Полезная информация

cc/td/doc/product/software/ios120/relnote
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Release Notes for Cisco  IOS Release  12.0(2)T Feature Packs for  Cisco  1700 Series Routers

Release Notes for Cisco  IOS Release  12.0(2)T Feature Packs for  Cisco  1700 Series Routers

February 8, 1999

These release notes describe the Cisco IOS Releases 12.0(2)T and 12.0(2)T1 feature packs for Cisco  1700 series routers. In these release notes, all references to Cisco IOS Release 12.0(2)T apply to both Cisco IOS Releases 12.0(2)T and 12.0(2)T1 unless otherwise stated.

Contents

These release notes contain the following topics:

Introduction

This section explains how to use this document, describes feature pack components, and has tables that define the aspects of a feature pack.

How to Use These Release Notes

The tables in these release notes contain details about the Cisco feature packs. Use these tables to perform the following tasks before loading a software image onto a router:

    1. Use Table 1, "Feature Pack Product Numbers Quick-Reference List," to identify the software image you want to load.

    2. Use Table 2, "Cisco 1700 Series Feature Packs," to identify your feature pack and the memory required for your feature set, based on the image you load.

    3. Use Table 5, "Default Memory and Upgrade Options," to check the memory required for your feature set, and determine the factory-default memory on the router and the available memory upgrades.

    4. Use the "Feature Set Tables" to identify which features are supported in a feature set image.

What Is a Feature Pack?

This section describes:

Feature Pack Components

A feature pack is a small box that contains the following items:

The heart of a feature pack is the CD-ROM that contains software images and the Router Software Loader (RSL), which is a Windows 95 application that loads an image onto an access router or server. Each feature pack CD-ROM contains at least one Cisco  IOS feature set. The CD booklet, Getting Started with the Router Software Loader, explains how to use the RSL to install the router image. If you cannot use the RSL to load images, you can follow the instructions in the "Alternatives to the RSL" section.

Before running the RSL, read the "Installing Software Images Using the RSL" section. If you are loading software on a preconfigured router, you should save the router configuration file on your PC before beginning the image download process, as described in Getting Started with the Router Software Loader.

Product Numbers Quick-Reference List

Table 1 lists the Cisco product numbers of the feature packs supported in this release.


Table 1: Feature Pack Product Numbers Quick-Reference List
Product Number Feature Pack Description

CD17-C-12.0=

Cisco 1700 IP Feature Pack

CD17-CP-12.0=

Cisco 1700 IP Plus Feature Pack

CD17-CW-12.0=

Cisco 1700 IP Plus 40 Feature Pack

CD17-CY-12.0=

Cisco 1700 IP Plus 56 Feature Pack

CD17-CL-12.0=

Cisco 1700 IP Plus IPSEC 56 Feature Pack

CD17-CH-12.0=

Cisco 1700 IP/Firewall Feature Pack

CD17-CHL-12.0=

Cisco 1700 IP/Firewall Plus IPSEC 56 Feature Pack

CD17-B-12.0=

Cisco 1700 IP/IPX Feature Pack

CD17-BHP-12.0=

Cisco 1700 IP/IPX/Firewall Plus Feature Pack

CD17-Q-12.0=

Cisco 1700 IP/IPX/AppleTalk/IBM Feature Pack

CD17-QHL-12.0=

Cisco 1700 IP/IPX/AT/IBM/FW PLUS IPSEC 56 Feature

CD17-CK2-12.0=

Cisco 1700 IP Plus IPSEC 3DES Feature Pack

CD17-CHK2-12.0=

Cisco 1700 IP/Firewall Plus 3DES Feature Pack

CD17-QHK2-12.0=

Cisco 1700 IP/IPX/AT/IBM/FW PLUS 3DES Feature Pack

Feature Pack Overview Table

Table 2 identifies each feature pack as specified on the router software CD-ROM label, describes the feature sets in each feature pack, and lists the following: UNIX and DOS filenames of the images, memory requirements, and RSL installer description.


Table 2: Cisco 1700 Series Feature Packs
Product Number CD-ROM Title Image Name (UNIX) Image Name (DOS) Flash Memory Required Main Memory Required RSL Installer Description

CD17-C-12.0=

Cisco 1700 IP Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-y-mz.120-2a.T1

aaa0065

4MB

16MB

Cisco 1700 IOS IP Feature Set 12.0(2a)T1

CD17-CP-12.0=

Cisco 1700 IP Plus Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-sy-mz.120-2a.T1

aaa0066

4MB

16MB

Cisco 1700 IOS IP Plus Feature Set 12.0(2a)T1

CD17-CW-12.0=

Cisco 1700 IP PLUS 40 Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-sy40-mz.120-2a.T1

aaa0068

4MB

20MB

Cisco 1700 IOS IP Plus 40 Feature Set 12.0(2a)T1

CD17-CY-12.0=

Cisco 1700 IP PLUS 56 Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-sy56-mz.120-2a.T1

aaa0069

4MB

20MB

Cisco 1700 IOS IP Plus 56 Feature Set 12.0(2a)T1

CD17-CL-12.0=

Cisco 1700 IP PLUS IPSEC 56 Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-sy56i-mz.120-2a.T1

aaa0070

4MB

20MB

Cisco 1700 IOS IP Plus IPSEC 56 Feature Set 12.0(2a)T1

CD17-CH-12.0=

Cisco 1700 IP/FW Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-oy-mz.120-2a.T1

aaa0067

4MB

16MB

Cisco 1700 IOS IP/Firewall Feature Set 12.0(2a)T1

CD17-CHL-12.0=

Cisco 1700 IP/FW PLUS IPSEC 56 Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-osy56i-mz.120-2a.T1

aaa0072

4MB

20MB

Cisco 1700 IOS IP/Firewall Plus IPSEC 56 Feature Set 12.0(2a)T1

CD17-B-12.0=

Cisco 1700 IP/IPX Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-ny-mz.120-2a.T1

aaa0074

4MB

16MB

Cisco 1700 IOS IP/IPX Feature Set 12.0(2a)T1

CD17-BHP-12.0=

Cisco 1700 IP/IPX/FW PLUS Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-nosy-mz.120-2a.T1

aaa0075

4MB

20MB

Cisco 1700 IOS IP/IPX/Firewall Plus Feature Set 12.0(2a)T1

CD17-Q-12.0=

Cisco 1700 IP/IPX/AT/IBM Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-bnr2y-mz.120-2a.T1

aaa0076

4MB

20MB

Cisco 1700 IOS IP/IPX/AppleTalk/
IBM Feature Set 12.0(2a)T1

CD17-QHL-12.0=

Cisco 1700 IP/IPX/AT/IBM/
FW PLUS IPSEC 56 Feature Pack

c1700-bnor2sy56i-mz.120-2a.T1

aaa0077

8MB

24MB

Cisco 1700 IOS IP/IPX/AT/IBM/FW PLUS IPSEC 56 Feature

CD17-CK2-12.0=

Cisco 1700 IP Plus IPSEC 3DES Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-k2sy-mz.120-2a.T1

aaa0071

4MB

20MB

Cisco 1700 IOS IP Plus IPSEC 3DES Feature Set 12.0(2a)T1

CD17-CHK2-12.0=

Cisco 1700 IP/Firewall Plus 3DES Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-k2osy-mz.120-2a.T1

aaa0073

4MB

20MB

Cisco 1700 IOS IP/Firewall Plus 3DES Feature Set 12.0(2a)T1

CD17-QHK2-12.0=

Cisco 1700 IP/IPX/AT/IBM/FW PLUS 3DES Feature Pack

Release 12.0(2a)T1

Router Software Loader Version 7.3

c1700-bk2nor2sy-mz.120-2a.T1

aaa0078

8MB

24MB

Cisco 1700 IOS IP/IPX/AT/IBM/FW PLUS 3DES Feature Set 12.0(2a)T1

Feature Set Tables

The Cisco  IOS software is packaged into feature sets (also called images). Many different feature sets are available, and each feature set contains a specific subset of Cisco  IOS features. The following conventions are used to identify feature sets:

Cisco  IOS images with strong encryption (including, but not limited to, 56-bit DES) are subject to U.S. government export controls and have a limited distribution. Images to be installed outside the U.S. require an export license. Customer orders might be denied or subject to delay due to U.S. government regulations. Contact your sales representative or distributor for more information, or send e-mail to export@cisco.com.

The following list shows which feature sets are supported on the Cisco 1700 series routers. These feature sets only apply to Cisco  IOS Release  12.0(2)T:

To determine what features are available with each feature set (software image), see Table 3. The table summarizes the features you can use when running a specific feature set on the Cisco 1700 series routers for Cisco IOS Release 12.0(2)T, and uses these terms to identify features:

Feature Set
Matrix Term
Description

Yes

This feature is offered in the feature set.

No

This feature is not offered in the feature set.


Note This feature set table contains only a selected list of features. This table is not a cumulative or complete list of all the features in each image.


Table 3: Cisco IOS Software Feature Sets for the Cisco 1700 Routers, Part 1
Feature Set
Features IP IP Plus IP Plus 40 IP Plus 56 IP Plus IPSEC 56 IP/FW IP/FW Plus IPSec 56
IBM Support

Bridging Code Rework

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IP Routing

IP Type of Service and Precedence for GRE Tunnels

Yes

Yes

Yes

Yes

Yes

Yes

No

OSPF Point to Multipoint

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Management

Cisco IOS File System

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Entity MIB

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Expression MIB

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Conditionally Triggered Debugging

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Multimedia

Protocol-Independent Multicasts Version 2

Yes

Yes

Yes

Yes

Yes

Yes

Yes

WAN Services

Always On/Direct ISDN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Dialer Watch

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MPPC-MS PPP Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MS Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

VPDN MIB Feature

No

Yes

Yes

Yes

Yes

No

Yes


Table 4: Cisco IOS Software Feature Sets for the Cisco 1700 Routers, Part 2
Feature Set
Features IP/IPX IP/IPX/
FW Plus
IP/IPX/
AT/IBM
IP/IPX/
AT/IBM/FW Plus IPSec 56
IP Plus IPSec 3DES IP/FW Plus 3DES IP/IPX/
AT/IBM/FW Plus 3DES
IBM Support

Bridging Code Rework

Yes

Yes

Yes

Yes

Yes

Yes

Yes

IP Routing

IP Type of Service and Precedence for GRE Tunnels

Yes

Yes

Yes

Yes

Yes

Yes

Yes

OSPF Point to Multipoint

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Management

Cisco IOS File System

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Entity MIB

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Expression MIB

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Conditionally Triggered Debugging

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Multimedia

Protocol-Independent Multicasts Version 2

Yes

Yes

Yes

Yes

Yes

Yes

Yes

WAN Services

Always On/Direct ISDN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Dialer Watch

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MPPC-MS PPP Compression

Yes

Yes

Yes

Yes

Yes

Yes

Yes

MS Callback

Yes

Yes

Yes

Yes

Yes

Yes

Yes

VPDN MIB Feature

No

Yes

No

Yes

Yes

Yes

Yes

System Requirements

This section describes the following:

Memory Requirements

Table 5 lists the memory delivered by default and the available memory upgrades.


Table 5: Default Memory and Upgrade Options
Memory Type Cisco 1720 Defaults Upgrade Options

Flash memory card

4 MB

4-MB upgrade: MEM1700-4MFC=
8-MB upgrade: MEM1700-8MFC=
16-MB upgrade: MEM1700-16MFC=

DRAM

16 MB

4-MB upgrade: MEM1700-4D=
8-MB upgrade: MEM1700-8D=
16-MB upgrade: MEM1700-16D=
32-MB upgrade: MEM1700-32D=

Hardware Supported

Router Software Loader (RSL)Version 7.3 supports many Cisco routers. Specific to the Cisco 1700 series routers, RSL 7.3 supports the Cisco 1720 series routers.

Software Compatibility

The feature packs described in these release notes contain Cisco IOS Release 12.0(2)T software images and Router Software Loader (RSL) Version 7.3. Before running RSL, read the "Installing Software Images Using the RSL" section.

Determining Your Software Release

To view the version of Cisco IOS software that is running on your Cisco 1600 series router, log in to the router, and enter the show version user EXEC command:

router> show version
 

An output begins similar to the following. The Cisco IOS version appears in the second line.

Cisco Internetwork Operating System Software 
IOS (tm) 1700 Software (C1700-BNR2Y-M), Version 12.0(2)T, RELEASE SOFTWARE
 

The output includes more information including processor revision numbers, memory amounts, hardware IDs, and partition information.

Updating to a New Software Release

For information on upgrading to a new software release, refer to the Cisco IOS Software Release  12.0T Upgrade Paths and Packaging Simplification  product bulletin #819 located on CCO. On CCO, follow this path: Products and Ordering: More Information: Product Bulletins. Scroll to Software. Under Cisco IOS 12.0, click the Upgrade Paths bulletin.

Installation Notes

This section provides solutions to problems you might encounter when using the RSL to load Cisco  IOS software on a router. It also describes special cases that might require you to load Cisco  IOS software on a CiscoPro router or to use an alternative to the RSL.

Installing Software Images Using the RSL

This section describes some solutions to problems you might encounter when using the RSL. These solutions are additions to RSL online help.

Using Fast Ethernet to Download the Image

When downloading a new image using RSL, you must select Fast Ethernet. If you select Ethernet only, the following error message occurs:

"This application has detected that the connected router has no Ethernet interface(s). You may want to check your router."

Recovering From a Connection Error

This installation tip provides a possible recovery solution if you are unable to connect to your access server or router. You can skip this section unless you are experiencing a connection error.

In some cases, you might receive the following error message while connecting to the target access server:

"Failed to configure the router to enable the Cisco IOS software image and configuration file upload and download operations. You may want to check the router to make sure that the selected interface exists."
 

If you encounter this message, try increasing the Short Timeout value, which is set to 25 seconds, in the Options dialog box, especially if you are connecting to an access server that has a large configuration file.


Note Increasing the Short Timeout value might increase the time it takes for RSL to connect to the target access server.

Restoring the Startup Configuration

In some cases, the RSL is unable to restore the startup configuration. If this happens, take the following steps:

Step 1 Ensure that all cables are properly attached to both the router and the PC.

Step 2 Restart the RSL, and connect by using the Preconfigured router option.

Step 3 When asked if you want to overwrite the existing startup configuration file, choose no.

Step 4 When asked if you want to continue, choose yes.

Step 5 When the router is connected, select Download Router Configuration in the Router  Software  Loader dialog box.

Step 6 Select the appropriate file, and click the radio button beside Copy configuration to the router nonvolatile memory.

The router should now contain the startup configuration it had before the initial RSL connection. You can now exit the RSL.


Note In the previous situation, the router configuration register (config-register 0xnnnn) is not restored.

Note If you press Ctrl-Alt-Delete to terminate the RSL, the router configuration and configuration register are not restored. However, in this case the configuration file is not deleted from the PC, so you can restore it using the previous steps, beginning with
Step 2.

Helpful Hints

The following information about RSL operations can help you with the installation process:

Alternatives to the RSL

The RSL is designed to work with a PC running Microsoft Windows  95 and is the recommended method for downloading software to the router. The booklet included with the CD-ROM explains how to perform this simple install process. However, two alternatives are available for installing router software:

Installing the Router Software Using the Console or Auxiliary Port

This section explains how to use the copy xmodem flash command to install the router software from the CD-ROM onto the router.


Note The transfer takes place only on the port at which you enter the command. If you download via the console, all console output is discarded for the duration of the transfer. You can only download files to the router; you cannot copy files from the router. Cisco recommends using the auxiliary port for this type of software download. The auxiliary port has hardware flow control and full modem control. In addition, the transfer does not occupy the system console so it is free for other uses.

The following example shows how to use the copy xmodem flash command on a Cisco 1700 series router:

Router# copy xmodem flash
                               **** WARNING ****
       x/ymodem is a slow transfer protocol limited to the current speed
       settings of the auxiliary/console ports. The use of the auxilary
       port for this download is strongly recommended.
       During the course of the download no exec input/output will be
       available.
                               ---- ******* ----
       Proceed? [confirm] yes
       Use crc block checksumming? [confirm] yes
       Max Retry Count [10]: 
       Perform image validation checks? [confirm] yes
       Xmodem download using crc checksumming with image validation
       Continue? [confirm] yes
       Partition   Size    Used      Free      Bank-Size  State          Copy Mode
         1         4096K   3259K      836K     4096K      Read/Write     Direct
         2         4096K      0K     4095K     4096K      Read/Write     Direct
 
       [Type ?<no> for partition directory; ? for full directory; q to abort]
       Which partition? [default = 1] 2
 
       System flash directory, partition 2:
       File  Length   Name/status
         1   68       TESTFILE  
       [132 bytes used, 4194172 available, 4194304 total]
       Destination file name? c1700-y-mz.120-1.XA3
       Erase flash device before writing? [confirm] yes
       Flash contains files. Are you sure you want to erase? [confirm]y
 
       Copy '' from server
         as 'c1700-y-mz.120-1.XA3' into Flash WITH erase? [yes/no] yes
       Erasing device... eeeeeeeeeeeeeeee ...erased
       Ready to receive file...........C
       Verifying checksum...  OK (0x5DE8)
       Flash device copy took 00:12:06 [hh:mm:ss]

Installing the Router Software Using a TFTP Server Application

Use this TFTP server application method as an alternative to using the RSL to install the router software from the CD-ROM. You can perform this procedure using a PC (running Microsoft Windows 95 or Microsoft Windows 3.1), a Macintosh, or a UNIX system. You can use either the copy tftp flash or copy rcp flash command to download the router software to the router.

Step 1 Obtain a TFTP application or a remote copy protocol (rcp) application to set up your computer as a TFTP server or an rcp server. Use the RSL or the TFTP server included on the feature pack CD-ROM to install the router software only if you are using a PC running Windows 95. For other operating systems, a number of TFTP or rcp applications are available from independent software vendors, or as shareware from public sources on the World Wide Web.


Note To use an rcp application, follow the same procedure, and substitute rcp for TFTP in the instructions. Use the copy rcp flash command instead of the copy tftp flash command.

Step 2 Install any TFTP server application on the PC. (A PC application is included on the feature pack CD-ROM for Microsoft Windows 95 only.)

Step 3 Launch the TFTP server application on the PC, usually by double-clicking the application icon or its .exe filename.

Step 4 Set up the PC as a TFTP server by using the TFTP server application setup or configuration facility.

Most TFTP server applications include a setup facility that allows you to specify the PC as a server. For example, from the TFTP menu of one application, you can select Settings to display a panel that includes a check box beside the word Server. To configure the local PC as a server, select this check box.

The TFTP server also allows the selection of a "root" directory. You must select the directory in which the Cisco  IOS files reside (for example, d:\cpswinst\images).

Caution Make sure you set up your local PC as a TFTP server. If you overlook this step, you cannot perform the copy procedure. This reminder also applies if you are using rcp instead of TFTP.

Step 5 Establish a console session from your local PC (which is now configured as a TFTP server) to the Cisco router by using one of these methods:

Step 6 Connect your PC Ethernet port to the corresponding router LAN port. Use the 10BaseT crossover cable to connect to an Ethernet port. Use straight-through cables if you are connecting via a 10BaseT hub or a 100BaseT hub.

Step 7 At the router prompt, enter enable and then the password:

    Router> enable
    Password: <password>
     
    

Step 8 At the router prompt, enter the following command to copy the new software image from the PC CD-ROM drive to the router:

Router# copy tftp flash

In the next series of steps, you download the Cisco IOS Release 11.3 images that you want installed on your router.

Step 1 When prompted, enter the IP address of your PC, as in the following example:

Address or name of remote host [255.255.255.255]? 131.108.1.1

This is the IP address of your local PC, not that of the router.

Step 2 When prompted, enter the file name of the Cisco IOS Release 12.0(2)T image to be copied to the router. For example:

    Source file name? 80355501.bin
     
    

This example specifies the DOS image name of the IP feature set for Cisco  1700 series routers (as shown in Table 2 in the section, "Feature Pack Overview Table").

Step 3 In response to the prompt, enter the destination UNIX image filename, and press Enter.

This is the name of the image file on the router, not the full pathname of the image on the CD-ROM attached to the PC. Refer to Table 2 in the section, "Feature Pack Overview Table" section for the UNIX image file name.

    Destination file name [80355501.bin]? c1700-y-mz.120-l
     
    

During the transfer process, the software displays messages indicating that it has accessed the file you have specified and is loading it.

Step 4 When asked whether you want to erase the existing image copy resident in the router Flash memory before copying the new one, enter yes.

Erase flash device before writing? [confirm] yes

The entire copying process takes several minutes and differs from network to network.

The exclamation point (!) indicates that the copy process is taking place. Each exclamation point (!) indicates that ten packets have been transferred successfully. A checksum verification of the image occurs after the image is written to Flash memory.

Step 5 Enter the reload command to reload the router:

    Router# reload
     
    

Step 6 Enter yes in response to the prompt asking if the system configuration has been modified:

    # System configuration has been modified. Save? yes
     
    

After reload is complete, the router should be running the required Cisco  IOS image. Use the show  version command to verify.

Caveats

This section describes possibly unexpected behavior by Cisco IOS Release 12.0(2)T. This section describes only severity 1 and 2 caveats.

If a User Datagram Protocol (UDP) packet with an invalid length is sent to port 514 (the "syslog" port) on an IOS device, the device is likely to reload. In this situation, a stack trace might not be saved. Such packets are sent by the popular nmap port scanning program.
Workaround:
You can work around this vulnerability by preventing any affected Cisco IOS device from receiving or processing UDP datagrams addressed to its port 514. This can be done either using packet filtering on surrounding devices, or by using input access list filtering on the affected IOS device itself. Input access lists have an impact on system performance, and should be installed with a degree of caution, especially on systems that are running very near their capacity limits.
If you use an input access list, that list should be applied to all interfaces to which attackers may be able to send datagrams. This includes not only physical LAN and WAN interfaces, but virtual subinterfaces of those physical interfaces, as well as virtual interfaces and/or interface templates corresponding to GRE, L2TP, L2F, and other tunnelling protocols.
The input access list must block traffic destined for any of the Cisco IOS device's own IP addresses, as well as for any broadcast or multicast addresses on which the Cisco IOS device may be listening. It's important to remember to block old-style "all-zeroes" broadcasts as well as new-style "all-ones" broadcasts.
There is no single input access list that will work in all configurations. It is very important that you understand the effect of your access list in your specific configuration before you activate
the list.
The following example shows a possible access list for a three-interface router, along with the configuration commands needed to apply that access list. The example assumes no need for input filtering other than as a workaround for this vulnerability.
      ! Deny all multicasts, and all unspecified-net broadcasts, to port 514
      access-list 101 deny udp any 224.0.0.0 31.255.255.255 eq 514
      ! Deny old-style unspecified-net broadcasts
      access-list 101 deny udp any host 0.0.0.0 eq 514
      ! Deny network-specific broadcasts. This example assumes that all of
      ! the local interfaces are on the class B network 172.16.0.0, subnetted
      ! everywhere with mask 255.255.255.0. This will differ from network
      ! to network. Note that we block both new-style and old-style broadcasts.
      access-list 101 deny udp any 172.16.0.255 0.0.255.0 eq 514
      access-list 101 deny udp any 172.16.0.0   0.0.255.0 eq 514
      ! Deny packets sent to the addresses of our own network interfaces.
      access-list 101 deny udp any host 172.16.1.1 eq 514
      access-list 101 deny udp any host 172.16.2.1 eq 514
      access-list 101 deny udp any host 172.16.3.3 eq 514
      ! Permit all other traffic (default would be to deny)
      access-list 101 permit ip any any
 
      ! Apply the access list to the input side of each interface
      interface ethernet 0
      ip address 172.16.1.1 255.255.255.0
      ip access-group 101 in
 
      interface ethernet 2
      ip address 172.16.2.1 255.255.255.0
      ip access-group 101 in
 
      interface ethernet 3
      ip address 172.16.3.3 255.255.255.0
      ip access-group 101 in
 
It can be complicated to list all possible addresses, and especially all possible broadcast addresses, to which attack packets might be sent. If you do not expect to receive any legitimate syslog traffic on an interface, you may wish to simply block all syslog traffic arriving on that interface. Remember that this will affect traffic routed through the Cisco IOS device as well as traffic destined to the device.

Documentation Updates

Due to a production problem, many source-route bridging commands were omitted from the printed version of the Cisco IOS Software Command Summary (78-4746-xx, DOC-CIOSCS11.3=). For complete documentation of all source-route bridging commands, refer to the Bridging and IBM Networking Command Reference (78-4743-xx). You can also obtain the most current documentation on the Documentation CD-ROM or Cisco Connection Online (CCO).

Related Documentation

This section describes the documentation related to the Cisco 1700 routers, typically including hardware installation guides, software installation guides, Cisco IOS configuration and command references, system error messages, and feature modules that are updates to the Cisco IOS documentation set. Documentation is available as printed manuals or electronic documents, except for the feature modules that are available online only.

The most up-to-date documentation can be found on the Web via Cisco Connection Online (CCO) and on the latest Documentation CD-ROM. These electronic documents might contain updates and modifications made after the paper documents were printed. For information on CCO, refer to the "Cisco Connection Online" section later in this document. For more information on to the CD-ROM, refer to the "Documentation CD-ROM" section later in this document.

This section contains the following subsections:

Release-Specific Documents

The following documents are specific to Release12.0 T. They are located on CCO and the Documentation CD-ROM:

To access the cross-platform Release Notes for Cisco IOS Release 12.0 T on CCO, follow this path:
Software and Support: Cisco Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Release Notes: Cross-Platform Release Notes for Cisco IOS
Release 12.0 T

To access the cross-platform Release Notes for Cisco IOS Release 12.0 T on the Documentation CD-ROM, follow this path:
Cisco IOS Software Configuration: Cisco IOS Release 12.0: Release Notes: Cross-Platform Release Notes for Cisco IOS Release 12.0 T
To access these documents, refer to the Software Center at this path on CCO:
Software & Support: Software Center: Cisco IOS Software
As a supplement to the caveats listed in the "Caveats" section in these release notes, see the Caveats for Cisco IOS Release 12.0 T document, which contains caveats applicable to all platforms for all maintenance releases of Release 12.0 T.
To access the caveat document on CCO, follow this path:
Products and Ordering: Cisco Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Caveats: Caveats for Cisco IOS Release 12.0 T
To access the caveat document on the Documentation CD-ROM, follow this path:
Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS 12.0: Caveats: Caveats for Cisco IOS Release 12.0 T

Note If you have an account with CCO, you can use Bug Navigator II to find caveats of any severity for any release. Bug Navigator II can be found at http://www.cisco.com/support/bugtools, or from CCO, select Software & Support: Tools: Bug Toolkit II.

Platform-Specific Documents

The following list contains the documents specific to the Cisco 1700 series routers. These documents are available on CCO and the Documentation CD-ROM.

To access these documents on CCO, follow this path:

Products and Ordering: Cisco Documentation: Cisco Product Documentation/Access Servers and Access Routers: Modular Access Routers: Cisco 1700

To access these documents on the Documentation CD-ROM, follow this path:

Cisco Product Documentation: Cisco Product Documentation: Access Servers and Access Routers: Modular Access Routers: Cisco 1700

Feature Modules

Feature modules describe new features introduced in 12.0 T releases and are updates to the Cisco  IOS documentation set. As updates, the features modules are available online only. The feature  module information will be added to the Cisco IOS documentation set before the next printing. Feature modules have a brief overview of the feature, benefits, configuration tasks, and a command reference.

To access the 12.0 T feature modules on CCO, follow this path:

Products and Ordering: Cisco Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Cisco IOS 12.0T New Features.

To access the feature modules on the documentation CD-ROM, follow this path:

Cisco Product Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Cisco IOS 12.0T New Features.

Cisco IOS Documentation Set

The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents. These documents are shipped with your order in electronic form on the Documentation CD-ROM, unless you specifically ordered the printed versions.

Documentation Modules

Each module in the Cisco IOS documentation set consists of two books: a configuration guide and a corresponding command reference. Chapters in a configuration guide describe protocols, configuration tasks, and Cisco IOS software functionality and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Each configuration guide can be used in conjunction with its corresponding command reference.

To access these documents on CCO, follow this path:

Products and Ordering: Cisco Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0: Cisco IOS Release 12.0 Configuration Guides and Command References

To access these documents on the Documentation CD-ROM, follow this path:

Cisco IOS Software Configuration: Cisco IOS Release 12.0: Cisco IOS Release 12.0 Configuration Guides and Command References

Release 12.0 Documentation Set

Table 6 details the contents of the Cisco IOS Release 12.0 software documentation set. The document set is available in electronic form, and also in printed form upon request.


Note The most current Cisco IOS documentation can be found on the latest Documentation CD-ROM and on the Web. These electronic documents might contain updates and modifications made after the paper documents were printed.

To access the Cisco IOS documentation set on CCO, follow this path:

Products and Ordering: Cisco Documentation: Cisco IOS Software Configuration: Cisco IOS Release 12.0

To access the Cisco IOS documentation set on the Documentation CD-ROM, follow this path:

Cisco IOS Software Configuration: Cisco IOS Release 12.0


Table 6: Cisco IOS Documentation Set for Release 12.0
Books Chapter Topics

  • Configuration Fundamentals Configuration Guide

  • Configuration Fundamentals Command Reference

Configuration Fundamentals Overview
Cisco IOS User Interfaces
File Management
System Management

  • Bridging and IBM Networking Configuration Guide

  • Bridging and IBM Networking Command Reference

Transparent Bridging
Source-Route Bridging
Token Ring Inter-Switch Link
Remote Source-Route Bridging
DLSw+
STUN and BSTUN
LLC2 and SDLC
IBM Network Media Translation
DSPU and SNA Service Point
SNA Frame Relay Access Support
APPN
Cisco Database Connection
NCIA Client/Server Topologies
Cisco Mainframe Channel Connection
Airline Product Set

  • Dial Solutions Configuration Guide

  • Dial Solutions Command Reference

Dial-In Port Setup
Dial-In Terminal Services
Dial-on-Demand Routing (DDR)
Dial Backup
Dial-Out Modem Pooling
Large-Scale Dial Solutions
Cost-Control Solutions
ISDN
X.25 over ISDN
VPDN
Dial Business Solutions and Examples

  • Cisco IOS Interface Configuration Guide

  • Cisco IOS Interface Command Reference

Interface Configuration Overview

  • Network Protocols Configuration Guide, Part 1

  • Network Protocols Command Reference, Part 1

IP Addressing
IP Services
IP Routing Protocols

  • Network Protocols Configuration Guide, Part 2

  • Network Protocols Command Reference, Part 2

AppleTalk
Novell IPX

  • Network Protocols Configuration Guide, Part 3

  • Network Protocols Command Reference, Part 3

Apollo Domain
Banyan VINES
DECnet
ISO CLNS
XNS

  • Security Configuration Guide

  • Security Command Reference

AAA Security Services
Security Server Protocols
Traffic Filtering and Firewalls
IP Security and Encryption
Passwords and Privileges
Neighbor Router Authentication
IP Security Options

  • Cisco IOS Switching Services Configuration Guide

  • Cisco IOS Switching Services Command Reference

Switching Paths for IP Networks
Virtual LAN (VLAN) Switching and Routing

  • Wide-Area Networking Configuration Guide

  • Wide-Area Networking Command Reference

ATM
Frame Relay
SMDS
X.25 and LAPB

  • Voice, Video, and Home Applications Configuration Guide

  • Voice, Video, and Home Applications Command Reference

Voice over IP
Voice over Frame Relay
Voice over ATM
Voice over HDLC
Video Support
Universal Broadband Features

  • Quality of Service Solutions Configuration Guide1

  • Quality of Service Solutions Command Reference1

Classification
Scheduling
Packet Drop
Traffic Shaping
ATM QoS
SNA QoS
Line Protocols

  • Cisco IOS Software Command Summary

  • Dial Solutions Quick Configuration Guide

  • System Error Messages

  • Debug Command Reference

1This book will not be available until January 1999.


Note The Cisco Management Information Base (MIB) User Quick Reference publication is no longer being published. For the latest list of MIBs supported by Cisco, see the Cisco Network Management Toolkit on Cisco Connection Online. On CCO, go to Software and Support, select Software Center, and click Network Management Products. Next, select Cisco Network Management Toolkit, and click Cisco MIBs.

Service and Support

For service and support for a product purchased from a reseller, contact the reseller. Resellers offer a wide variety of Cisco service and support programs, which are described in the section "Service and Support" in the information packet that shipped with your product.


Note If you purchased your product from a reseller, you can access CCO as a guest. CCO is Cisco Systems' primary real-time support channel. Your reseller offers programs that include direct access to CCO services.

For service and support for a product purchased directly from Cisco, use CCO.

Software Configuration Tips on the Cisco TAC Home Page

The following URL contains links to access helpful tips on configuring your Cisco products:

http://www.cisco.com/kobayashi/serv_tips.shtml

This URL is subject to change without notice. If it changes, point your web browser to http://www.cisco.com/, and follow this path: Software & Support, Technical Tips (button on left margin).

"Hot Tips" are popular tips and hints gathered from the Cisco Technical Assistance Center (TAC). Most of these documents are available from the TAC fax-on-demand service. To access fax-on-demand and receive documents at your fax machine from the USA, call 888-50-CISCO (888-502-4726). From other areas, call 415-596-4408.

The following sections are provided from the Technical Tips page:

Cisco Connection Online

Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.

Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.

CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.

You can access CCO in the following ways:

For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.


Note If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800  553-2447, 408  526-7209, or tac@cisco.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800  553-6387, 408  526-7208, or cs-rep@cisco.com.

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.

If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.



hometocprevnextglossaryfeedbacksearchhelp
Posted: Fri Jan 22 13:46:35 PST 1999
Copyright 1989-1999©Cisco Systems Inc.