the switch side will show that the interregister signalling answer signal (B6 by default) is never terminated before sending the line answer signal.

Conditions: This problem is seen on an AS5800 series Access server using MICA modems and configured for compelled E1 R2 signalling. The proble is not seen on AS5300 or AS5850 Access Servers or on AS5800 with Nextport card, and it does not occur with sem- or non-compelled E1 R2 signalling or any other signalling type. In addition, this problem only affects incoming calls.

Workaround: There is no workaround.

CSCdz39284

SIP: PROTOS Test Group 5 - Test Cases 330 to 435 causes as5350 crash

Symptoms: Multiple Cisco products contain vulnerabilities in the processing of Session Initiation Protocol (SIP) INVITE messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for SIP and can be repeatedly exploited to produce a denial of service.

Conditions: This issue is observed on Cisco devices which contain support for the SIP protocol and are running vulnerable versions of software.

Workaround: Cisco will be making free software available to correct the problem as soon as possible. Additional workarounds will be documented in the Security Advisory. This advisory is available at:

http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml

CSCdz40483

%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IP I

Symptoms: A Cisco router permanently pauses with a watchdog timer under normal operation.

Conditions: This symptom is observed when the router is a voice endpoint with active calls.

Workaround: There is no workaround.

CSCdz44203

Dynamic Dialer map not created with aaa authentication if-needed

Symptoms: Users connecting to an AS5350, using a post dial terminal window for authentication, may not be able to ping the AS5350 after connecting. This problem only occurs with "aaa authentication ppp <list> if-needed" configured. The root of the problem is that a dynamic dial map is not created for the user. This can be seen with the show dialer map command. The other symptom of this problem is that there will be no output packets on the async interface to which the user is connected.

Workaround: Reconfigure the router to use virtual-profiles, or remove "if-needed" from the AAA authentication command.

CSCdz45885

AAA POD not disconnecting client requests with 8 byte session id

Symptoms: An authentication, authorization, and accounting (AAA) packet of disconnect (POD) server may not disconnect a client request that has an 8-byte session ID.

Conditions: This symptom may occur on a Cisco AS5400 or a Cisco AS58500 that is functioning as a triple A POD server.

Workaround: There is no workaround.

CSCdz51403

NAS-port attribut 5 has been changed for format C

Symptoms: VTY interface is not supported with extended NAS-PORT format.

Workaround: There is no workaround.

CSCdz51941

Call drops once the Card is OIRed in case of NFAS.

Symptoms: On a Cisco AS5800 when a trunk which has been configured for Primary NFAS is inserted back after OIR, the calls on the other cards, which are configured for NFAS of the same group, could fail, especially in the case of a TD/TV solution.

Workaround: There is no workaround.

CSCdz54240

poor performance on MLP with h/w compression (single channel ISDN)

Symptoms: The transportation of files across a single BRI connection of an E1 line may result in poor performance.

Conditions: This symptom is observed on a Cisco 3600 series router that is running Cisco IOS Release 12.2(02)XB7.

Workaround: There is no workaround.

CSCdz56776

Outgoing PPP frames are stuck on MLPPP

Symptoms: If Multilink PPP call(MLPPP) is disconnected by cause except Normal call clearing, no frames are send out on subsequent calls and the output queue may be stuck.

Condition: The symptoms occur under the following conditions:

You are running Cisco IOS Release 12.2 and Cisco IOS Release 12.2T

MLPPP is enabled on ISDN interface (BRI and PRI).

Dialer profile and multiple dialer interfaces belonging to the same dialer pool number are configured.

Workaround: Use the no fair-queue command on physical interfaces.

CSCdz61141

MPPE fails with radius

Symptoms: Microsoft Point-to-Point Encryption (MPPE) does not work when RADIUS is used for authentication and authorization. The user is able to authenticate and MPPE is negotiated, but traffic will not pass through unless MPPE is disabled or local authentication is used.

Conditions: This symptom occurs when MPPE is used with RADIUS to perform authentication and authorization.

Workaround: There is no workaround.

CSCdz70933

Filter-Id from preauthentication not applied with auth-required=0

Symptoms: When the Filter-Id attribute is provided during preauthentication, it is accepted, but not applied to the virtual access interface. When the same attribute is provided during PPP authentication, it is applied OK.

Workaround: There is no workaround.

CSCdz71219

Input-queue wedge intermittently

Symptoms: Intermittent problem on Virtual-Access interfaces. The input-queue becomes wedge, for example:

input queue 11/10

Increasing the input-queue size does not help.

Workaround: There is no workaround.

CSCdz72678

mgcp-nas-pkg calls generate zero values for RADIUS acct attributes

Symptoms: Media Gateway Control Protocol (MGCP) network access server (NAS) package calls may cause the following RADIUS accounting attributes to contain zero values:

Acct-Input-Octets

Acct-Output-Octets

Acct-Input-Packets

Acct-Output-Packets

Data-Rate

Ascend-Xmit-Rate

Presession-Packets-Input

Presession-Packets-Output

Presession-Octets-In

Presession-Octets-Out

Conditions: This symptom is observed on a Cisco AS5400 that is running Cisco IOS Release 12.2(2)XB8 or Cisco IOS Release 12.2 T.

Workaround: There is no workaround.

CSCdz85925

PPP Async interfaces not updated in routing table

Symptoms: Non-Multilink PPP (non-MLP) asynchronous users may not get a connected route in the IP routing table.

Conditions: This symptom is observed with non-MLP asynchronous users that are on an asynchronous interface that was previously used for MLP.

Workaround: Configure the router to use virtual profiles by entering the following sequence of commands:

Router(config)# interface virtual-template 1
Router(config)# virtual-profile virtual-template 1
Router(config)# no virtual-profile if-needed

CSCdz88409

Router crashed during weak Radius service

Symptoms: Cisco C5800 Router running Cisco IOS Release 12.2(2)XB10 crashed during a period of weak Radius service that provocated high session flapping.

Workaround: There is no workaround.

CSCdz89543

Missing accounting stop record with LSDO and Multilink PPP

Symptoms: In a Large-Scale Dial-Out (LSDO) setup in which the called site (remote site) is configured to add additional member links to the Multilink PPP (MLP) connection, the initial call to the remote site via LSDO may not trigger an accounting stop record when the call terminates.

Conditions: This symptom is observed when the customer premises equipment (CPE) adds additional links to the multilink bundle that is built by the initial LSDO call. If there is only one LSDO call or if all member links are initiated by the remote site (LSDO is not used), stop accounting records are correctly generated for all member links.

Workaround: There is no workaround.

CSCdz89669

AAA Accounting not sent for multilink isdn calls, when MSCB confd

Symptoms: When an ISDN dial-in client negotiates callback and multilink, and the callback is not configured for that user, the authentication, authorization, and accounting (AAA) records may not be sent.

Conditions: This symptom is observed on a Cisco router that is running Cisco IOS Release 12.2 T.

Workaround: There is no workaround.

CSCea02355

rare ip packets may cause input queue wedge

Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.

Cisco has made software available, free of charge, to correct the problem.

This advisory is available at

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

CSCea12966

function aaa_attr_list_ptr_copy_to_req does not support merged lists

Symptoms: Function aaa_attr_list_ptr_copy_to_req incorrectly strips off any additional attribute lists connected to the list passed in. This causes attributes lists to be lost, resulting in missing attributes being sent to AAA Servers.

Workaround: There is no workaround.

CSCea19087

CALLTRKR-6-CALL_RECORD not displayed for a modem-pool call with CAS

Symptoms: A Cisco AS5300 may not display some Calltracker information for a modem call.

Conditions: This symptom is observed on a Cisco AS5300 that is running Cisco IOS Release 12.2(2)XB10 or Cisco IOS Release 12.2(13)T and is configured for channel-associated signaling (CAS) with modem pooling. This is observed, in particular, when the call is routed to a configured modem pool instead of to the default modem pool. The Calltracker messages look like the following messages:

CALLTRKR-6-CALL_RECORD

and

CALLRECORD-3-MICA_TERSE_CALL_REC

However, when the symptom occurs, the first message is omitted.

Workaround: Configure the Cisco AS5300 for ISDN (PRI) instead for CAS.

First Alternate Workaround: Do not configure modem pooling.

Second Alternate Workaround: Ensure that the call is routed to the default modem pool.

CSCea23484

VPDN rejecting 127.0.0.x address as source-ip

Symptoms: IP addresses of the "127.0.0.x" type may be rejected by a virtual private dial-up network (VPDN) to be used as the source IP address for VPDN tunnels.

Conditions: This symptom is observed on a Cisco AS5400 or Cisco AS5800.

Workaround: There is no workaround.

CSCea24574

VSA not processed if sent with tagged tunnel attributes

Symptoms: AAA may not process VSA if sent with tagged L2TP tunnel attributes.

Conditions: This symptom is observed on a Cisco AS5400/AS5800.

Workaround: There is no workaround.

CSCea28396

AS5300 reloads while sending aaa accounting request

Symptoms: A router may reload when sending an authentication, authorization, and accounting (AAA) request to a TACACS+ server.

Conditions: This symptom is observed on a Cisco AS5300 universal access server that is running Cisco IOS Release 12.2XB(10) and Cisco IOS Release 12.2 T.

Workaround: There is no workaround.

CSCea28958

Function to manipulate attribute lists does not merge correctly

Symptoms: While copying an AAA attribute list into an event, the copy function strips off any additional attribute lists connected to the list passed in. This causes attributes lists to be lost, resulting in missing attributes being sent to AAA Servers.

Workaround: There is no workaround.

CSCea41989

AS5400/AS5350 - ANI/DNIS Delimiter (sig-class) CAS for CT1 is broken

Symptoms: A user-configured signaling class template may not be not used during incoming and outgoing channel-associated signaling (CAS) calls. Instead, the default signaling template is used.

Conditions: This symptom is observed in Cisco IOS Release 12.2 and Cisco IOS Release 12.2 T on a Cisco AS5350 and a Cisco AS5400.

Workaround: There is no workaround.

CSCea45343

Not able to manually shutdown modem/spe in BAD state

Symptom: When a modem in bad state is shutdown, the show modem command reports the state as BAD and not as SHUT.

Further Problem Description: The states of busy out and shut were clubbed together as 'b'. The two were segregated as part of DDTS CSCdr31105. If a modem in bad state is shut down, the show modem command shows the state as 'B' and not as 'S'. But if a modem is shut down, it really doesn't matter what state the modem is in. So the state should be shown as 'S'.

Workaround: There is no workaround.

CSCea52804

bus error at auth_tx_failure

Symptoms: A Cisco AS5350/AS5400 running Cisco IOS Release 12.2(2)XB7 crashes with bus error at auth_tx_failure.

Workaround: There is no workaround.

CSCea53600

authorization failure for terminal login call with per-user DNS/WINS

Symptoms: Issue with terminal server login where a radius assigned DNS or WINS server (ie. per-user dns/wins) causes authorization to fail.

Workaround: There is no workaround.

CSCea61814

bearer capability changed for outgoing hairpinned call

Symptoms: The bearer capability is changed for outgoing hairpinned call.

Workaround: There is no workaround.

CSCea66630

COT_TP_IN test fail resulting channels in maintenence pending

Symptoms: The first COT_TP_IN test failed right after reload and the AS5300 never received COT_TP_OUT from softswitch, putting the channel in maintenance pending state. The timer in COT_TP_IN test should bring the channel to idle even if it does not receive the COT_TP_OUT from softswitch.

Workaround: There is no workaround.

CSCin03921

The 872uut crashes inconsistently during cbwfq tests

Symptom: Adding or removing a service policy to a dialer interface may infrequently cause a spontaneous reload of the router.

Workaround: There is no workaround. However relying on experience with similar issues (involving reconfiguring a dialer on the fly), the suggestion is that either or both of the following steps might help:

Stop generating traffic through the interface

Shutdown the dialer interface when changing the service policy


Open Caveats—Cisco IOS Release 12.2(2)XB9 to Cisco IOS Release 12.2(2)XB10

There are no open caveats specific to Cisco IOS Release 12.2(2)XB9 through Cisco IOS Release 12.2(2)XB10 that require documentation in the release notes. Cisco IOS Release 12.2(2)XB9 is not distributed for widespread availability. Cisco IOS Release 12.2(2)XB9 is not distributed for widespread availability.

Resolved Caveats—Cisco IOS Release 12.2(2)XB9 to Cisco IOS Release 12.2(2)XB10

There are no resolved caveats specific to Cisco IOS Release 12.2(2)XB9 through Cisco IOS Release 12.2(2)XB10 that require documentation in the release notes. Cisco IOS Release 12.2(2)XB9 is not distributed for widespread availability.

Open Caveats—Cisco IOS Release 12.2(2)XB8

This section documents possible unexpected behavior by Cisco IOS Release 12.2(2)XB8 and describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 14 Open Caveats for Cisco IOS Release 12.2(2)XB8 

DDTS ID Number
Description

CSCdz00534

Symptom: 12.2.2XB7+ L2TP is incorrectly indicating "service up" to Calltracker with a service type of PPP.

Conditions:This behavior happens for L2TP calls.

Workaround:There is no workaround.


Resolved Caveats—Cisco IOS Release 12.2(2)XB8

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB8. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 15 Resolved Caveats for Cisco IOS Release 12.2(2)XB8 

DDTS ID Number
Description

CSCdw93992

A Cisco Layer 2 Tunneling Protocol (L2TP) access concentrator (LAC) may fail to send accounting records for a PPP over ATM (PPPoA) call after the call has been forwarded via L2TP to an L2TP network server (LNS). The LNS drops the call by sending a Call Disconnect Notification (CDN) message to the LAC.

Workaround: Clear the virtual access interface for the call on the LAC.

CSCdy06029

When using MS-Callback with IOS 12.2(2)XB6 and the 'callback-noverify' option, the NAS fails to apply Framed-IP-Address or any AV-Pairs associated with that user.

CSCdy33338

A NAS might display wrong value of radius-server unique-ident as 255 when it is configured as 254.

Workaround: There is no workaround. However, this problem manifests only when the value 254 is configured or starting with 1 (as is the normal case), the router is reloaded 253 times. Recommendation is to use radius-server unique-ident 1.

5400

CSCdy51116

In IOS 12.2(12.5)T or later a router which does not have AAA configured may unexpectedly reload when a user attempts to telnet from the router to another device.

Workaround: Enable AAA.

CSCdy69192

Cisco AS5300 server encounters system crash when RADIUS authentication is used for authenticating asynchronous call.

Workaround is to use Local or TACACS+ authentication.

CSCdy71629

The task_id attribute in AAA accounting record might be wrong if the task_id is greater then 9999.

Workaround: There is no workaround.


Open Caveats—Cisco IOS Release 12.2(2)XB7

This section documents possible unexpected behavior by Cisco IOS Release 12.2(2)XB7 and describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 16 Open Caveats for Cisco IOS Release 12.2(2)XB7 

DDTS ID Number
Description

CSCdy14689

In Cisco IOS Release 12.2(2)XB, Cisco IOS Release 12.2(4)T, and later Cisco IOS codes, the router does not send radius connection accounting attribute 46 for TCP clear calls or for any outbound telnet connections from the router. The is issue is only with telnet connections. Regular PPP calls accounting records do contain this attribute.

Workaround: There is no workaround.

CSCuk34949

A Cisco router may generate a large number of alignment errors when TCP Header Compression is configured in conjunction with L2TP and Multilink PPP.

Workaround: Disable header compression, both in the local configuration (use the interface command no ip rtp header-compression) and in any Radius/AAA database.


Resolved Caveats—Cisco IOS Release 12.2(2)XB7

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB7. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 17 Resolved Caveats for Cisco IOS Release 12.2(2)XB7 

DDTS ID Number
Description

CSCdk31736

PPP authentication requests with no username are not forwarded to the TACACS+/RADIUS server. This may prevent you from authenticating people by Caller ID.

CSCdv21918

A router may reload if netflow-data is exported to a multicast address.

Workaround: Do not configure a multicast address; use a unicast address instead.

CSCdv27734

New PPP configuration commands are provided which provide control over the negotiation and application of the LCP configuration options for HDLC Address and Control Field Compression (ACFC) and PPP Protocol Field Compression (PFC).

CSCdw00055

The non-variable-length dial-plan matching character `$' permits a user to force a match on a destination-pattern consisting of a fixed number of digits. For example, use the following configuration:

!
dial-peer voice 1 voip
destination-pattern 01152....$
session target ipv4:IP_ADDR_RTR1
ip precedence 5
!
dial-peer voice 2 voip
destination-pattern 01152......
session target ipv4:IP_ADDR_RTR2
ip precedence 5
!

The user in this situation has calls to phone numbers which share the same first set of prefix digits but whose complete set of digits are different in number. In the example above, calls to RTR1 have nine digits starting with `01152' while calls to RTR2 have 11 digits starting with `01152'. To eliminate the ambiguity as to which dial-peer to match, the `$' is used so that a call to RTR2 will not match on dial-peer 1. This configuration works in Cisco IOS Release 12.1 images which support the `$' dial-peer matching character and Cisco IOS Release 12.2(1a).

Starting in Cisco IOS Release 12.2(1.1) and in Cisco IOS Release 12.2(2)T, the dial-plan no longer permits a destination-pattern terminated with the `$' character to be matched at all, and hence no calls using that dial-peer will complete.

Workaround: Configure the destination-patterns which end in `$' to end in `T?$':

!
dial-peer voice 1 voip
destination-pattern 01152....T?$
session target ipv4:IP_ADDR_RTR1
ip precedence 5
!
dial-peer voice 2 voip
destination-pattern 01152......
session target ipv4:IP_ADDR_RTR2
ip precedence 5
!

CSCdw93050

The problem is transparent to the customer and is involved with the IOS MLP/PPP architecture.

CSCdx15859

Calltracker, show call calltracker active, and ... history commands display extraneous comma after authentication time.

CSCdx33166

During LSDOCallback, the sessions on the server side go down due to which callback already exists debugs can be seen in the logs inhibiting callback from occurring.

Workaround: There is no workaround.

CSCdx41454

Symptom: Router applies the ip tacacs source-interface configuration only to the first tacacs server in the server list and fails to use the IP address for other configured servers.

Conditions: When the primary TACACS server is not available, the router will attempt for the next TACACS server in the list. While connecting to the secondary TACACS server, the router ignores the ip tacacs source-interface configuration and it uses the IP address of the outgoing interface.

The router is expected to use the IP address configured through ip tacacs source-interface command as source address, while connecting to the TACACS server, including the secondaries.

Workaround: A workaround is possible using NAT. The user can apply NAT for the TACACS packets by the following configuration.

interface outbound interface to the tacacs server
ip nat outside
!
ip nat inside source list 102 interface Loopback0 overload
access-list 102 permit tcp any any eq tacacs

CSCdx81130

Microsoft Callback negotiation may fail with particular clients. This is due to a minor difference between Cisco's implementation of the Microsoft Callback server and the original implementation by Microsoft in a detail that is not clearly specified in the draft RFC. While this particular problem does not seem to impact Microsoft Windows clients requesting for callback, it has been observed with a 3Com OfficeConnect LAN modem that failed to negotiate MS callback with a Cisco NAS.

Workaround: There is no workaround.

CSCdx93324

The H.323 gateway may crash accessing invalid memory location.

Workaround: There is no work around.

CSCdy01787

When MTU configuration is manually overridden the EAP proxy client may not be able to appropriately size frames for the client's MRU.

Workaround: Do not adjust the MTU on the router.

CSCdy05296

The port information provided on a Cisco AS5350 universal access server, Cisco AS5400 universal access server, or Cisco AS5850 universal access server on modems within Radius attribute 5 using either nas-port format a or b for async calls provide the true port information (as in slot/port) and not the TTY line number of the modem which previous generation dial platforms provided. This is causing problems for service providers using a variety of Cisco dial platforms as they are inconsistent in the information being relayed on the various platforms Cisco sells.

Workaround: There is no workaround.

CSCuk36415

Symptom: RTP packets queued from the fast switching path will be sent uncompressed.

Workaround: There is no workaround.

CSCdx06022

Customer upgraded the code on the Cisco 3640 router to Cisco IOS Release 12.2(8)T code and failed to bring the X.25 link due to failure in authentication. No changes have been done on the Tacacs+ config and profile.

CSCdx87088

Router with AIM compression module could see the following alignment traceback errors:

0x602A0A84:mlp_bundle_transmit_dequeue(0x602a080c)+0x278 0x6029FF0C:mlp_fastsend_les(0x6029dec0)+0x204c 0x60205358:mppc_hwcomp_fastsend_callback(0x60205084)+0x2d4 0x60211ECC:caim_complete_packet(0x602114f0)+0x9dc 0x602124C8:caim_cmd_done(0x60212188)+0x340 0x60212948:hifn9751_interrupt(0x602127f4)+0x154 0x60212AC4:caim_interrupt(0x60212a98)+0x2c 0x6020AEC4:caim_int_handler(0x6020ae48)+0x7c Enter hex value: 602A0A84 6029FF0C 60205250 60211ECC 602124C8 60212948 60212AC4 6020AEC4 0x602A0A84:mlp_bundle_transmit_dequeue(0x602a080c)+0x278 0x6029FF0C:mlp_fastsend_les(0x6029dec0)+0x204c 0x60205250:mppc_hwcomp_fastsend_callback(0x60205084)+0x1cc 0x60211ECC:caim_complete_packet(0x602114f0)+0x9dc 0x602124C8:caim_cmd_done(0x60212188)+0x340 0x60212948:hifn9751_interrupt(0x602127f4)+0x154 0x60212AC4:caim_interrupt(0x60212a98)+0x2c 0x6020AEC4:caim_int_handler(0x6020ae48)+0x7c Enter hex value: 6049CBD4 603A9814 603833C8 602A0B04 6065815C 6029FF8C 60205250 60211ECC 0x6049CBD4:ip_compress_header(0x6049cbc0)+0x14 0x603A9814:if_dequeue_common(0x603a96cc)+0x148 0x603833C8:holdq_dequeue(0x603832e4)+0xe4 0x602A0B04:mlp_bundle_transmit_dequeue(0x602a080c)+0x2f8 0x6065815C:mlp_bundle_tx_start(0x60658120)+0x3c 0x6029FF8C:mlp_fastsend_les(0x6029dec0)+0x20cc 0x60205250:mppc_hwcomp_fastsend_callback(0x60205084)+0x1cc 0x60211ECC:caim_complete_packet(0x602114f0)+0x9dc

CSCdx89461

When MPPC is enabled on router, ftp session hangs for transferring compressed file such as zip files.

CSCdy10610

The counter of the received uncompressed bytes is not accumulated correctly in the output of show compression. It should show the number of the received compressed bytes that cannot be decompressed plus those after being decompressed.

CSCdy19725

Under certain condition, the router may experience spurious memory access and alignment errors in mschap_ntpasswordhash and mschapv2_GenerateAuthenticatorResponse.

CSCdy34158

In certain scenarios, IOS will proxy EAP messages to the RADIUS server with a FRAMED_MTU attribute value of 65528, which will cause EAP to fail.


Open Caveats—Cisco IOS Release 12.2(2)XB6

This section documents possible unexpected behavior by Cisco IOS Release 12.2(2)XB6 and describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 18 Open Caveats for Cisco IOS Release 12.2(2)XB6 

DDTS ID Number
Description

CSCds37794

Router crash due to memory corruption with compression in T1-CAS env

Symptom: System may reload due to memory corruption when having traffic.

Conditions: when TCP header compression and predictor compression are enabled. Tearing down calls from the caller side.

Workaround: There is no workaround.


Resolved Caveats—Cisco IOS Release 12.2(2)XB6

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB6. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 19 Resolved Caveats for Cisco IOS Release 12.2(2)XB6 

DDTS ID Number
Description

CSCdx07849

radius_saveident should use CSCdw51651 method to avoid write_memory

An attempt to update the startup-config file (via the exec "write memory" command or equivalent) may fail with the following error:

router#write memory
startup-config file open failed (Device or resource busy)

This problem can be caused by a process that is attempting to update NVRAM getting stuck for some reason. To track down the offending process, use the command "show file descriptors":

router#show file descriptors
File Descriptors:
FD Position Open PID Path
0 0 430A 157 nvram:

Now, using "show process", find the process with the offending PID. If the PID belongs to a process called "radius nvwrite", then this DDTS is the problem.

Workaround: save the current running config to a temporary file in flash or on a TFTP server. Reload. Immediately after reloading, copy the saved configuration to nvram:startup-config .

CSCdw03288

UP324 card crash while handing over in handover-split mode

Symptom: While handing over UP324 board from one RSC to another using the redundancy hand-over mode and reloading the RSC which was handling the UP324, the CPU util of the UP324 goes upto 100% and the board crashes when its handed to the other RSC.

Conditions: This affects platforms which have redundancy hand-over mode support.

Workaround: There is no known workaround.


Open Caveats—Cisco IOS Release 12.2(2)XB5

All the caveats listed in this section are open in Cisco IOS Release 12.2(2)XB5. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 20 Open Caveats for Cisco IOS Release 12.2(2)XB5

DDTS ID Number
Description

CSCdu79111

TCL APP processes take too much cpu when making +7cps debicard calls.

Symptom: When system running debitcard application with bursty traffic of 15+ call per second back-to-back, IVR processes such as TCL APP take too much cpu causing a high overall cpu utilization.

Workaround: Control incoming calls to avoid bursty traffic and turn on Call Admission Control to prevent catastrophic errors at high cpu utilization.

CSCdv70676

SPE went to Bad state with incoming modem calls and 100% COT.

With modem calls and 100% COT transponder, SPEs on a Cisco AS5400 OGW would transition to BAD state one by one. Executing the clear spe command or the would reset the SPEs back to normal state but after a few more modem calls, the SPEs would come back to BAD state. Test port modem back to back also bring the SPEs back to normal state.

CSCdw34553

c3660/c3725/c3745 crashes during voice (VIC-BRI-NT/TE) stress

A Cisco Voice over IP (VoIP) gateway that uses version 3 (or a later version) of the H.323 International Telecommunication Union (ITU) standard specification may reload when the VoIP gateway is used with another VoIP gateway that uses an H.323 ITU standard specification version earlier than version 3 while there is a heavy call volume. There is no workaround.

CSCdw40471

128bit MPPE encryption fails with virtual profiles

128bit MPPE encryption does not work when Virtual Profiles is configured on the access server. No known workaround.

CSCdw59387

Overlap Sending CalledNumber > 20, need config to change this

Outbound call though H323 IOS Gateway will be Overlap when CalledNumber > 20 digits. This is normal behavior on IOS Gateway. However in some scenario's we need to have the ability to increase the number of digits being sent out ENBLOCK. We need a command with which you can configure this behavior.

CSCdw70156

Router unexpectedly reboots when configured for VoATM calls

Symptom: The c3660 routers starts rebooting unexpectedly when configured for VoATM calls. The image works fine for the VoIP and VoFR.

Conditions: The problem/defect was found in Cisco IOS Release 12.2(2)XB3

CSCdw80521

RPM does not unbind dynamic template when call disconnects early

If an access server is configured for resource-pooling with customer profile templates, a short, abnormal call may cause the next call on that modem/interface to bind to multiple profiles causing the configuration for the next call to be different than intended. A workaround which works under some circumstances (but not all) is to make sure that each customer profile template explicitly specifies every configuration item which may be different on other customer profile templates to make sure the configuration items on the intended template overrides any configuration items on other templates which may be unexpectedly bound.

The workaround does not work when multiple short, abnormal calls land on the same port consecutively.

CSCdw83849

APS-B-BPX: AnxB: Lockout does not keep selector position

Conditions: Force switch WS1->WS2 on AXSM/B, Lockout on BXM side.

Workaround: There is no workaround.

CSCdw86905

huntstop not working intermittently

Huntstop feature is not working. When the call fails on the most specific dial-peer it tries to go out the 2nd dial-peer, even when there is huntstop configured in the first dial-peer. This happens only when the call made on the first dial-peer fails in the alerting state.

CSCdx02583

Support new IMA alarm integration on IOS for ATT INCS

When T1 lines are flapping at higher rate, all the links in IMA come down and the IMA interface teardown all the ATM VC and the respective voice trunks are also failing. This can happen if there is a Y-red switch happening in a switch. This proposed change is not specified in the ATM Forum IMA spec. 1.0 or 1.1 This does a higher layer Alarm integration for 3-10 seconds before bring the interface down. 1-2.5 second is the typical time for IMA to come UP again. The proposed change will have a new CLI to configure the IMA GROUP ALARM integration time out.

int atm<slot>/ima<group>
ima group-alarm-integration <3-10> Seconds
end

This integration time should not apply to each individual links. This applies only when the entire group is down. The integration timer should stop when a group UP is detected. The integration timer shall not be triggered for failed IMA group bring up tries.

CSCdx03069

Memory leak on GW if AltEP present in ACF with dCSA 0.0.0.0

Memory leak on the H323 voice gateways noticed. If the Gatekeeper of the Gateway sends an Admission Confirm (ACF) message with the destination Call Signal Address (dCSA) field set to 0.0.0.0 and if the alternate Endpoint field is present in the message.

Workaround: There is no workaround.

CSCdx03176

SIP: TGW crashes upon reception of midinvite with c=fqdn

Symptom: The Gateway crashes upon receiving a mid-call invite with a SDP c= containing an FQDN

Conditions: The Gateway crashes upon receiving a mid-call invite with a SDP c= containing an FQDN

Workaround: There is no workaround.

CSCdx13190

Hearing Loud pitch (1Khz) Tone with e&m-fgb mf dnis.

Workaround: There is no workaround.

CSCdx26331

SIP: Connect Timestamp missing in CallHistory when ACK is missing.

Symptom: The Call History information generated by the SIP call leg does not have a valid (non-zero) duration while the POTS Call History for the same call has a non-zero duration.

Condition: This will happen when the ACK fails to reach the TGW following an answer (200 OK response).

Workaround: There is no workaround.

CSCdx32319

3 way conference call consumes high CPU utilization

Symptom: One 3 way conference call is consuming 20+ % of cpu utilization when going over Ethernet and 30+ % of cpu utilization when going over MLPPP. Also, traceback messages were seen.

Workaround: There is no workaround.

CSCdx48337

No crashinfo file generated when router crashes.

Cisco 36xx router running Cisco IOS Release 12.2(2)XB is not producing crashinfo file when it should.

CSCdx48546

Cisco 3662 with hardware compression module crashes

Cisco 3600 router with hardware compression fails with below mentioned error: PC 0x6008C604, address 0x0

CSCdx49365

Modem VPDN calls with configured from RPMS 1.1 fails

Symptom: Analog VPDN calls fails when VPDN configuration is downloaded from RPMS 1.1 server for Cisco 5XXX Universal Gateway.

Workaround: Configure VPDN on AAA or Gateway.

CSCdx50282

SIP GW: Calling party name presented to PSTN has problems

When a display-name is presented in a From header of a SIP INVITE to a IOS SIP gateway, the DISPLAY IE setting in the outgoing ISDN message may not be interoperable with dms-100 ISDN switch type.

CSCdx50498

Local RPM CLI commands for VPDN profiles stripped out at bootup

Symptom: The resource pooling VPDN CLI commands in startup config is not recognized by 5400 when it boots up.

Workaround: Workaround is to manually enter that in the configuration after bootup.

CSCin05614

Cisco 3640 router crashes due to memory corruption

Cisco 3640 router reloads due to memory corruption while testing LANE - ROUTING AND BRIDGING.


Resolved Caveats—Cisco IOS Release 12.2(2)XB5

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB4. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 21 Resolved Caveats for Cisco IOS Release 12.2(2)XB5 

DDTS ID Number
Description

CSCdu14530

If the IP address is removed from a the PPP interface of a 7500, running Cisco IOS Release 12.1E IOS, and then the IP address is added, this change is not reflected immediately in CEF. This results in 50% packet loss until the background CEF process updates the adjacency.

The workarounds are:

shut / no shut the PPP interface. or

disable CEF (not an option as the 7500 is a PE router).

CSCdv38563

Client code does not add attributes 90 & 91 for the LAC

Network access server (NAS) may fail to include attributes 90 and 91 when a router hostname is used as the tunnel ID and when the tunnel ID is not included in the user profile. There is no workaround.

CSCdv54127

Missing Acct-Output-Packets & Acct-Input-Packets in STOP rec

The Acct-Output-Packets and Acct-Input-Packets attributes are missing in the STOP record while testing network accounting, even though they are seen in the debug output.

CSCdv66747

Traceback at l2tp_fixup_cached_header

Tracebacks occur with vpdn in Cisco IOS Release 12.2(02)XB, Cisco IOS Release 12.2(03)PI, & Cisco IOS Release 12.2.T.

CSCdv71454

l2tp_process_unsent_queue may cause CPUHOG

In Cisco IOS Release 12.2T, "L2TP mgmt daemon" may cause CPUHOG if there are lots of packets in unsentQ.

CSCdw00924

MLP bundle transmit may jam when link departs bundle

On a PPP multilink bundle that has multiple links, if one of the links departs from the bundle while data is enqueued for output at the bundle interface, the output mechanism on the bundle may stall, halting any further output from that bundle. The output queue on the bundle becomes full, causing packets that are forwarded to that bundle to be dropped and the affected bundle to stop transmitting packets.

Workaround: There is no workaround.

CSCdw06038

RPM:no profile found for call-type digital

Symptom: With Resource Pooling and Resource Pooling AAA accounting configured, a customer profile may not be found for a particular DNIS group.

Conditions: The gateway may have a problem with incoming calls finding the customer profile depending on the order, size and value of the dnis entered; results may vary depending on whether the DNIS is manually entered or whether the wavl is set up from reload via the start-up config.

Workaround: There is no workaround.

CSCdw39083

Calls being disconnected by gateway with cause code 47(resource una)

When running test calls in a ThunderVoice environment a small percentage of the calls are being rejected by the originating gateway with cause code 47 (resource unavailable, unspecified).

Workaround: There is no workaround

CSCdw45584

Cisco-AV pair lcp:send-secret=cisco not supported in XB

VPDN authorization fails when "lcp:send-secret=xxxx" is sent in the access accept packet from radius.

CSCdw62064

IKE Keepalives being dropped with MLPPP fragmentation

On 7200 running Cisco IOS Release 12.2.6, it is seen that with T1 links combined in a Multilink PPP bundle, and MLPPP fragmentation enabled; ISAKMP keepalives are not being received by the box, even though the remote peer is sending out the keepalive messages. As a result each end thinks its peer is dead and deletes the IKE & IPSEC SAs. They then re-negotiate IKE and IPSEC and create new SAs. As a result, IKE and IPSEC are re-negotiated at each IKE keepalive interval and there is some traffic drop during this re-negotiation phase.

Workaround:

Disable hardware crypto acceleration. With software crypto, this problem is not seen.

Disable MLPPP fragmentation. Without fragmentation, the IKE keepalives are received by the peers (even with hardware crypto)

CSCdw68757

Caller hear second dial-tones CHOM noise from Nortel PBX.

Caller on original GW of CAS hear the second dial-tone CHOM from the far end router which connected to Nortel PBX. This is only for CAS case.

Workaround: There is no workaround.

CSCdw80687

ip tcp compression-header passive is always compressing ppp traffic

Symptom: Packets are process switched on an interface with fast switching configured. This can result in high CPU usage.

Conditions: Header-compression must be configured, but only on one side. For example, in a dial-in situation, where header-compression is configured on the central switch, but not on the box that is dialling in. Also, the interface must not support FAST switched header-compression, e.g. most dial-in interfaces are currently not supported.

Workaround: Remove header-compression from the configuration.

Note If header-compression is configured on both sides of a link, and the interface does not support fast-switched header-compression, then process switching is normal and required for successful operation of the header-compression feature.

CSCdw85178

OJ:VSA incorrectly billing ip hops

Genuity is not able to bill multiple customers off of one proxy.

Workaround: There is no workaround.

CSCdw89455

PPP authen failure with fourth method

All PPP Auth methods will not work with MSCHAP V2.

CSCdw91279

L2TP ZLB ACK not processed correctly (regress CSCdk57040)

A Cisco router that is running Cisco IOS Release 12.2(5.7)T or a later release and that is acting as a Layer 2 Tunneling Protocol (L2TP) access concentrator (LAC) or L2TP network server (LNS) may fail to process valid L2TP Zero-Length Body Acknowledgement (ZLB ACK) packets. This behavior may cause sessions and tunnels to drop.

Workaround: There is no workaround.

CSCdx02038

FXS voice port in IAD2420 does not give dialtone, no debugs seen

The customer has some 6 or 7 of his customers not able to place any call in the first port in IAD. The IAD does not even give a Dial tone. All we get is Dead Air. When we try doing debug we do not see ANY information in the Debugs.

Workaround: The only way to fix it is by reloading the box. It will fix the problem for sometime, but will surface back again.

CSCdx02102

Memory corruption with MPPE when MTU exceeds 8K

A Cisco router may experience memory corruption when configured with software encryption (MPPE) if the MTU size is greater than 8K (and if there are actually packets of length greater than 8K).

Work around is to configure MTU less than 8K when doing software encryption (MPPE).

CSCdx05704

MSCB won't propose the skip CB option to peer with dialer profiles

When a user dials in, requests MSCB and is bound to a dialer profile, after authentication (problem won't happen if the profile is bound before PPP starts) then IOS does not propose the option to skip callback during CBCP even if we are configured for it (ppp callback accept and user has empty callback dial string).

If the user opts to skip the callback anyway, we will drop the call because we did not propose that option, which is correct behavior but has only been enforced since CSCdu55093, which is why this bug has been relatively hidden up until recently.

CSCdx09410

Local RPM CLI commands for VPDN profiles stripped out at bootup

Symptom: A CLI command in startup config is not recognized by Cisco AS5800 when it boots up.

Workaround: Workaround is to manually enter that in the config after bootup.

CSCdx11607

Enable pre-auth breaks digital calls

AAA Pre-auth causes digital calls to break, because resource allocation fails.

Workaround: There is no workaround.

CSCdx22886

SGBP functionality broken

SGBP forwarding does not work if VPDN is disabled.

A temporary workaround for this problem is to enable VPDN (issue the command 'vpdn enable') and then disable it immediately (issue 'no vpdn enable') on all the SGBP stack group members. This allocates the resources required to do SGBP, and at the same time does not require VPDN to be kept enabled.

CSCdx26331

SIP: Connect Timestamp missing in CallHistory when ACK is missing

Symptom: The Call History information generated by the SIP call leg does not have a valid (non-zero) duration while the POTS Call History for the same call has a non-zero duration.

Condition: This will happen when the ACK fails to reach the TGW following an answer (200 OK response).

Workaround: There is no workaround.

CSCdx32319

3 way conference call consumes high CPU utilization

Symptom: One 3 way conference call is consuming 20+ % of cpu utilization when going over Ethernet and 30+ % of cpu utilization when going over MLPPP. Also, traceback messages were seen.

Workaround: There is no workaround.

CSCdx33510

Occasionally IAD hold DTMF digits until user hang up.

Symptom: Offhook is reported to the call agent, however any digits dialed for the endpoint are not reported to the call agent. Consequently, the endpoint does not allow a call to originate once it is in this state.

Conditions: The endpoint gets into this condition when a request for digits (A) is sent by the call agent, later followed by a request for digits (D), however the call agent has yet to provide the endpoint a digit map. The call flow described below in "Further Problem Description" provides an example. Note that SGCP 1.5, MGCP 0.1, and MGCP 1.0 are affected.

Further Problem Description:

RQNT 3956664 endpoint protocol-version
X: 3FFF
R: hd, [0-9*#ABCD](A)
200 3956664 OK
NTFY 18956 endpoint protocol-version
X: 3FFF
O: hd
200 18956 OK
RQNT 3956662 endpoint protocol-version
X: 1CFF03003956
R: hu, [0-9#*T](D)
200 3956662 OK

Note This should be a 519 error result since a digit map did not exist for the endpoint. The call agent should then follow up and provide the endpoint with a digit map.

Workaround: There is no workaround.

CSCdx40546

No ANI Information for T37 offramp fax

For T.37 offramp fax, the ANI information is currently available only from the message envelope of the E-mail. But in the case that the mail has to be bounced (such as invalid fax machine number), the mail cannot be bounced back to the correct account. The call cannot be billed in this case.

CSCin03065

New L2TP Tunnel created with existing Tunnel to same LNS.

When an attempt is made to create an additional session that has similar tunnel parameters that are defined by a RADIUS profile (for the same domain, the same user, or a different user), instead of creating a session under the existing tunnel, a new tunnel and a session are created. This condition is observed in Cisco IOS Release 12.2(7.4)T and occurs if the tunnel parameters are defined by RADIUS without either of the following definitions:

Cisco-Avpair vpdn:tunnel-id = "xyz"

Tunnel-Client-Auth-ID = "xyz"

Workaround: Define one of the following definitions under a RADIUS profile when tunnel parameters are defined:

Cisco-Avpair vpdn:tunnel-id = "xyz"

Tunnel-Client-Auth-ID = "xyz"

CSCin06313

RM/AUTH: Process (22) failed to register to VPDN message while boot

Cisco AS5850 pops out the following error message after boot up:

00:00:38: RM/AUTH: Process (22) failed to register to VPDN

This message is seen with c5850-p9-mz-v122_2_xb_throttle_flo_t.0.4.0 image.

Workaround: There is no workaround.

CSCuk32311

PPP: Only allow punt adjacencies to be installed until IPCP is open

When Cisco Express Forwarding (CEF) is enabled, adjacencies are erroneously added for sessions that have been forwarded using a tunnelling protocol such as L2TP or PPPoE. Adjacencies should only be added for sessions that terminate on the router, and only after the IP Control Protocol (IPCP) has been negotiated. There is no work-around.

CSCuk33327

RADIUS fail during EAP should trigger LCP restart

After RADIUS failover, during EAP, the NAS would try to failover to a new RADIUS server. However, this is forbidden midway through authentication. As such, the NAS was required to restart the authentication process from scratch and allow the user another attempt to authenticate.


Open Caveats—Cisco IOS Release 12.2(2)XB4

All the caveats listed in this section are open in Cisco IOS Release 12.2(2)XB4. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

.

Table 22 Open Caveats for Cisco IOS Release 12.2(2)XB4 

DDTS ID Number
Description

CSCdv38563

Network access server (NAS) may fail to include attributes 90 and 91 when a router hostname is used as the tunnel ID and when the tunnel ID is not included in the user profile.

Workaround: There is no workaround.

CSCin00405

No radius accounting start or stop record is sent by the NAS when "ppp multilink" and "aaa accounting delay-start" are configured.

Workaround is to remove one of these two commands.

CSCin03199

A Cisco 3620 router that is used as a gatekeeper and that is running Cisco IOS Release 12.2(7.6)T may reload when a location request (LRQ) is forwarded by the directory gatekeeper cluster.

Workaround: There is no workaround.


Resolved Caveats—Cisco IOS Release 12.2(2)XB4

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB4. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

Table 23 Resolved Caveats for Cisco IOS Release 12.2(2)XB4 

DDTS ID Number
Description

CSCdr47232

Set operation is not implemented for a few dsx1 specific MIB objects like dsx1LineType, dsx1LineCoding etc.

CSCdr85436

Description: This command can be used in the global config mode, to enable sending radius attribute 32 (NAS-Identifier) in the accounting request. By default fully qualified domain name (FQDN) is sent in the attribute when the format is not specified.

Syntax:

[no] radius-server attribute 32 include-in-accounting-req {format <A string that may have %i, %h or %d.>}
%i = IP address
%h = Hostname
%d = Domain name

FQDN is sent by default if the format string is not configured.

Examples:

manly(config)#radius-server attribute 32 include-in-accounting-req format cisco %h.%d %i

Following string will be sent in NAS-identifier as a part of accounting record.

cisco manly.nlab.cisco.com 10.0.1.67

CSCdr93141

The user-maxlinks feature (see http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t5/maxlink.htm) does not work when configured on a VPDN LNS/HGW.

CSCdt63321

An IP route entry may fail to be updated properly when one-step and two-step translations are performed using the Serial Line Internet Protocol (SLIP).

Workaround: There is no workaround.

CSCdu19432

Attribute Acct-Session-Time [46] in Exec Acct. Stop Record is zero.

Workaround: There is no workaround.

CSCdu35843

IP access lists are not installed when they are received from a RADIUS server. This condition is observed in Cisco IOS Release 12.2(1.2)PI.

CSCdu36862

A system accounting record needs to be sent when a radius server is added or deleted.

This will be committed in latest Cisco IOS Release 12.2 branch and will also be committed in latest 6400 branch.

CSCdu40402

On Cisco AS5400, Cisco AS5800, and Cisco AS5850 universal gateways running Cisco IOS version 12.2XB, executing the command show tdm mapping will not show resource s that are used for CAS calls.

Workaround: There is no workaround.

CSCdu40615

Some clients may fail to successfully complete IP Control Protocol (IPCP) negotiations when thousands of PPP sessions are simultaneously reestablished, as is the case when an interface with many links is recycled. All Layer 2 Tunneling Protocol (L2TP) sessions are established, but some client virtual access interfaces may not get a negotiated IP address. The missing IP address results in lost IP connectivity on that link.

Workaround: There is no workaround.

CSCdu43689

Currently, the Per-User Request buffer is limited to 600 bytes. If the user profile has more than 600 bytes of configuration information, the Per-User attributes are not processed, which results in rejecting the user.

Workaround: There is no workaround.

CSCdu64847

CISCO-AAA-SESSION-MIB user disconnect feature doesn't work for vpdn connections on the LNS.

CSCdu67010

Some TACACS+ attribute string names and attribute string values have changed slightly, e.g. "nas_rx_speed" is now "nas-rx-speed". This may cause problems for backend accounting applications trying to process records or authorization failures.

CSCdu74728

No accounting records are generated for outbound Telnet sessions after connection accounting is configured.

Workaround: There is no workaround.

CSCdu84692

When using Cisco IOS Release 12.2(2.x) and Cisco IOS Release 12.2(3.x)PI code, local VPDN authorization does not failover to the next method in the method list if the domain/dnis profile is not found. The workaround is to only use RADIUS/TACACS+ vpdn authorization.

CSCdu86243

The RADIUS attributes Ascend-Client-Primary-DNS and Ascend-Client-Secondary-DNS do not work in Cisco IOS Release 12.2(3.4)T or later. The Cisco-AVPair ip:dns-server also does not work.

Workaround: There is no workaround.

CSCdv01412

Conditions under which the problem occurs:

FXS FastEthernet FXS(LoopBack)
[Pots A]--------[1750_r1]--------|-------[1750_r2]

dial-peer voice 1 voip dial-peer voice 2 voip
destination-pattern 300 destination-pattern 300
session target ipv4:100.0.0.2 session target loopback:rtp

When A calls 300, no voice loopback occurs.

Symptoms of the problem: silent.

Workaround: There is no workaround.

CSCdv01555

Spurious access may been seen when TACACS+ is enabled in Cisco IOS Release 12.2(3.4)T or later.

Workaround: There is no workaround.

CSCdv02732

A router that is running Cisco IOS Release 12.2(3.4) T or a later release may reload unexpectedly after the Terminal Access Controller Access Control System (TACACS+) command accounting is enabled and a config net privileged EXEC command is executed. There is no workaround.

CSCdv03076

A Cisco router running Cisco IOS Release 12.2(3.4)T or later will not process Ascend RADIUS server attributes even if "non-standard" is part of the radius-server host configuration statement if the radius-server is referenced through a aaa server group. The workaround is not to use a server-group and use group radius instead.

CSCdv03689

If a Point to Point Protocol (PPP) Multilink bundle interface goes down while data is flowing through it, a Cisco router may reload.

Workaround: There is no workaround.

CSCdv04999

The username, accounting record type, and service attributes in the command accounting record is do not have appropriate value.

Workaround: There is no workaround.

CSCdv13634

AAA Accounting is not done for the additional links added to Multilink PPP bundle when "aaa accounting delay-start" is configured.

Workaround: There is no workaround.

CSCdv19031

Currently with radius debugging turned on customers see a lot of debugs describing attributes in the packets sent and received. In order to reduce the amount of spewed out on the console a new option of 'brief' needs to be added the 'debug radius' command. This option will only indicate I/O transactions with some packet header information. Customers not turning on debugging or, not doing RADIUS wont see this problem.

CSCdv19928

When the Idle-Timeout attribute is received from RADIUS on an asynchronous interface, a vaccess interface is created and the timeout is not applied directly to the asynchronous interface. The Idle-Timeout attribute still works. The only side effect is that there is an extra vaccess created that is bound to the asynchronous interface.

Workaround: There is no workaround.

CSCdv20977

Incoming Multilink Point-to-Point Protocol (MLP) packets from an ATM interface are getting process switched when a virtual template is used for the MLP bundle configuration.

CSCdv26709

Certain values for Ascend-Disconnect-Cause and Ascend-Connect-Progress are recorded inaccurately in Stop messages. This is mainly observed in 122T train.

This problem is observed with PPP sessions when using RADIUS Accounting.

Workaround: There is no workaround.

CSCdv29468

If a PPP client does not authenticate after agreeing to do so during LCP negotiation, the PPP session will continue to stay open in this limbo state until the client disconnects the session.

CSCdv33270

Under certain conditions, resources may be associated with a virtual private dialup network (VPDN) group even when there are no active calls.

Workaround: There is no workaround.

CSCdv33313

When network accounting is performed for PPP over ATM (PPPoA) sessions, RADIUS "start" or "stop" accounting records may occasionally fail to be sent. There is no workaround.

Under certain conditions on a LAC, if the session is a VPDN forwarded session and the connection to the LAC is a dedicated serial line, memory can be leaked because AAA misses the stop record, so it never cleans up the AAA data for the session. This will happen if the connection continuously tries to renegotiate then attempt forwarding, which never succeeds. Eventually, the client sends a TERMREQ which restarts the session, but AAA does not get a NET STOP event so memory is leaked.

CSCdv34768

A Cisco router running IOS may show the following traceback when using "local-case" authentication:

00:05:16: %AAA-3-BADMETHOD: Cannot process authentication method 2160756888
-Process= "AAA Server", ipl= 0, pid= 26
-Traceback= 8016F170 8016A6C8 8016AED0 8016B048 8019A94C

Workaround: There is no workaround.

CSCdv40729

In a plain bri-pri (Peer - NAS) scenario, when a call is disconnected with the command 'clear in serial0:23' on the NAS, the Ascend-Disconnect-Cause value generated is '0' (No-Reason).

When the call is brought down by clearing the interface on the peer, it is given a value(63). If brought down by doing 'shutdown' on peer/NAS value 11 is generated. The problem occurs only with by doing clear interface on the NAS.

CSCdv40116

Reverse-access Authorization fails if the method used is Radius. Radius mandatory attribute "port" is not properly obtained causing this authorization failure.

Workaround: There is no workaround.

CSCdv41871

Ping fails when non-mlppp call is up on B-channel previously used to terminate mlppp call.

CSCdv43136

We may see some unexpected debug information during call suspend. Those debug information doesn't cause any side effect beside displaying unexpected debug information.

CSCdv43856

aaa attr debug does not show the tag added. This is seen in Cisco IOS Release 12.2(4.2)PI. This is just a problem in debug and will not affect any other functionality.

CSCdv54349

When running Cisco IOS Release 12.2(5.2)T and later IOS images, you may be unable to do local AAA authentication.

Workaround: There is no workaround. Either do AAA to a remote server or downgrade to an earlier release of code.

CSCdv62649

The command ip tacacs source-interface doesn't work properly. If configured to use loopback interface for tacacs packets, router may still use interface address.

CSCdv64668

The first PAP authentication after a PPP renegotiation triggered by a CONFREQ from the client will fail even though the RADIUS/TACACS+ server returns a success.

Workaround: There is no workaround.

CSCdv67009

The following error message may be seen on a Cisco voice gateway running the Session Initiation Protocol (SIP):

Nov 24 20:24:12: %SIP-3-BADPAIR: Unexpected event 14 (SIPSPI_EV_CC_CALL_CONNECT) in state 8 (STATE_DISCONNECTING) substate 0 (SUBSTATE_NONE)
-Traceback= 60DAD08C 60DAD7AC 6040ACD4 6040ACC0.

This indicates that the call was cancelled while it was in the process of being brought up.

This message can be safely ignored.

CSCdv76649

When the customer tries to use ^C to abort the copy operation when he prompted for confirmation, he can't break out of the copy process.

CSCdv78693

Spurious memory access messages appear on gatekeepers when an URQ without a call signal address in it is sent to Gateway.

Workaround: There is no workaround.

CSCdv79210

A Cisco router gradually looses memory when Media Gateway Control Protocol (MGCP) calls are originated on the router.

Workaround: There is no workaround.

CSCdv83040

When using Ascend RADIUS attribute 242, IP protocols of 50 and 51 will not be accepted. This will cause users with these IPsec protocols set in their profile to be disconnected.

CSCdv83402

A PPPoE/PPPoA aggregation router may unexpectedly reload when many PPP events happen in a short amount of time. The router will display a STACKLOW message before reloading.

CSCdv87754

Symptom: A Cisco AS5850 Route Switch Controller incorrectly attempts to repeatedly netboot a Cisco IOS image if it cannot find the specified boot system image on its compact flash. The system interprets the full path of the configured boot image that failed as the image it should netboot.

Messages similar to the following are observed:

Sleeping for 2 secs before next netboot attempt
%SYS-6-READ_BOOTFILE_FAIL: disk0:c5850-p9-mz File boot failed -- File not
accessible.

The correct behavior for a bootloader if it cannot find any specified boot images at reload time is to fall back and request the system to run the first image it can find off disk0: or bootflash:

Conditions: Cisco AS5850 Route Switch Controllers with Cisco IOS 12.2(2)XB1 or Cisco IOS 12.2(2)XB2 bootloaders may experience this problem at reload time if the boot system image configuration points to a file on disk0: that does not exist.

Workaround: Ensure that the boot system image configuration points to an existing and valid image on disk0:, provide additional correct boot image locations in the configuration, or use a bootloader of version Cisco IOS 12.1(5)XV3.

CSCdw00019

Although SGBP tunnels will still be up, SGBP bidding itself might stop working after a router has been up for sometime. This problem only occurs if two routers in the stack group receive two links of a bundle at the same time.

Removing, and reapplying the SGBP config was sufficient to get things working again.

CSCdw01726

A Simple Network Management Protocol version 3 (SNMPv3) user is created using message digest 5 (MD5) authentication using the following commands:

snmp group groupy v3 auth

snmp user abcdefghij groupy v3 auth md5 abcdefghij

An SNMP walk is performed, the configuration is saved, and the router is reloaded.

newhope:~/src/wccp2# snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l
AuthNoPriv 194.12.224.11

It is working and a debug snmp header shows this:

Incoming SNMP packet
: v3 packet security model: v3 security level: auth
username: abcdefghij

A second SNMP walk is performed:

newhope:~/src/wccp2# snmpwalk -v 3 -u abcdefghij -A abcdefghij -a MD5 -l
AuthNoPriv 194.12.224.11

After the second SNMP walk is performed, the command does not return any output and the debug snmp headers show this:

Incoming SNMP packet
: v3 packet security model: v3 security level: noauth
: username: abcdefghij

Workaround: There is no workaround.

CSCdw02945

Symptom: Incoming calls may fail to create a virtual profile even though the router is configured for this.

Conditions: This problem may occur in a dial up environment where a virtual profile virtual template is defined but where no AAA authorization has been enabled This issue only occurs in Cisco IOS Release 12.2 T.

Workaround: A workaround is to configure AAA authorization e.g., aaa authorization network default local

CSCdw06322

The following error message may be seen on a Cisco voice gateway running the Session Initiation Protocol (SIP):

Nov 24 20:24:12: %SIP-3-BADPAIR: Unexpected event 14 (SIPSPI_EV_CC_CALL_CONNECT) in state 8 (STATE_DISCONNECTING) substate 0 (SUBSTATE_NONE)
-Traceback= 60DAD08C 60DAD7AC 6040ACD4 6040ACC0.

This indicates that the call was cancelled while it was in the process of being brought up.

This message can be safely ignored.

CSCdw07406

When SIP receives an Out of Range cause from CCAPI we spurt out the following Traceback:

01:25:14: %SIP-3-INTERNAL: Unknown PSTN cause code from CCAPI: 172
-Traceback= 60F76E04 60F60750 60F6C4A8 60F6CC30 60446D7C 60446D68a

Workaround: There is no workaround.

CSCdw08182

The router is recognizing that it has a VWIC-1MFT-T1 in a NM-1FE2W in the show diag. The problem is that the T1 controller doesn't appear in the config. The FastE is present. I have checked HW/SW compatibility from several viewpoints and all agreed that the IOS should support the hardware. The router has sufficient memory.

Workaround: There is no workaround.

CSCdw09542

Before this fix, per-user authorization required a service type of Outbound in the Radius profile.

CSCdw11765

PPP Link Control Protocol (LCP) is not accepting sent CONFACK negotiated on a asynchronous interface for a virtual profile.

Workaround: There is no workaround.

CSCdw13432

When the called party is busy in a two-stage call scenario, the calling party may not hear a busy tone and the call terminates immediately. This behavior is observed with Cisco IOS Release 12.2(2)XB, Release 12.2(7), and some earlier Cisco IOS Release 12.2 releases.

Workaround: There is no workaround.

CSCdw18282

A basic call cannot be established if a voice port is configured with a multifrequency (MF) tone dial type and the incoming plain old telephone service (POTS) dial peer uses the interactive voice response (IVR) 2.0 application "session" which cannot process MF digits, particularly digits such as KP and ST.

Workaround: There is no workaround.

CSCdw18785

When a 302 redirect is received after a 18x with a COntact header the outgoing INVITE will have the request uri of the Contact in the 18x. It should use the Contact of the 302.

A workaround is disabling rel1xx on the router.

CSCdw23836

When a 18x is received which was sent reliably, a PRACK needs to be sent. Subsequent 18x's received that match the previous one's call leg do not receive a PRACK.

Workaround: Disable reliable provisional responses.

CSCdw25746

Symptom: Cisco Voice Gateways may experience a reload especially when running high levels of traffic.

Conditions: This problem may be experienced in Cisco IOS Release 12.2(2)XB2 and Cisco IOS Release 12.2 mainline releases.

Workaround: There is no workaround.

CSCdw28786

When the customer tries to use ^C to abort the copy operation when he prompted for confirmation, he can't break out of the copy process.

CSCdw30994

When downloading IP pools from a AAA server, there is no way to define a non-contiguous range of addresses using multiple statements like this:

"ip:pool-def#1=aol-pool 192.168.232.0 192.168.237.255",
"ip:pool-def#2=aol-pool 192.168.238.1 192.168.238.160"

When those statements are applied, the second pool-def overwrites the first one. Defining the pools on the command line yields the expected result. This only happens in Cisco IOS Release 12.2(2)XB ED release train. Cisco IOS Release 12.1/Cisco IOS Release 12.2 does not exhibit this behavior.

CSCdw35046

A Cisco router may reload when proxied RADIUS is used for authentication and accounting.

Workaround: There is no workaround.

CSCdw35930

The command aaa authentication attempts login <n> appears in the configuration if the command tacacs-server attempts <n> is present in the configuration. Changes to either command will be reflected in the other. Also, the number of attempts granted is actually one less than the number configured. The workaround is to configure one more attempt than the number you actually want.

CSCdw43862

For some devices that are not conforming to V.110 async to sync padding requirements, this cli command allow the users to disable the padding.

CSCdw46065

A Cisco router that is used as a gateway may reload if one of multiple record routes that are received on the gateway is invalid.

Workaround: There is no workaround.

CSCdw50107

MGCP CAC was not working on 2420/3620/3640. The user can not configure "mgcp rtrcac" and "mgcp src-cac".

Workaround: There is no workaround.

CSCdw53243

In a Cisco Signaling System 7 (SS7) Interconnect for Voice Gateways solution, if a Cisco AS5400 universal access gateway receives an incoming time-division multiplexing (TDM) call (NI-2, PRI, channel-associated signaling [CAS]) with a called number that does not match a configured dial-peer, the call will be connected to a modem, and a modem tone will be played back to the calling party. This is normal behavior, however there is no configurable option for such to be rejected instead of being treated as a modem call.

CSCdw53071

If a second call is made after the first call is completely disconnected (by hanging up the phone instead of using the flash feature to switch between two calls), the second call may fail.

Workaround: There is no workaround.

CSCdw62969

A network access server (NAS) that is running Cisco IOS Release 12.2(02)XB3 or Release 12.2(8)T may reload when Layer 2 forwarding (L2F) virtual private dial-up network (VPDN) calls are placed using an authentication, authorization, and accounting (AAA) VPDN user profile that does not contain the RADIUS class (25) attribute.

Workaround: Configure a dummy RADIUS class (25) attribute in the VPDN user profile on the AAA server.

CSCdw66251

SIP gateway midcall INVITE requests in the called to calling party direction will have the Route header constructed incorrectly. ACK requests in the called to calling party direction will have the request URI constructed incorrectly. This could cause some operations such as T.38 fax relay to fail.

This problem can occur only if two or more SIP proxies are in the SIP signalling path and the Record Route feature is enabled.

Workaround: There is no workaround.

CSCdw68658

The gateway will reject a mid-call Invite with hold sdp where the connection information (c line) is set to 0.0.0.0 and the port number of the media description (m line) is also set to 0. Instead of responding with a 200 OK response, the gateway will return a 488 Media Unacceptable response. The problem will not occur if the user agent placing the gateway on hold, sets the port number to a value other than 0.

Workaround: There is no workaround.

CSCdw77524

When rtp payload-type cisco-codec-fax-ind is changed from 96 to 99 then we ingress an invite with sdp rtp payload type 96 nte the gateway responds with an rtp payload type 97. These 2 payload types are chosen for the proprietary implementation of Cisco fax-relay. Per RFC2833, the gateway should not be doing this. This affects all Cisco fax gateways which support Cisco fax-relay.

Work around: Use the rtp payload-type command on the Cisco gateway to change the assignment of the payload types, but this command is broken.

CSCuk25642

When using callin authentication on a LSDO call with RADIUS, PPP sends multiple authorization requests to AAA. This will slow down call setup but have no functional impact.

CSCuk25721

RADIUS CLID attribute was missing for large scale dialout accounting.

CSCuk25947

If PPP authentication is configured on an interface and if a user negotiates a callback during a Link Control Protocol (LCP) operation, the call will fail if the user does not have any callback information configured.

Workaround: There is no workaround.

CSCuk26562

AAA id debugging was not clear and displayed far too much information.

CSCuk26642

RADIUS calls with a non-RFC supported value were accepted when they should be rejected.

CSCuk27924

send-auth would not be applied on the NAS, but rather the value of auth-type would be used instead.

CSCuk28445

We now store a generic 'wrapper' record which holds information in the tree, generic to all accounting records. This way, we are not impacted by the life-span of any one accounting record.


Open Caveats—Cisco IOS Release 12.2(2)XB3

There are no open caveats specific to Cisco IOS Release 12.2(2)XB3 that require documentation in the release notes.

Resolved Caveats—Cisco IOS Release 12.2(2)XB3

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB3. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

CSCdw65903

An error can occur with management protocol processing. Please use the following URL for further information:

http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCdw65903

Open Caveats—Cisco IOS Release 12.2(2)XB2

All the caveats listed in this section are open in Cisco IOS Release 12.2(2)XB2. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

.

Table 24 Open Caveats for Cisco IOS Release 12.2(2)XB2

DDTS ID Number
Description

CSCdw06195

Fax call does not work between c3660 and ATA-186 running MGCP with BTS 3.0 call agent.

CSCdw08182

The router is recognizing that it has a VWIC-1MFT-T1 in a NM-1FE2W in the show diag. The problem is that the T1 controller doesn't appear in the config. The FastE is present. I have checked HW/SW compatibility from several viewpoints and all agreed that the IOS should support the hardware. The router has sufficient memory.

Workaround: There is no workaround.

CSCdw18282

Basic e&m-wink-start with mf digit signaling does work. However when application session is applied to the incoming pots dial-peer it fails.

CSCdw20813

The sh modem command does not display the correct information for exec session for MODI.

Workaround: There is no workaround.


Resolved Caveats—Cisco IOS Release 12.2(2)XB2

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB2. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

CSCdu57353

Modi line coming up in no DTR state after OIR in 3660 router intermittently.

Workaround: Use clear line command.

Open Caveats—Cisco IOS Release 12.2(2)XB1

This section documents possible unexpected behavior by Cisco IOS Release 12.2(2)XB15 and describes only severity 1 and 2 caveats and select severity 3 caveats.

CSCdv58141

When doing DTMF Relay tone testing, Nextport presents a power level difference between the 2 frequencies of each digit (1234567890ABCD*#). This problem happens with Inband Signaling DTMF Relay method RTP-NTE generating and detecting digits.

Resolved Caveats—Cisco IOS Release 12.2(2)XB1

All the caveats listed in this section are resolved in Cisco IOS Release 12.2(2)XB15. This section describes only severity 1 and 2 caveats and select severity 3 caveats.

CSCdv44123

WIC-1AM, WIC-2AM analog modem lines come up with no DTR or in Ready state intermittently. The workaround for this problem is to clear line or clear modem.

Open Caveats—Cisco IOS Release 12.2(2)XB

This section documents possible unexpected behavior by Cisco IOS Release 12.2(2)XB15 and describes only severity 1 and 2 caveats and select severity 3 caveats.

.

Table 25 Open Caveats for Cisco IOS Release 12.2(2)XB

DDTS ID Number
Description

CSCdv46685

Second Stage Dialing Broken on MGCP Gateways

Symptom: Back-to-back MGCP second stage dialing calls may fail. The second (and all subsequent) requests for digit detection may not receive NTFY messages containing the detected digits so the Call Agent will not know that the gateway received the digits.

In MGCP, if the following happens:

1. An RQNT is sent from the Call Agent requesting digits and then a NTFY is sent by the gateway indicating that the requested digit map has been satisfied

2. A "DLCX" is sent with NO "X:" parameter and no other messages between a) and b) are sent which include an empty "R:" parameter

3. A second RQNT is sent from the Call Agent requesting digits

then the digits detected for the second RQNT will NOT be sent in a NTFY. No digits will be detected on that endpoint until either a DLCX WITH an "X:" parameter is sent OR any message with an empty "R:" parameter is sent.

Conditions: This problem has been reproduced on 5400 universal gateways but will be present for any MGCP gateway.

Workaround: There are two possible workarounds. Both involve modifications to the messages sent from a Call Agent:

1. If the Call Agent sends any MGCP message with an empty "R:" parameter to that endpoint between the initial RQNT and the later RQNT (either before or after the DLCX) then the second RQNT will get NTFY'ed as expected.

2. If the Call Agent includes an "X:" parameter in the DLCX then the second RQNT will get NTFY'ed as expected.

CSCdv62036

Router crashes when Transparent-CCS configurations using VoATM-AAL5 calls are made. Transparent-CCS VoIP configurations are unaffected.

There is no work around.


Resolved Caveats—Cisco IOS Release 12.2(2)XB

There are no resolved caveats specific to Cisco IOS Release 12.2(2)XB that require documentation in the release notes.

Related Documentation

The following sections describe the documentation available for the Cisco 3600 series. These documents consist of hardware and software installation guides, Cisco IOS configuration guides and command references, system error messages, feature modules, and other documents.

Documentation is available as printed manuals or electronic documents, except for feature modules, which are available online on Cisco.com and the Documentation CD-ROM.

Use these release notes with these documents:

Release-Specific Documents

Platform-Specific Documents

Feature Modules

Feature Navigator

Cisco IOS Software Documentation Set

Release-Specific Documents

The following documents are specific to Cisco IOS Release 12.2 and are located on Cisco.com and the Documentation CD-ROM:

Cross-Platform Release Notes for Cisco IOS Release 12.2 

On Cisco.com at:

Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2: Release Notes: Cross-Platform Release Notes

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Release Notes: Cross-Platform Release Notes

Product bulletins, field notices, and other release-specific documents on Cisco.com at:

Technical Documents

The "Caveats for Cisco IOS Release 12.2 XB" section

As a supplement to the caveats listed in "Caveats for Cisco IOS Release 12.2 XB" in these release notes, see Caveats for Cisco IOS Release  12.2 and Caveats for Cisco  IOS Release 12.2 T, which contain caveats applicable to all platforms for all maintenance releases of Cisco IOS Release 12.2 and Cisco IOS Release 12.2 T.

On Cisco.com at:

Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2: Release Notes: Caveats

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Caveats


Note If you have an account with Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and click Technical Support: Tools & Utilities: More: Software Bug Toolkit (under Troubleshooting Tools). Another option is to go to http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl.


Platform-Specific Documents

These documents are available for the Cisco 3600 series on Cisco.com and the Documentation CD-ROM:

Quick Start Guide Cisco 3600 Series Routers

Hardware Installation Documents for Cisco 3600 Series

Software Configuration Documents for Cisco 3600 Series

Regulatory Compliance and Safety Documents for Cisco 3600 Series

On Cisco.com at:

Technical Documents: Cisco Product Documentation: Access Servers and Access Routers: Modular Access Routers: Cisco 3600 Series Routers

On the Documentation CD-ROM at:

Cisco Product Documentation: Access Servers and Access Routers: Modular Access Routers: Cisco 3600 Series Routers

Feature Modules

Feature modules describe new features supported by Cisco IOS Release 12.2(2)XB15 and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.

On Cisco.com at:

Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2: New Feature Documentation

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: New Feature Documentation

Feature Navigator

Cisco IOS software is packaged in feature sets that are supported on specific platforms. To get updated information regarding platform support for this feature, access Cisco Feature Navigator. Cisco Feature Navigator dynamically updates the list of supported platforms as new platform support is added for the feature.

Cisco Feature Navigator is a web-based tool that enables you to quickly determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or release. Under the release section, you can compare releases side by side to display both the features unique to each software release and the features in common.

To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:

http://www.cisco.com/register

Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:

http://www.cisco.com/go/fn

Cisco IOS Software Documentation Set

The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents. The Cisco IOS software documentation set is shipped with your order in electronic form on the Documentation CD-ROM—unless you specifically ordered the printed versions.

Documentation Modules

Each module in the Cisco IOS documentation set consists of one or more configuration guides and one or more corresponding command references. Chapters in a configuration guide describe protocols, configuration tasks, and Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.

On Cisco.com at:

Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2: Configuration Guides and Command References

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2: Configuration Guides and Command References

Cisco IOS Release 12.2 Documentation Set Contents

Table 26 lists the contents of the Cisco IOS Release 12.2 software documentation set, which is available in electronic form and in printed form if ordered.


Note You can find the most current Cisco IOS documentation on Cisco.com and the Documentation CD-ROM.


On Cisco.com at:

Technical Documents: Cisco IOS Software: Cisco IOS Release 12.2

On the Documentation CD-ROM at:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.2

Table 26 Cisco IOS Release 12.2 Documentation Set 

Books
Major Topics

Cisco IOS Configuration Fundamentals Configuration Guide

Cisco IOS Configuration Fundamentals Command Reference

Cisco IOS User Interfaces
File Management
System Management

Cisco IOS Bridging and IBM Networking Configuration Guide

Cisco IOS Bridging and IBM Networking Command Reference, Volume 1 of 2

Cisco IOS Bridging and IBM Networking Command Reference, Volume 2 of 2

Transparent Bridging
SRB
Token Ring Inter-Switch Link
Token Ring Route Switch Module
RSRB
DLSW+
Serial Tunnel and Block Serial Tunnel
LLC2 and SDLC
IBM Network Media Translation
SNA Frame Relay Access
NCIA Client/Server
Airline Product Set
DSPU and SNA Service Point
SNA Switching Services
Cisco Transaction Connection
Cisco Mainframe Channel Connection
CLAW and TCP/IP Offload
CSNA, CMPC, and CMPC+
TN3270 Server

Cisco IOS Dial Technologies Configuration Guide: Dial Access

Cisco IOS Dial Technologies Configuration Guide: Large-Scale Dial Applications

Cisco IOS Dial Technologies Command Reference,
Volume 1 of 2

Cisco IOS Dial Technologies Command Reference,
Volume 2 of 2

Dial Access
Modem and Dial Shelf Configuration and Management
ISDN Configuration
Signaling Configuration
Point-to-Point Protocols
Dial-on-Demand Routing
Dial Backup
Dial Related Addressing Service
Network Access Solutions
Large-Scale Dial Solutions
Cost-Control Solutions
Internetworking Dial Access Scenarios

Cisco IOS Interface Configuration Guide

Cisco IOS Interface Command Reference

LAN Interfaces
Serial Interfaces
Logical Interfaces

Cisco IOS IP Configuration Guide

Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services

Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols

Cisco IOS IP Command Reference, Volume 3 of 3: Multicast

IP Addressing
IP Services
IP Routing Protocols
IP Multicast

Cisco IOS AppleTalk and Novell IPX Configuration Guide

Cisco IOS AppleTalk and Novell IPX Command Reference

AppleTalk
Novell IPX

Cisco IOS Apollo Domain, Banyan VINES, DECnet, ISO CLNS, and XNS Configuration Guide

Cisco IOS Apollo Domain, Banyan VINES, DECnet, ISO CLNS, and XNS Command Reference

Apollo Domain
Banyan VINES
DECnet
ISO CLNS
XNS

Cisco IOS Voice, Video, and Fax Configuration Guide

Cisco IOS Voice, Video, and Fax Command Reference

Voice over IP
Call Control Signaling
Voice over Frame Relay
Voice over ATM
Telephony Applications
Trunk Management
Fax, Video, and Modem Support

Cisco IOS Quality of Service Solutions Configuration Guide

Cisco IOS Quality of Service Solutions Command Reference

Packet Classification
Congestion Management
Congestion Avoidance
Policing and Shaping
Signaling
Link Efficiency Mechanisms

Cisco IOS Security Configuration Guide

Cisco IOS Security Command Reference

AAA Security Services
Security Server Protocols
Traffic Filtering and Firewalls
IP Security and Encryption
Passwords and Privileges
Neighbor Router Authentication
IP Security Options
Supported AV Pairs

Cisco IOS Switching Services Configuration Guide

Cisco IOS Switching Services Command Reference

Cisco IOS Switching Paths
NetFlow Switching
Multiprotocol Label Switching
Multilayer Switching
Multicast Distributed Switching
Virtual LANs
LAN Emulation

Cisco IOS Wide-Area Networking Configuration Guide

Cisco IOS Wide-Area Networking Command Reference

ATM
Frame Relay
SMDS
X.25 and LAPB

Cisco IOS Mobile Wireless Configuration Guide

Cisco IOS Mobile Wireless Command Reference

General Packet Radio Service

Cisco IOS Terminal Services Configuration Guide

Cisco IOS Terminal Services Command Reference

ARA
LAT
NASI
Telnet
TN3270
XRemote
X.28 PAD
Protocol Translation

Cisco IOS Configuration Guide Master Index

Cisco IOS Command Reference Master Index

Cisco IOS Debug Command Reference

Cisco IOS Software System Error Messages

New Features in 12.2-Based Limited Lifetime Releases

New Features in Release 12.2 T

Release Notes (Release note and caveat documentation for 12.2-based releases and various platforms)

 


Obtaining Documentation

The following sections provide sources for obtaining documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at this URL:

http://www.cisco.com

Translated documentation is available at this URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.

Ordering Documentation

You can order Cisco documentation in these ways:

Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

You can submit comments electronically on Cisco.com. In the Cisco Documentation home page, click the Fax or Email option in the "Leave Feedback" section at the bottom of the page.

You can email your comments to bug-doc@cisco.com.

You can submit your comments by mail by using the response card behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.

Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you with these tasks:

Streamline business processes and improve productivity

Resolve technical issues with online support

Download and test software packages

Order Cisco learning materials and merchandise

Register for online skill assessment, training, and certification programs

If you want to obtain customized information and service, you can self-register on Cisco.com. To access Cisco.com, go to this URL:

http://www.cisco.com

Technical Assistance Center

The Cisco Technical Assistance Center (TAC) is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC Web Site and the Cisco TAC Escalation Center.

Cisco TAC inquiries are categorized according to the urgency of the issue:

Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.

Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.

Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.

The Cisco TAC resource that you choose is based on the priority of the problem and the conditions of service contracts, when applicable.

Cisco TAC Web Site

You can use the Cisco TAC Web Site to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to this URL:

http://www.cisco.com/tac

All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:

http://www.cisco.com/register/

If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC Web Site, you can open a case online by using the TAC Case Open tool at this URL:

http://www.cisco.com/tac/caseopen

If you have Internet access, we recommend that you open P3 and P4 cases through the Cisco TAC Web Site.

Cisco TAC Escalation Center

The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.

To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.

 


hometocprevnextglossaryfeedbacksearchhelp

Posted: Tue Dec 13 19:06:55 PST 2005
All contents are Copyright © 1992--2005 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.