Table Of Contents
Determining Your Software Release
Upgrading to a New Software Release
Determining Which Software Images (Feature Sets) Support a Specific Feature
Determining Which Features Are Supported in a Specific Software Image (Feature Set)
New Hardware in Cisco IOS Release 12.2(15)ZJ4 and Cisco IOS Release 12.2(15)ZJ5
New Software Features in Release 12.2(15)ZJ4 and Cisco IOS Release 12.2(15)ZJ5
New Hardware in Cisco IOS Release 12.2(15)ZJ3
New Software Features in Release 12.2(15)ZJ3
New Hardware and Software Features in Cisco IOS Release 12.2(15)ZJ2
New Hardware in Release 12.2(15)ZJ1
Cisco Intrusion Detection System (IDS) Network Module (NM-CIDS-K9)
Cisco Unity Express Network Module (NM-CUE)
New Software Features in Release 12.2(15)ZJ1
Support for the Cisco Intrusion Detection System (IDS) Network Module
New Hardware in Release 12.2(15)ZJ
1-Port ADSL over ISDN WAN Interface Card
Cisco NM-16 A/S Network Module
DES/3DES/AES VPN Encryption Module (AIM-VPN/BPII)
IP Communications Voice/Fax Network Modules
New Software Features in Release 12.2(15)ZJ
Cisco IOS MGCP Gateway Support for Cisco CallManager Network Specific Facilities
Cisco IOS Telephony Services Version 3.0
Cisco SIP Survivable Remote Site Telephony (SRST)
Cisco Survivable Remote Site Telephony (SRST) Version 3.0
Custom Tone Download to Cisco IOS MGCP Gateways from Cisco CallManager
Enhanced ITU-T G.168 Echo Cancellation
Enhancements to the 16- and 36-Port Ethernet Switch Network Module
MGCP-Controlled Backhaul of BRI Signaling
Private Line Automatic Ringdown for Trading Turrets
Support for IP Communications Voice/Fax Network Modules
Open Caveats—Cisco IOS Release 12.2(15)ZJ5
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ5
Open Caveats—Cisco IOS Release 12.2(15)ZJ4
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ4
Open Caveats—Cisco IOS Release 12.2(15)ZJ3
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ3
Open Caveats—Cisco IOS Release 12.2(15)ZJ2
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ2
Open Caveats—Cisco IOS Release 12.2(15)ZJ1
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ1
Open Caveats—Cisco IOS Release 12.2(15)ZJ
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ
Cisco IOS Software Documentation Set
Release 12.2 Documentation Set
Obtaining Technical Assistance
Obtaining Additional Publications and Information
Release Notes for the Cisco 2600XM Series and Cisco 2691 Modular Access Routers for Cisco IOS Release 12.2(15)ZJ5
April 26, 2004
Cisco IOS Release 12.2(15)ZJ5
OL-4372-01 Rev G0
These release notes for the Cisco 2600XM series and Cisco 2691 modular access routers describe the product-related enhancements provided in Cisco IOS Release 12.2(15)ZJ5. These release notes are updated as needed.
For a list of the software caveats that apply to Cisco IOS Release 12.2(15)ZJ5, see "Caveats" section. See also Caveats for Cisco IOS Release 12.2 T, which is updated for every maintenance release and is located on Cisco.com.
Use these release notes with Cross-Platform Release Notes for Cisco IOS Release 12.2 T located on Cisco.com.
Cisco recommends that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/warp/customer/tech_tips/index/fn.html. If you do not have a Cisco.com login account, you can find field notices at http://www.cisco.com/warp/public/tech_tips/index/fn.html.
Note Cisco IOS Release 12.2(15)ZJ5 is the last scheduled maintenance release for Cisco IOS Release 12.2(15)ZJ. TAC support will continue to be available. These release notes will be the last release notes published for Cisco IOS Release 12.2(15)ZJ.
Contents
These release notes describe the following topics:
•MIBs
•Obtaining Technical Assistance
Inheritance Information
Cisco IOS Release 12.2(15)ZJ5, an early deployment release, is based on Cisco IOS Release 12.2(15)T, which in turn is based on Cisco IOS Release 12.2. Cisco IOS Release 12.2(15)T is the sixth early deployment maintenance release of Cisco IOS Release 12.2 T and is based on the mainline Cisco IOS Release 12.2.
All features in Cisco IOS Release 12.2(15)T are in Cisco IOS Release 12.2(15)ZJ5.
Table 1 References for the Cross-Platform Release Notes for Cisco IOS Release 12.2 T and Cisco IOS Release 12.2(15)T
Topic Location•Determining the Software Version
•Upgrading to a New Software Release
To view information about the topics in the left-hand column, click Cross-Platform System Requirements at: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/ 122relnt/xprn122t/122treqs.htm
•New and Changed Information (Feature Descriptions)
•MIBs
•Important Notes
To view information about the topics in the left-hand column.
For Cisco IOS Release 12.2 T, go to:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122relnt/xprn122t/122tnewf.htm
Scroll down and click New Software Features in Cisco IOS Release 12.2(15)T, or MIBs, or Important Notes.
•Related Documentation
•Obtaining Documentation
•Obtaining Technical Assistance
To view information about the topics in the left-hand column, go to:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/ 122relnt/xprn122t/122tdocs.htm
Introduction
Cisco IOS Release 12.2(15)ZJ5 supports the Cisco 2600XM series and Cisco 2691 modular access routers.
The Cisco 2600 series is a family of modular access routers, providing flexible LAN and WAN configurations, multiple security options and a range of high-performance processors. This range of features makes the Cisco 2600 family the ideal branch-office router for today's business requirements.
The latest additions to the Cisco 2600 series family of modular routers include the Cisco 2600XM models and the Cisco 2691. These new models deliver extended performance, higher density, enhanced security performance and increased concurrent application support to meet the growing demands of branch offices.
The Cisco 2600 modular access routers offer versatility, integration, and power. With over 70 network modules and interfaces, the modular architecture of the Cisco 2600 Series easily allows interfaces to be upgraded to accommodate network expansion.
The Cisco 2600 series is a key member of the Cisco data/voice/video integration portfolio, delivering the industry's broadest range of end-to-end IP and Frame Relay-based packet telephony solutions.
The Cisco 2600 series shares modular interfaces with the Cisco 1600, Cisco 1700, Cisco 3600, and Cisco 3700 Series routers, providing a solution to meet the branch office needs for applications such as the following:
•Internet/intranet access with firewall security
•Multiservice voice/data integration
•Analog and digital dial access services
•Virtual Private Network (VPN) access
•Inter-VLAN routing
•Routing with bandwidth management
For information on new features and Cisco IOS commands supported by Cisco IOS Release 12.2(15)ZJ5, see "New and Changed Information" section and "Related Documentation" section.
Early Deployment Releases
These release notes describe Cisco IOS Release 12.2(15)ZJ5 for the Cisco 2600XM series and Cisco 2691 modular access routers. Cisco IOS Release 12.2(15)ZJ5 is an early deployment (ED) release based on Release 12.2(15)T, which in turn is based on Cisco IOS Release 12.2. Early deployment releases contain fixes to software caveats as well as support for new Cisco hardware and software features. Feature support is cumulative from release to release, unless otherwise noted.
Table 2 lists new features supported by the Cisco 2600XM series and Cisco 2691 modular access routers in Cisco IOS Release 12.2(15)ZJ5. See "Platform-Specific Documents" section for a list of the documentation specific to the Cisco 2600XM series and Cisco 2691 modular access routers.
1 Only major features are listed.
2 MIB = Management Information Base
System Requirements
This section describes the system requirements for Cisco IOS Release 12.2(15)ZJ5 and includes the following sections:
•Determining Your Software Release
•Upgrading to a New Software Release
Memory Recommendations
Table 3 displays the memory recommendations of the Cisco IOS feature sets for the Cisco 2600XM series and Cisco 2691 modular access routers for Cisco IOS Release 12.2(15)ZJ5.
Cisco 2600XM series and Cisco 2691 modular access routers are available with a 32-MB Flash memory card.
Supported Hardware
Cisco IOS Release 12.2(15)ZJ5 supports the following Cisco 2600 series platforms:
•Cisco 2610XM, Cisco 2611XM
•Cisco 2620XM, Cisco 2621XM
•Cisco 2650XM, Cisco 2651XM
•Cisco 2691
For detailed descriptions of the new hardware features, see the "New and Changed Information" section.
For a complete list of network modules and interface cards supported on Cisco 2600 series modular access routers, refer to the "Relevant Interfaces and Modules" table on Cisco.com at the following URL:
http://www.cisco.com/en/US/products/hw/routers/ps259/products_relevant_interfaces_and_modules.html
For information about supported hardware for this platform and release, refer to the Hardware/Software Compatibility Matrix in the Cisco Software Advisor at the following location:
http://www.cisco.com/cgi-bin/front.x/Support/HWSWmatrix/hwswmatrix.cgi
Determining Your Software Release
To determine the version of Cisco IOS software running on the Cisco 2600XM series and Cisco 2691 modular access routers, log in to the router and enter the show version EXEC command:
Router> show versionCisco Internetwork Operating System SoftwareIOS (tm) 12.2 ZJ Software (C2600-js-mz), Version 12.2(15)ZJ, RELEASE SOFTWARE
Upgrading to a New Software Release
For general information about upgrading to a new software release, see Cisco IOS Upgrade Ordering Instructions located at: http://tools.cisco.com/Support/Fusion/FusionHome.do
Feature Support
Cisco IOS software is packaged in feature sets that consist of software images that support specific platforms. The feature sets available for a specific platform depend on which Cisco IOS software images are included in a release. Each feature set contains a specific set of Cisco IOS features.
To improve the usability of the release notes documentation, Cisco IOS Release 12.2(15)ZJ release notes no longer contains the feature set tables. The feature-to-image mapping that was provided by the feature set tables is available through Cisco Feature Navigator.
Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or by feature set (software image). Under the release section, you can compare Cisco IOS software releases side by side to display both the features unique to each software release and the features that the releases have in common.
To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
http://tools.cisco.com/RPF/register/register.do
Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:
http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp
To choose a new Cisco IOS software release based on information about defects that affect that software, use Bug Toolkit at:
http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl.
Caution Cisco IOS images with strong encryption (including, but not limited to 168-bit (3DES) data encryption feature sets) are subject to U.S. government export controls and have limited distribution. Strong encryption images to be installed outside the United States are likely to require an export license. Customer orders may be denied or subject to delay because of U.S. government regulations. When applicable, the purchaser/user must obtain local import and use authorizations for all encryption strengths. Please contact your sales representative or distributor for more information, or send an e-mail to export@cisco.com.
Determining Which Software Images (Feature Sets) Support a Specific Feature
To determine which software images (feature sets) in Cisco IOS Release 12.2(15)ZJ support a specific feature, go to the Cisco Feature Navigator home page, enter your Cisco.com login, and perform the following steps:
Step 1 From the Cisco Feature Navigator home page, click Feature.
Step 2 To find a feature, use either "Search by full or partial feature name" or "Browse features in alphabetical order." Either a list of features that match the search criteria or a list of features that begin with the number or letter selected from the ordered list will be displayed in the text box on the left side of the web page.
Step 3 Select a feature from the left text box, and click the Add button to add a feature to the Selected Features text box on the right side of the web page.
Note To learn more about a feature in the list, click the Description button below the left box.
Repeat this step to add additional features. A maximum of 20 features can be chosen for a single search.
Step 4 Click Continue when you are finished selecting features.
Step 5 From the Major Release drop-down menu, choose 12.2T.
Step 6 From the Release drop-down menu, choose the appropriate maintenance release.
Step 7 From the Platform Family drop-down menu, select the appropriate hardware platform. The "Your selections are supported by the following:" table will list all the software images (feature sets) that support the feature(s) that you selected.
Determining Which Features Are Supported in a Specific Software Image (Feature Set)
To determine which features are supported in a specific software image (feature set) in Cisco IOS Release 12.2(15)ZJ, go to the Cisco Feature Navigator home page, enter your Cisco.com login, and perform the following steps:
Step 1 From the Cisco Feature Navigator home page, click Compare/Release.
Step 2 In the "Find the features in a specific Cisco IOS release, using one of the following methods:" box, choose 12.2 T from the Cisco IOS Major Release drop-down menu.
Step 3 Click Continue.
Step 4 From the Release drop-down menu, choose the appropriate maintenance release.
Step 5 From the Platform Family drop-down menu, choose the appropriate hardware platform.
Step 6 From the Feature Set drop-down menu, choose the appropriate feature set. The "Your selections are supported by the following:" table will list all the features that are supported by the feature set (software image) that you selected.
New and Changed Information
The following sections list the new hardware products and software features supported by the Cisco 2600XM series and Cisco 2691 modular access routers in Cisco IOS Release 12.2(15)ZJ5.
For more information about these features, refer to the documents listed in the "Related Documentation" section.
New Hardware in Cisco IOS Release 12.2(15)ZJ4 and Cisco IOS Release 12.2(15)ZJ5
No new hardware products are supported by the Cisco 2600XM series and Cisco 2691 modular access routers for Cisco IOS Release 12.2(15)ZJ5. Cisco IOS Release 12.2(15)ZJ4 is not distributed for widespread availability.
New Software Features in Release 12.2(15)ZJ4 and Cisco IOS Release 12.2(15)ZJ5
No new software features are supported by the Cisco 2600XM series and Cisco 2691 modular access routers for Cisco IOS Release 12.2(15)ZJ5. Cisco IOS Release 12.2(15)ZJ4 is not distributed for widespread availability.
New Hardware in Cisco IOS Release 12.2(15)ZJ3
No new hardware products are supported by the Cisco 2600XM series and Cisco 2691 modular access routers for Cisco IOS Release 12.2(15)ZJ3.
New Software Features in Release 12.2(15)ZJ3
Cisco CallManager Express 3.0
Cisco CallManager Express (Cisco CME) is the new name for the product previously known as Cisco IOS Telephony Services (Cisco ITS). In addition to the features introduced in Cisco IOS Release 12.2(15)ZJ, the current release adds support for the Cisco Wireless IP Phone 7920 when it registers with Cisco CME as a Cisco IP Phone 7960. In this release, there are a set of features that are not supported on the Cisco Wireless IP Phone 7920 (intercom and paging to the phones are the two most prominent). These features and others will be added in future releases.
For additional information, refer to the Cisco CallManager Express 3.0 System Administrator Guide at:
A new command reference document collects all the Cisco CallManager Express 3.0 commands in a single location. See the Cisco CallManager Express 3.0 Command Reference at:
New Hardware and Software Features in Cisco IOS Release 12.2(15)ZJ2
No new hardware and software features are supported by the Cisco 2600XM series and Cisco 2691 modular access routers for Cisco IOS Release 12.2(15)ZJ2.
New Hardware in Release 12.2(15)ZJ1
Cisco Intrusion Detection System (IDS) Network Module (NM-CIDS-K9)
Cisco IOS Release 12.2(15)ZJ1 introduces the Cisco Intrusion Detection System (IDS) network module, part number NM-CIDS-K9. The Cisco IDS network module is installed on a Cisco 3725 or a Cisco 3745 chassis to provide full-featured intrusion-protection services within the router. The Cisco IDS network module provides the ability to:
•inspect all traffic traversing the router.
•identify malicious activity.
•terminate illegitimate traffic.
•integrate the Cisco IDS functionality into the branch office router.
•implement full-featured Cisco IDS at your remote branch offices.
•install theCisco IDS network module in any one of the network module slots on the Cisco 2600, 3600, and 3700 series routers.
The Cisco IDS network module provides up to 45 Mbps of intrusion detection capability. Only one Cisco IDS network module is supported per router and is not hot-swappable. The network module runs the latest version of the Cisco IDS software, version 4.1.
You can manage and retrieve events from the Cisco IDS network module through Cisco IOS CLI or through one of these Cisco IDS managers—IDS Device Manager or Management Center for IDS Sensors.
The Cisco IDS network module supports the following interfaces:
•One internal 10/100 Ethernet port—connects to the router's backplane
•One external 10/ 100-based Ethernet port—used for device management (management of other routers and/or PIX Firewalls to perform shunning) and command and control of the Cisco IDS network module by the Cisco IDS manager.
For instructions on accessing the Cisco IDS documentation on Cisco.com, refer to the Cisco Intrusion Detection System (IDS) Hardware and Software Version 4.1 Documentation Guide that shipped with your IDS router module. It is at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/15593_01.htm
For basic installation information, refer to "Connecting Cisco Intrusion Detection System Network Modules," in Cisco Network Modules Hardware Installation Guide, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis2600/hw_inst/nm_inst/
nm-doc/index.htmCisco Unity Express Network Module (NM-CUE)
Cisco IOS Release 12.2(15)ZJ1 introduces the new Cisco Unity Express network module, NM-CUE. The NM-CUE is a one-slot (single-wide) network module. The NM-CUE uses an Intel 500MHZ Pentium III processor with 256 MB SDRAM. Because the NM-CUE is a self-contained processing unit for voice applications, it adds business critical voice capabilities to the router without burdening the router processor.
The Cisco Unity Express network module supports hot-swapping or online insertion and removal (OIR) only on the Cisco 3745 platform.
Note The Fast Ethernet port and compact Flash slot, though available on the hardware, are not supported by the Cisco Unity Express network module.
New Software Features in Release 12.2(15)ZJ1
Support for the Cisco Intrusion Detection System (IDS) Network Module
Cisco IOS Release 12.2(15)ZJ1 introduces support for the Cisco Intrusion Detection System (IDS) network module, part number NM-CIDS-K9. The Cisco IDS network module provides full-featured intrusion-protection services within the Cisco 2600XM series or Cisco 2691 router. The Cisco IDS network module provides the ability to inspect all traffic traversing the router, to identify malicious activity, and to terminate illegitimate traffic.
The IDS router module supports the following software:
•Cisco IOS software 12.2(15)ZJ1 or later
•Cisco IDS software 4.1 or later
Note Do not confuse Cisco IOS Firewall IDS (a software-based intrusion-detection application that runs in the Cisco IOS) with the IDS that runs on the IDS network module. The IDS network module runs Cisco IDS version 4.1. Because performance can be reduced and duplicate alarms can be generated, we recommend that you do not run Cisco IOS Firewall IDS and Cisco IDS version 4.1 simultaneously.
The IDS network module supports the following feature sets in Cisco IOS Release 12.2(15)ZJ1:
•IOS IP/FW/IDS/Plus IPSEC 3DES
•IOS Enterprise/FW/IDS/Plus IPSEC 3DES
Note All IDS network modules have Online Insertion Removal (OIR) support, but OIR is supported only on the Cisco 3660 series and Cisco 3745 platforms.
The following Cisco IOS command is new to support the IDS network module:
service-module ids-sensor slot_number/0 {reload|reset|session|shutdown|status}For instructions on accessing the IDS documentation on Cisco.com, refer to the Cisco Intrusion Detection System (IDS) Hardware and Software Version 4.1 Documentation Guide that shipped with your IDS router module. It is at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/15593_01.htm
Cisco Unity Express
Cisco IOS Release 12.2(15)ZJ1 introduces Cisco Unity Express software, which provides support for the Cisco Unity Express network module, NM-CUE.
Cisco Unity Express is a voice mail system installed in the NM-CUE for operation with a Cisco 2600XM series, Cisco 2691, Cisco 3725, or Cisco 3745 router. It provides entry-level, IP-based voice mail and auto attendant services for small branch office environments.
Cisco Unity Express operates under Cisco CallManager Express control and is integrated into Cisco's mid-range full service branch office routers for voice and data services in a single network device. CUE is supported on the Cisco 2600XM series, Cisco 2691, Cisco 3725, and Cisco 3745 routers. Together, CME and CUE provide a completely integrated IP telephony system for a seamless user experience. CUE offers voicemail for as few as 1-2 users or up to 50 mailboxes for the small branch office of an Enterprise or for the small business with multiple branches. Because CME is inherent to Cisco IOS and CUE is integrated into Cisco's voice gateway routers on which Cisco IOS operates, they combine to be a powerful all-in-one, productivity enhancing, branch voice and data communication system.
For further information refer to CUE product literature and product documentation.
New Hardware in Release 12.2(15)ZJ
The following new hardware products are supported in Cisco IOS Release 12.2(15)ZJ.
1-Port ADSL over ISDN WAN Interface Card
Cisco IOS Release 12.2(15)ZJ introduces the new Cisco ADSL over ISDN Support WAN interface card (WIC), WIC-1ADSL-I-DG. The WIC-1ADSL-I-DG card is a 1-Port asymmetric digital subscriber line (ADSL) WIC for Cisco modular access routers. This 1-port WIC card allows the co-existence of ADSL and ISDN on the same local loop and provides high-speed ADSL digital data transfer between a single customer premises equipment (CPE) subscriber and a central office. The WIC supports the UR-2 and Annex B G.992.1 technical specifications.
Cisco NM-16 A/S Network Module
The NM-16 A/S is a slow-speed, high-density serial network module (NM) offering asynchronous and synchronous interfaces and flexible port configuration. It supports:
•Synchronous interfaces that support a data rate of up to 128 Kbps.
•Asynchronous interfaces that support a data rate of up to 115.2 Kbps.
•Configurable data terminal equipment (DTE) and data circuit-terminating equipment (DCE)
DES/3DES/AES VPN Encryption Module (AIM-VPN/BPII)
The VPN Encryption AIM provides hardware-based DES/3DES/AES and IPPCP compression services for the Cisco 2610XM-2611XM, Cisco 2620XM-2621XM, and Cisco 2650XM-2651XM routers.
For more information about configuring the virtual private network (VPN) encryption hardware advanced integration modules (AIM-VPN/BPII) and network modules, refer to the following document:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/gtaimvpn.htm
Restriction
The AIM-VPN/BPII is not supported on the Cisco 2691.
IP Communications Voice/Fax Network Modules
Cisco IOS Release 12.2(15)ZJ introduces new voice/fax network modules that support IP communications. The IP communications voice/fax network modules provide the ability to directly connect the PSTN and legacy telephony equipment to Cisco 2600XM series and Cisco 2691 modular access routers, enabling important applications such as IP telephony, toll bypass, and full gateway integration.
Voice network modules convert telephone voice signals into a form that can be transmitted over an IP network. These modules have one or two slots for installing supported interface cards. Voice interface cards (VICs) or voice/WAN interface cards (VWICs) installed in the voice network module provide physical connections to the telephony equipment or network.
The new network modules that support the IP communications voice/fax feature are:
•NM-HD-1V
•NM-HD-2V
•NM-HD-2VE
The new network modules support the following new VIC2 voice interface cards (VICs):
•VIC2-2FXS—two-port voice interface card, FXS
An FXS interface connects directly to a standard telephone, fax machine, or similar device. This interface supplies ringing voltage, dial tone, and so on to the station.
•VIC2-2FXO—two-port voice interface card, FXO (Universal); supports CAMA with software configuration.
An FXO interface connects local calls to a central office or PBX. This is the interface a standard telephone provides.
•VIC2-4FXO—four-port voice interface card, FXO (Universal); supports CAMA with software configuration.
•VIC2-2E&M—two-port voice interface card, E&M
E&M is a signaling technique for two-wire and four-wire telephone and trunk interfaces. The E&M interface typically connects remote calls from an IP network to a PBX.
•VIC2-2BRI-NT/TE—2-port voice interface card, BRI
The ISDN BRI voice interface card provides a client-side (TE) ISDN S/T physical interface for connection to an NT1 terminating an ISDN telephone network. Each of its two ports can carry two voice calls (one over each ISDN B channel), for a total of four calls per ISDN BRI card.
Note The VIC2-2FXO, VIC2-4FXO, VIC2-2E&M, and VIC2-2BRI-NT/TE voice interface cards replace the VIC-2FXO, VIC-4FXO, VIC-2E&M, and VIC-2BRI-NT/TE voice interface cards, respectively.
The new network modules support the following existing VICs and voice WAN interface cards (VWICs):
•VIC-2DID—two-port DID voice interface card
A Direct Inward Dial (DID) voice interface enables a Cisco 2600 series, Cisco 3600 series, or Cisco 1700 series router to provide DID service to extensions on a PBX.
•VIC-4FXS/DID—four-port FXS or DID VIC
Note Cisco 2600XM and Cisco 2691series routers do not support DID on the 4-port FXS/DID cards in this release.
Note The supported VICs require Cisco IOS Release 12.2(15)ZJ or later.
The new NM-HD-2VE network module supports the following existing 1- and 2-port T1/E1 multiflex trunk WAN interface cards (VWICs):
•VWIC-2MFT-T1—two-port T1 RJ-48 Multiflex Trunk
•VWIC-1MFT-T1—one-port T1 Multiflex Trunk Interface Card
•VWIC-2MFT-T1-DI—two-port T1 Multiflex Trunk Interface Card with Drop and Insert
•VWIC-1MFT-E1—one-port E1 Multiflex Trunk Interface Card
•VWIC-2MFT-E1—two-port E1 Multiflex Trunk Interface Card
•VWIC-2MFT-E1-DI—two-port E1 Multiflex Trunk Interface Card with Drop and Insert
•VWIC-1MFT-G703—one-port E1 Multiflex Trunk Interface Card with G.703 support
•VWIC-2MFT-G703—two-port E1 Multiflex Trunk Interface Card with G.703 support
The 1- and 2-port T1 and E1 multiflex trunk interface cards support generic single- or dual-port T1 or E1 trunk interfaces for voice, data, and integrated voice and data applications. These cards provide basic structured and unstructured service for T1 or E1 networks.
Note The supported VWICs require Cisco IOS Release 12.2(15)ZJ or later.
New Software Features in Release 12.2(15)ZJ
The following new software features are supported by the Cisco 2600XM series and Cisco 2691 modular access routers in Cisco IOS Release 12.2(15)ZJ:
•Cisco IOS MGCP Gateway Support for Cisco CallManager Network Specific Facilities
•Cisco IOS Telephony Services Version 3.0
•Cisco SIP Survivable Remote Site Telephony (SRST)
•Cisco Survivable Remote Site Telephony (SRST) Version 3.0
•Custom Tone Download to Cisco IOS MGCP Gateways from Cisco CallManager
•Enhanced ITU-T G.168 Echo Cancellation
•Enhancements to the 16- and 36-Port Ethernet Switch Network Module
•MGCP-Controlled Backhaul of BRI Signaling
•Private Line Automatic Ringdown for Trading Turrets
•Support for IP Communications Voice/Fax Network Modules
ADSL over ISDN
Cisco IOS Release 12.2(15)ZJ introduces support for ADSL over ISDN on the Cisco 2600 series routers. This feature allows the co-existence of ADSL and ISDN on the same local loop. This feature supports the UR-2 and Annex B G.992.1 technical specifications.
The dsl operating-mode command was modified to support this new WIC.
For additional information, refer to the 1-Port ADSL WAN Interface Card feature module at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/12newft/122limit/122z/122zh13/adslwan.htm
Restrictions
The Cisco ADSL WAN interface cards do not support dual latency, ADSL2, or ADSL2plus.
Cisco IOS MGCP Gateway Support for Cisco CallManager Network Specific Facilities
The Cisco IOS MGCP Gateway Support for Cisco CallManager Network Specific Facilities (NSF) feature is an enhancement to Cisco CallManager functionality. It enables users to configure the NSF ISDN information element of the route pattern.
The ISDN NSF route pattern design has been changed in the Cisco CallManager database to enable invocation of facilities or services on a call-by-call basis.
The NSF information is used in ISDN PRI call setup for outgoing calls and includes carrier identification code (CIC) and service parameters. The NSF configuration tasks are done in Cisco CallManager.
The NSF configuration has been added in the route pattern user interface page for Media Gateway Control Protocol (MGCP) controlled PRI ports. Without the NSF configuration, users have to configure their associated gateways as stand-alone H.323 gateways for which NSF services are configured locally within the router. With NSF configured, NSF can be used on a call-by-call basis.
For additional prerequisite and configuration information, refer to the Cisco IOS MGCP Gateway Support for Cisco CallManager Network Specific Facilities feature module at:
Restrictions
This feature is not supported on the Cisco 2610XM and Cisco 2611XM modular access routers.
Cisco IOS Telephony Services Version 3.0
Cisco CallManager Express (CME) Version 3.0 delivers the next-generation CME feature set. Cisco CME Version 3.0 supports the following enhancements:
•CME setup tool for quick installation
The CME setup tool provides a question-and-answer interface that allows you to set up an entire Cisco CME system at automatically.
•Automatic assignment of free extension numbers to new IP phones
The auto assign command specifies a range of extension numbers to which newly discovered IP phones are automatically assigned. This method is useful when you have a phone setup in which each phone is assigned a separate, unique extension number.
•Call pickup and call-pickup groups
Call pickup allows phone users to retrieve calls from other extension numbers by using the PickUp soft key and dialing the ringing number. When extensions are assigned to pickup groups, other members of the group can retrieve incoming calls using fewer keystrokes.
•Night service
When night service is active, incoming calls to designated night-service extension numbers will also ring on other phones that are designated as night-service phones. Phone users at the other phones can use call pickup to retrieve the incoming calls.
•Call-blocking (toll bar) based on time of day, day of week, or date
Call blocking to prevent the unauthorized use of phones is implemented by matching calls to a specified digit pattern during a specified time period. Up to 32 patterns of digits can be specified. Individual phones can be exempted from call blocking, and individual user logins can override call blocking if they are configured.
•Hunt groups
Ephone hunt groups provide the ability to direct incoming calls for a specific number (the ephone hunt group pilot number) to a defined group of extensions. Incoming calls are redirected on busy or no answer from extension to extension in the list until they are answered or they reach the number that was defined as the final number.
•Secondary dial tone
Secondary dial tone is generated when a phone user dials a predefined digit. The tone terminates when additional digits are dialed. For example, you can configure a secondary dial tone to be heard after the number 9 is dialed to reach an external line.
•Cisco IP Phone 7902G Support
The Cisco IP Phone 7902G, is a cost-effective, entry-level IP phone addressing the voice communications needs of a lobby, laboratory, manufacturing floor, or hallway—or other areas where only basic calling capability is required. For further information, go to Cisco.com and click Products & Service, IP Phone, Cisco 7900 Series IP Phones, Product Literature, and Data Sheets or go to: http://www.cisco.com/univercd/cc/td/doc/product/voice/c_ipphon/english/ipp7902/index.htm.
•Cisco IP Phone 7912G Support
The Cisco IP Phone 7912G provides core business features and addresses the communication needs of a cubicle worker who conducts low to medium telephone traffic. The Cisco IP Phone 7912G offers four dynamic soft keys that guide a user through call features and functions. For further information, go to Cisco.com and click Products & Service, IP Phone, Cisco 7900 Series IP Phones, Product Literature, and Data Sheets.
•Speed Dial
Three types of speed dial are available:
–On multi-button phones, the buttons that are not used for extensions can be programmed as speed-dial buttons.
–Local speed-dial numbers are common to all phone users in a CME system. Phone users access the list of local speed-dial numbers from the Directories button.
–Personal speed-dial numbers are specific to individual phones. Phone users access their list of personal speed-dial numbers from the Directories button.
•Account code entry
Cisco IP Phone 7940 and Cisco IP Phone 7960 users can enter account codes during call setup or while connected to an active call, using the Acct soft key. Account codes are inserted into call detail records (CDRs) on the CME router for later interpretation by billing software.
•Callback Busy Subscriber
This feature allows callers who dial a busy extension number to request a callback from the system when a called number that was busy is free. Callers can also request callbacks for extensions that do not answer and the system will notify them after the called phone is next used.
This feature is available only on Cisco IP Phone 7940 and Cisco IP Phone 7960.
•Do Not Disturb
Do not disturb (DND) service is enabled using a soft key on a Cisco IP Phone 7940 or a Cisco IP Phone 7960. When DND is enabled, incoming calls do not ring on the phone, but do provide visual alerting and call information and can be answered if desired. A display message indicates that DND is in effect. Call forwarding on busy and no answer operates the same as without DND.
•Several international languages and call-progress tone sets are newly supported, as well as international date and time formats. The set of supported languages varies by phone type.
•Call-forward-all soft key on Cisco IP phones
•Flash soft key for hookflash functionality for the PSTN
Certain PSTN services, such as three-way calling and call waiting, require hookflash intervention from a phone user. A new soft key, labeled Flash, has been introduced to provide this functionality for Cisco IP Phone 7940 and Cisco IP Phone 7960 users on FXO lines attached to the CME system. The Flash soft key is enabled using the fxo hook-flash command.
•Dual-line mode
Dual-line extensions are available to handle call-waiting, call transfer, or conferencing using a single button.
•Extension overlays for better call handling and distribution
An extension (ephone-dn) overlay allows more than one ephone-dn to use the same physical line button on an IP phone. Overlaid ephone-dns can be used to receive incoming calls and place outgoing calls.
•CME GUI enhancements
The Cisco CME Graphical User Interface (GUI) provides a web-based interface to manage most CME systemwide and phone-based features. In particular, the GUI facilitates the routine adds and changes associated with employee turnover, allowing these changes to be performed by non-technical staff.
The Cisco CME GUI provides three levels of access to support the following user classes:
–System administrator—Able to configure all systemwide and phone-based features. This person is familiar with Cisco IOS software and VoIP network configuration.
–Customer administrator—Able to perform routine phone adds and changes without having access to systemwide features. This person does not have to be trained in Cisco IOS software.
–Phone user—Able to program a small set of features on his or her own phone and search the CME directory.
•Label support
The label support feature allows you to enter a meaningful text string to view in the display adjacent to an extension button on an IP phone rather than the extension number that is associated with that button.
•Busy lamp monitor and direct station select
For multi-button phones and expansion modules, the buttons for extensions that are shared with other phones can be designated as monitor buttons, which show the status of those extensions on the other phones. When not in use, a monitor line can be used with the Transfer soft key to quickly transfer a call.
•Phone directory entry
The Cisco CME system automatically creates a local phone directory based on the telephone numbers that are assigned during the configuration of extensions and phones. Additional entries to the local CME directory can be made using the directory entry command.
•Silent and feature ring options
The silent ring feature allows you to designate phone buttons that do not emit an audible ring when they receive incoming calls. Although this feature is supported by all phone types, it is most useful on phone buttons that are used to display the activity of shared lines, which are typically found on the Cisco IP Phone 7960 and Cisco IP Phone Expansion Module 7914.
•New and modified commands
Approximately 35 new and modified commands are described in the Command Reference at: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/itsv30/its30cmd.htm
For further information, refer to the Cisco CallManager Express System Administrator Guide Version 3.0 at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/itsv30/index.htm
Cisco SIP Survivable Remote Site Telephony (SRST)
SRST Features
The SIP Survivable Remote Site Telephony (SRST) feature describes SRST functionality for Session Initiation Protocol (SIP) networks. SIP-SRST provides backup to an external SIP proxy server by providing basic registrar and redirect services. These services are used by a SIP IP phone in the event of a WAN connection outage and the SIP phone is unable to communicate with its primary SIP proxy. The SIP-SRST device also provides PSTN gateway access for placing and receiving PSTN calls.
SIP-SRST provides four new features:
•SIP registrar
A local SIP gateway that becomes the SIP registrar acts as a backup SIP proxy or redirector, and accepts SIP Register messages from SIP phones. It becomes a location database of local SIP IP phones that are set up for dual-registration. Dual-registration allows SIP IP phones to simultaneously register with both their primary and fallback registrar devices. That is, when a SIP IP phone registers with a SIP-SRST gateway, it simultaneously registers with the main proxy and SIP redirect server for coverage in case of WAN failure. A registrar accepts SIP Register requests and dynamically builds VoIP dial peers allowing the Cisco IOS Voice Gateway software to route calls to SIP phones.
•Backup registrar service to SIP IP phones
Backup registrar service to SIP IP Phones can be provided by configuring a voice register pool on SIP gateways. The voice register pool configuration provides registration permission control and can also be used to configure some dial peer attributes that are applied to the dynamically created VoIP dial peers when SIP Phone registrations match the pool.
•Call Redirect Enhancement to Support Calls Between SIP IP Phones Through the IOS Voice Gateway
The call redirect enhancement supports calls from a local SIP phone to another local SIP phone through the Cisco IOS Voice Gateway. Prior to this enhancement, an attempt by a SIP phone to contact another local SIP phone using the Cisco IOS Voice Gateway as if it were a SIP proxy or redirect server would fail. However, now the Cisco IOS Voice Gateway can act as a SIP redirect server. The voice gateway responds to the originator with a SIP Redirect message, allowing the SIP phone that originated the call to establish a call to its destination.
•Sending 300 Multiple Choice Messages
Prior to Cisco IOS Release 12.2(15)ZJ, when a call was redirected, the SIP gateway would send a "302 Moved Temporarily" message. The first longest match route on a gateway (dial-peer destination pattern) was used in the Contact header of the 302 message. With release 12.2(15)ZJ, if multiple routes to a destination exist for a redirected number (multiple dial peers are matched), the SIP gateway sends a "300 Multiple Choice" message and the multiple routes in the Contact header are listed.
SIP Gateway Enhancements
SIP Gateway enhancements were also introduced in Cisco IOS Release 12.2(15)ZJ to support the SRST feature for SIP networks. They are:
•NOTIFY-Based Out-of-Band DTMF Relay
Skinny Client Control Protocol (SCCP) IP phones do not support in-band DTMF digits; they are capable of sending only out-of-band DTMF digits. To support SCCP devices, originating and terminating SIP gateways can now use Cisco proprietary NOTIFY-based out-of-band DTMF relay. NOTIFY-based out-of-band DTMF relay sends messages bidirectionally between the originating and terminating gateways for a DTMF event during a call. In addition, NOTIFY-based out-of-band DTMF relay can be used by analog phones attached to analog voice ports (FXS) on the router.
•SIP Register Support
With H.323, Cisco IOS gateways can register E.164 numbers of a POTS dial peer with a gatekeeper, which informs the gatekeeper of a user's contact information. SIP gateways now allow the same functionality, but with the registration taking place with a SIP proxy or registrar. SIP gateways allow registration of E.164 numbers to a SIP proxy or registrar on behalf of analog telephone voice ports (FXS), IP phone virtual voice ports (EFXS), and local SCCP phones.
For additional information, refer to the SIP Survivable Remote Site Telephony (SRST) feature module at:
Cisco Survivable Remote Site Telephony (SRST) Version 3.0
The Cisco SRST Version 3.0 feature supports the following enhancements:
•Cisco IP Phone 7902G Support
The Cisco IP Phone 7902G, is a cost-effective, entry-level IP phone addressing the voice communications needs of a lobby, laboratory, manufacturing floor, or hallway—or other areas where only basic calling capability is required. The Cisco IP Phone 7902G is a single-line IP phone, with fixed feature keys that provide one-touch access to the redial, transfer, conference, and voice-mail access features. Consistent with other Cisco IP phones, the Cisco IP Phone 7902G supports in-line power, which allows the phone to receive power over the LAN. This capability gives the network administrator centralized power control—translating into greater network availability.
For further information, go to Cisco.com and click Products & Service, IP Phone, Cisco 7900 Series IP Phones, Product Literature, and Data Sheets or go to http://www.cisco.com/univercd/cc/td/doc/product/voice/c_ipphon/english/ipp7902/index.htm.
•Cisco IP Phone 7912 Support
The Cisco IP Phone 7912G provides core business features and addresses the communication needs of a cubicle worker who conducts low to medium telephone traffic. The Cisco IP Phone 7912G offers four dynamic soft keys that guide a user through call features and functions. The graphic capability of the display provides a rich user experience by providing calling information and intuitive access to features.
The Cisco IP Phone 7912G supports an integrated Ethernet switch, providing LAN connectivity to a colocated PC. In addition, the Cisco IP Phone 7912G supports in-line power, which allows the phone to receive power over the LAN. This capability gives the network administrator centralized power control, translating into greater network availability. The combination of in-line power and Ethernet switch support reduces cabling needs to a single wire to the desktop.
For further information, go to Cisco.com and click Products & Service, IP Phone, Cisco 7900 Series IP Phones, Product Literature, and Data Sheets.
•Customized System Message for Cisco IP Phones
The display message that appears on Cisco IP Phone 7905G, Cisco IP Phone 7910, Cisco IP Phone 7940, and Cisco IP Phone 7960 units when they are in fallback mode can be customized. The new system message command allows you to edit these display messages on a per router basis.
•Consultative Call Transfer Using the H.450.2 Standard
Cisco SRST V1.0 allowed only blind call transfers, in which a transferring party did not have the ability to announce or consult with a destination party before transferring a call. Cisco SRST V1.0 used a Cisco SRST proprietary mechanism to perform these blind transfers. Cisco SRST V3.0 adds the ability to perform call transfers with consultation or blind using the ITU-T H.450.2 standard for H.323 calls.
•Dual-Line Mode
A new keyword has been added to the max-dn command allows you to set IP phones to dual-line mode. Each dual-line IP phone must have one voice port and two channels to handle two independent calls. This mode enables call waiting, call transfer, and conference functions on a single ephone-dn. Dual-line mode works with all phone types. The max-dn command is a global command that affects all IP phones on an Cisco SRST router.
•European Date Formats
The date format on Cisco IP phone displays can be configured with the following two additional formats:
yy-mm-dd (year-month-day)
yy-dd-mm (year-month-day
•Music-on-Hold for Multicast from Flash Files
Cisco SRST can be configured to support continuous multicast output of music-on-hold (MoH) from a Flash MoH file in Flash memory.
•Ringing Timeout Default
A ringing timeout default can be configured for extensions on which no-answer call forwarding has not been enabled. Expiration of the timeout causes incoming calls to return a disconnect code to the caller. This mechanism provides protection against hung calls for inbound calls received over interfaces such as foreign exchange office (FXO) that do not have forward-disconnect supervision.
•Show ephone Command
The show ephone command has been enhanced to display the following:
–Configuration and status of phones of the specified type (new keywords:7914, 7905, 7935, ATA)
–Status of all phones with the call-forwarding all calls (CFA) feature enabled on at least one of their DNs (new keyword:cfa),
•Syslog Messages for Phone Registrations
Diagnostic messages are added to the system log whenever a phone registers or unregisters from Cisco SRST.
•Three-Party G.711 Ad Hoc Conferencing
Cisco SRST supports three-party ad hoc conferencing using G.711. For conferencing to be available, an IP phone must have a minimum of two lines connected to one or more buttons.
•Additional language support on Cisco IP Phones
Several international languages and call-progress tone sets are newly supported. The set of supported languages varies by phone type.
•New and modified commands
There are approximately 10 new and modified commands. They are described at:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/srs30/srs_cmds.htmFor further information about the SRST Version 3.0 features, refer to the Cisco SRST System Administrator Guide Version 3.0 at the following URL:
Restrictions
This feature is not supported on the Cisco 2610XM and Cisco 2611XM modular access routers.
Custom Tone Download to Cisco IOS MGCP Gateways from Cisco CallManager
Cisco IOS Release 12.2(15)ZJ introduces the Custom Tone Download to Cisco IOS MGCP Gateways from Cisco CallManager feature. This feature implements the downloading of region-specific tones and the associated frequencies, amplitudes, and cadences using XML-based configuration files during gateway registration. The feature also supports the generation of tones up to four frequencies by the Cisco IOS Media Gateway Control Protocol (MGCP) gateway. The feature supports dual tones and sequential tones.
The MGCP gateway handles the translation between voice signals and the packet network and interacts with Cisco CallManager. Cisco CallManager performs signal and call processing. The Custom Tone Download to Cisco IOS MGCP Gateways from Cisco CallManager feature enables the gateway to use the tone information in the custom tone tables that have been downloaded from the TFTP server in an XML-based configuration file.
When Cisco CallManager requests a specific tone, the gateway references the custom tone table associated with the network locale of the voice port.
When the gateway registers to Cisco CallManager, or if the gateway restarts or resets, the network locale for each port is downloaded to the gateway. Once the custom tone specification is downloaded to the gateway, it can also be used in H.323 mode if the gateway loses connectivity to Cisco CallManager.
This feature supports one new Cisco IOS command and three modified Cisco IOS commands:
•ccm-manager download-tones command (new)
•cptone command (modified)
•debug ccm-manager command (modified)
•show ccm-manager command (modified)
For additional command syntax information, prerequisite and configuration information, refer to the Custom Tone Download to Cisco IOS MGCP Gateways from Cisco CallManager feature module at:
Restrictions
•This feature is not supported on the Cisco 2610XM and Cisco 2611XM modular access routers.
•Only one gateway supports the download of up to two custom tones, that is, no more than two custom tone tables will be downloaded to one gateway even if there are more that two countries or regions configured for the gateway.
DPNSS Backhaul
This feature introduces support for Digital Private Network Signaling System (DPNSS) Layer 2 functionality on the Cisco gateway (GW) for Cisco IOS Release 12.2(15)ZJ. This feature supports layer 3 backhauling to a Cisco PGW2200 using DPNSS and Digital Access Signaling System (DASS) User Adaptation (DUA) over Stream Control Transmission Protocol (SCTP).
DPNSS was developed by British Telecom and is used in the United Kingdom and some parts of Europe. DPNSS is a standard and open protocol used between PBXs in a private network that enables complex features to work on a network basis. This feature applies the DPNSS backhaul solution on Cisco gateways to provide connectivity and services to the PBXs running the DPNSS protocol.
Note The DPNSS protocol can run on both T1 and E1 interfaces, but only E1 interfaces are supported by this feature.
The DPNSS Backhaul feature includes the following benefits:
•DUA works with existing Q.931 or DPNSS and DASS-2 protocols on an application server process (ASP), in this case, the Cisco PGW2200.
•The IDSN User Adaptation Layer (IUA) with DUA and SCTP protocol stacks are written to be portable across operating systems and products.
•Memory allocation and system performance are not negatively affected by this feature.
For additional information, refer to the Digital Private Network Signaling System Backhaul feature module at:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/ftdpnss.htm
Prerequisites
•You must have a suitable customer premises equipment (CPE) gateway with DPNSS backhaul capability and Media Gateway Control Protocol (MGCP) control for bearer circuit connections.
•You must be running Cisco PGW2200 release 9.4 or a later release.
Restrictions
•The DPNSS Backhaul feature does not support Layer 3 debugging at the GW.
Enhanced ITU-T G.168 Echo Cancellation
The third-party extended echo canceller (EC) feature is used in Cisco gateways with Cisco IOS Release 12.2(15)ZJ. The extended EC feature uses the Cisco voice digital signal processor (DSP) code base (DSPWare).
The G.168 extended EC feature provides an alternative to the Cisco-proprietary G.165 EC with improved performance for trunking gateway applications. The G.168 extended EC increases the configurable tail length from a maximum of 32 ms to a maximum of 64 ms. The ITU-T G.165 standard EC is still supported in this release.
This version of the extended EC feature adds support for the following:
•High- and medium-complexity C5421 DSP in NM-HDA voice cards
•Medium-complexity C5421 DSP in AIM-VOICE cards
•Medium-complexity digital C5409 DSP and high-complexity analog WICs in the Cisco Catalyst 4000 Access Gateway Module (AGM)
•Medium-complexity C549 DSP digital and analog in the Cisco MC3810 and Cisco 2400 platforms
•The command-line interface (CLI) has been modified to make the extended EC the default.
Cisco IOS software supports the following improvements with the extended EC:
•Configuration and reporting of extended echo path capacity
•Configuration and reporting of worst-case echo return loss (ERL)
•Test mode support for manually freezing, thawing, and clearing the EC h-register
•Reporting of statistics for location of the largest reflector
•Reporting of the internal state of the EC
This feature provides the following additional benefits:
•No changes to platform—Improves platform functionality by updating the EC module through a DSPWare upgrade and a Cisco IOS software upgrade
•Enabling and disabling of nonlinear processor—Enables and disables nonlinear processor (NLP) spectrally matched comfort noise
•Echo return loss (ERL) configuration—Can be set to three values: 0 dB, 3 dB, and 6 dB
•Expansion of Echo Canceller Capacity—EC capacity is expanded to 64 ms
For additional information, refer to the Enhanced ITU-T G.168 Echo Cancellation feature module at:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/ftecho.htm
Restrictions
•Not all Cisco platforms that use C542 and C549 DSPs support the extended EC. All other platforms continue to use the Cisco-proprietary 32-ms EC by default.
•The NM-2V does not support the extended EC on the Cisco 2600 series and Cisco 2600XM series.
Enhancements to the 16- and 36-Port Ethernet Switch Network Module
The 16- and 36-port Ethernet switch network module feature has been significantly enhanced in Cisco IOS Release 12.2(15)ZJ to include the following improvements.
Note RFC 2284, PPP Extensible Authentication Protocol (EAP), is the new RFC that supports the 16- and 36-port Ethernet switch network module feature enhancements.
There are 47 new Cisco IOS commands that support the feature enhancements. For information on the commands, refer to the "Command Reference" section of the 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series feature module at:
For additional information on the feature enhancements, also refer to the 16- and 36-Port Ethernet Switch Module for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series feature module at:
FRSVC Over ISDN
The Frame Relay Switched Virtual Circuits over ISDN feature provides support for Frame Relay switched virtual circuits (SVCs) over ISDN BRI lines. Before the introduction of this feature, Frame Relay over ISDN supported Frame Relay permanent virtual circuits (PVCs) only. Frame Relay SVCs can be configured on Dialer or BRI interfaces the same way that SVCs are configured on serial interfaces.
For additional information on Frame Relay, refer to the "Configuring Frame Relay" chapter of the Cisco IOS Wide-Area Networking Configuration Guide for Cisco IOS Release 12.2 at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fwan_c/wcffrely.htm
For additional information on Frame Relay SVCs, refer to the "Configuring Frame Relay SVCs" section in the "Configuring Frame Relay" chapter of the Cisco IOS Wide-Area Networking Configuration Guide for Cisco IOS Release 12.2 at the same URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fwan_c/wcffrely.htm
MGCP-Controlled Backhaul of BRI Signaling
The Media Gateway Control Protocol (MGCP)-Controlled Backhaul of Basic Rate Interface (BRI) Signaling in Conjunction with Cisco CallManager feature is introduced on the Cisco 2600 series in Cisco IOS Release 12.2(15)ZJ.
The Media Gateway Control Protocol (MGCP)-Controlled Backhaul of Basic Rate Interface (BRI) Signaling in Conjunction with Cisco CallManager feature provides MGCP service to remote-office media gateways that connect by means of ISDN BRI trunks to a centralized Cisco CallManager media-gateway controller for the purpose of call processing. D-channel signal information is backhauled to the call manager through a Transmission Control Protocol (TCP) session.
Should connection to the primary call manager fail, call processing reverts to a backup call manager until the connection to the primary is restored. Should connections to the primary and all backups fail, call processing reverts to H.323 on the media gateway. When a connection is restored, call processing reverts to the primary or other available call manager and to MGCP.
Feature benefits include the following:
•Centralized call-management architecture, enabling a high degree of network control
•Short voice cut-through times
•Graceful evolution to new technology and to Architecture for Voice, Video, and Integrated Data (AVVID)
For additional information, refer to the MGCP-Controlled Backhaul of BRI Signaling in Conjunction with Cisco CallManager feature module at the following URL:
http://www.cisco.com/en/US/products/software/ios122/122newft/122limit/122z/122zj15/ftbribkh.htm
Prerequisites
Media Gateway
You need a supported Cisco 2600 series router equipped with the following:
•16-MB Flash memory
•64-MB DRAM
•BRI voice interface card (VIC): VIC-2BRI-NT/TE or VIC-2BRI-S/T-TE
•Voice network module (VNM): NM-1V or NM-2V
Media-Gateway Controller
You need one or more Cisco CallManager systems, Version 3.3(2) Feature Pack 1 or higher.
Restrictions
Only the ETSI BRI basic-net3 switch type is supported in this release.
Private Line Automatic Ringdown for Trading Turrets
Cisco IOS Release 12.2(15)ZJ introduces the Private Line Automatic Ringdown (PLAR) for Trading Turrets feature. This feature delivers Private Line Automatic Ringdown for the connection of turrets for the financial industry—primarily for corporations and enterprises that use turrets and POTS telephones for trading. Implementation of this feature ensures that a call between traders on a PLAR connection will be maintained if one of the traders goes on-hook or on-hold. This new capability also ensures that bandwidth is used only when needed.
The following Cisco IOS command was modified to support this feature:
•connection command—the tied keyword was added.
For additional command syntax and configuration information, refer to the Private Line Automatic Ringdown for Trading Turrets feature module at:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/trt_plar.htm
Prerequisite
The following prerequisites apply to this feature:
•To run Private Line Automatic Ringdown for Trading Turrets, you must install an IP Plus image (minimum) of Cisco IOS Release 12.2(15)ZJ or a later release.
Restrictions
This feature is supported only for FXS loopstart ports and digital E&M immediate-start ports. When a voice port is configured with an incorrect destination number that may or may not be a valid number, the call may not perform as expected. There is no cross-checking for turret PLAR from the origination voice port, but there is a check on the terminating voice port to prevent accepting a call from a calling party that is not preconfigured.
Support for IP Communications Voice/Fax Network Modules
Cisco IOS Release 12.2(15)ZJ introduces support for the following new IP Communications Voice/Fax Network Modules:
•NM-HD-1V
•NM-HD-2V
•NM-HD-2VE
These network modules provide the ability to directly connect the PSTN and legacy telephony equipment to Cisco 2600XM series, Cisco 3600 series, and Cisco 3700 series modular access routers, enabling important applications such as IP telephony, toll bypass, and full gateway integration. These network modules support the following interface cards:
•New interface cards supported on all three network modules:
–VIC2-2FXS
–VIC2-2FXO
–VIC2-4FXO
–VIC2-2E&M
–VIC2-2BRI-NT/TE
•Existing interface cards supported on NM-HD-2VE only:
–VWIC-2MFT-T1
–VWIC-1MFT-T1
–VWIC-2MFT-T1-DI
–VWIC-1MFT-E1
–VWIC-2MFT-E1
–VWIC-2MFT-E1-DI
–VWIC-1MFT-G703
–VWIC-2MFT-G703
The IP Communications Voice/Fax Network Modules bring next-generation features to voice network modules. Features supported in this release include the following:
•Channel group support for up to 32 channels
•Flex option for configuring codec complexity—This new option allows the DSP to process up to 16 channels. In addition to continuing support for configuring a fixed number of channels per DSP, the flex option enables the DSP to handle a flexible number of channels. The total number of supported channels varies from 6 to 16, depending on which codec is used for a call. Therefore, the channel density varies from 6 per DSP (high-complexity codec) to 16 per DSP (g.711 codec).
•Software-based echo cancellation up to 32-millisecond conversion
•Digital: BRI, PRI, and CAS
•Analog: FXS, FXO, E&M, and DID
•Signaling channel allocation
•CAMA-configured signaling
•Voice channel allocation
•Voice port independent channel allocation
•Hairpinning
–Digital to digital (same card)
–Analog to digital (same card)
•Channel bank support—Analog voice ports are internally connected to a DS0 time slot on a digital T1/E1 interface. All the signaling is transparently sent between the analog voice port and DS0 time slot, and will not be seen by the higher layer voice software.
•DSP crash recovery
•FXO/FXS Caller ID Type 1 and Type 2
•Trunk alarm handling
Prerequisites
•This feature requires Cisco IOS Release 12.2(15)ZJ or a later release.
•This feature requires 128 MB of RAM.
Cisco IOS Command Changes
The following commands are new or modified to support this feature:
•codec complexity command—the flex keyword was added
•connect command—the voice-port keyword was added
For additional command syntax information, prerequisite and configuration information, refer to the IP Communications Voice/Fax Network Modules feature module at:
Support for the NM-16A/S
Cisco IOS Release 12.2(15)ZJ introduces support for the NM-16A/S network module. The NM-16A/S is a slow-speed, high-density serial network module (NM) offering asynchronous and synchronous interfaces and flexible port configuration.
The NM-16A/S offers:
•Synchronous interfaces that support a data rate of up to 128 kbps
•Asynchronous interfaces that support a data rate of up to 115.2 kbps
•Configurable DTE and DCE
Note The NM-16A/S network module uses a Cisco patented 12-in-1 Smart Serial cable.
With the appropriate serial transition cable, the ports on the NM-16A/S networking module can provide an EIA/TIA-232, EIA/TIA-449, V.35, X.21, EIA/TIA-530 DTE, or NRZ/NRZI serial interface.
The NM-16 A/S can provide an EIA/TIA-530A DTE interface.
The following Cisco IOS commands are introduced or modified to support this feature:
•clock rate command—modified to include the line keyword
•debug serial lead-transition command—new command
•ignore command—new command, interface configuration mode
For additional command syntax and configuration information, refer to the NM-16A/S feature module at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122limit/122z/122zj15/gtnm16as.htm
Restrictions
The NM-16A/S is factory configurable and not field upgradable.
Limitations and Restrictions
•The non-XM models of the Cisco 2610, Cisco 2611, Cisco 2620, Cisco 2621, Cisco 2650, and Cisco 2651 modular access routers are not supported in Cisco IOS Release 12.2(15)ZJ and later.
MIBs
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
http://tools.cisco.com/ITDIT/MIBS/servlet/index
If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco MIBs page at the following URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
http://tools.cisco.com/RPF/register/register.do
Important Notes
The following sections contain important notes about Cisco IOS Release 12.2(15)ZJ5 that can apply to the Cisco 2600XM series and Cisco 2691 modular access routers.
Deferrals
Cisco IOS software images are subject to deferral. Cisco recommends that you view the deferral notices at the following location to determine if your software release is affected:
http://www.cisco.com/kobayashi/sw-center/sw-ios-advisories.shtml
Field Notices and Bulletins
For general information about the types of documents listed in this section, refer to the following documents:
•Field Notices—Cisco recommends that you view the field notices for this release to see if your software or hardware platforms are affected. If you have an account on Cisco.com, you can find field notices at http://www.cisco.com/warp/customer/tech_tips/index/fn.html. If you do not have a Cisco.com login account, you can find field notices at http://www.cisco.com/warp/public/tech_tips/index/fn.html.
•Product Bulletins—If you have an account on Cisco.com, you can find product bulletins at http://www.cisco.com/warp/customer/cc/general/bulletin/index.shtml. If you do not have a Cisco.com login account, you can find product bulletins at http://www.cisco.com/warp/public/cc/general/bulletin/iosw/index.shtml.
•What's Hot in Software Center—What's Hot in Software Center provides information about caveats that are related to deferred software images. If you have an account on Cisco.com, you can access What's Hot for IOS Releases at http://www.cisco.com/kobayashi/sw-center or by logging in and selecting Technical Support: Software Center: Cisco IOS Software: What's Hot in Software Center.
•What's New for IOS — What's New for IOS lists recently posted Cisco IOS software releases and software releases that have been removed from Cisco.com. If you have an account on Cisco.com, you can access What's New for IOS at http://www.cisco.com/kobayashi/sw-center/sw-ios.shtml or by logging into Cisco.com and selecting Technical Support:Software Center:Products and Downloads:Cisco IOS Software.
Caveats
Caveats describe unexpected behavior in Cisco IOS software releases. Severity 1 caveats are the most serious caveats; severity 2 caveats are less serious. Severity 3 caveats are moderate caveats, and only selected severity 3 caveats are included in the caveats document.
This section contains open and resolved caveats for the current Cisco IOS maintenance release.
All caveats in Cisco IOS Release 12.2 T and Cisco IOS Release 12.2(15)T are also in Cisco IOS Release 12.2(15)ZJ5.
For information on caveats in Cisco IOS Release 12.2 T and Cisco IOS Release 12.2(15)T, see Caveats for Cisco IOS Release 12.2 T. These documents lists severity 1 and severity 2 caveats and only selected severity 3 caveats, and are located on Cisco.com.
Caveat numbers and brief descriptions for Release 12.2(15)ZJ5 are listed in this section.
Note If you have an account on Cisco.com, you can use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com by clicking the Log In button on the right side, go to the drop down menu on the top bar of the page and select Technical Support: Tools & Utilities: Software Bug Toolkit (under Troubleshooting Tools). Another option is to enter the following URL in your web browser or go to
http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl
Open Caveats—Cisco IOS Release 12.2(15)ZJ5
There are no open caveats specific to Cisco IOS Release 12.2(15)ZJ5 that require documentation in these release notes.
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ5
All the caveats listed in this section are resolved in Cisco IOS Release 12.2(15)ZJ5. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 4 Resolved Caveats for Cisco IOS Release 12.2(15)ZJ5
DDTS ID Number DescriptionCSCdz30977
modem passthrough: option to eliminate glitch for low-speed modem
Symptoms: V.22B modem connections may not work reliably over modem pass- throughs.
Conditions: This symptom is observed on V.22B modems when a pair of voice gateways have digital voice ports that are driven by different clock sources. High-speed modem connections (V.32, v32bis) are not affected by this condition.
Workaround: There is no workaround.
CSCdz84583
IOS fw allowing forged packets for a session initiated from inside
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
CSCeb52066
NAT: Provide an API to get the pre-natted TCP Seq/Ack Numbers
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
CSCec59206
Bus error in nat translating RSHELL packets
Symptoms: A router may reload unexpectedly because of a bus error when it accesses a low address during the translation of TCP port 514.
Conditions: This symptom is observed on a Cisco router that runs Cisco IOS Release 12.3(5) and that is configured for Network Address Translation (NAT).
Workaround: Prevent the translation of TCP port 514.
CSCed35253
Router crash due to corrupted data in list with IOS-firewall
Symptoms: A router may reload unexpectedly after it attempts to access a low memory address.
Conditions: This symptom is observed after ACLs have been updated dynamically or after the router has responded dynamically to an IDS signature.
Workaround: Disable IP Inspect and IDS.
CSCed93836
modifications needed to syn rst packet response
A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain TCP stack are susceptible to this vulnerability.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.
A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.
Open Caveats—Cisco IOS Release 12.2(15)ZJ4
Cisco IOS Release 12.2(15)ZJ4 is not distributed for widespread availability.
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ4
Cisco IOS Release 12.2(15)ZJ4 is not distributed for widespread availability.
Open Caveats—Cisco IOS Release 12.2(15)ZJ3
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)ZJ3 and describes only severity 1 and 2 caveats and select severity 3 caveats.
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ3
All the caveats listed in this section are resolved in Cisco IOS Release 12.2(15)ZJ3. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 6 Resolved Caveats for Cisco IOS Release 12.2(15)ZJ3
DDTS ID Number DescriptionCSCdx76632
as5300 crashed in MultiBitDecode
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCdx95698
No Ringback on transfer on using Ivr clid_authen_collect
Symptoms: Ringback is not heard on the originating phone when a blind transfer is initiated.
Conditions: An IVR script on a gateway processes an incoming PSTN call, including prompting for a destination number. Once the call is established with the destination, the destination party transfers the originating party to another destination. During this transfer, the originating party should hear the ringing for the destination.
Workaround: There is no workaround.
CSCea19885
Bus error at address 0xD0D0D0B, Process CCH323_CT
Symptoms: A Cisco router that has a voice feature such as H.323 enabled may reload because of a bus error at address 0xD0D0D0B.
Conditions: This symptom is observed on a Cisco 3700 series but may also occur on other routers.
Workaround: There is no workaround.
CSCea27536
Router crash when H323v3/v4 pkts pass through NAT router
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
NAT router (which is H323v2 stack aware) crashes when H323v3/v4 pkt is processed as "ip nat service h323all" is turned on.
Workaround: Turn off "ip nat service h323all" or move to 12.3T image (which has NAT-H323v3/v4) support
CSCea32240
H323 crashes in strncpy when receiving invalid setup packet
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCea33065
H323 Spurious memory access in h450ProcRcvdApdus
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCea33499
Symptoms: The gateway is not sending RSIP:restart when the digital voice-ports are configured as Media Gateway Control Protocol (MGCP) endpoints. Because of this, the call agent is not informed of the status of the MGCP endpoints and it rejects the NTFY messages from the gateway.
Workaround: After configuring the MGCP endpoints for the digital-port, perform the following in the configuration mode to restart the MGCP application:
Router(config)# no mgcpRouter(config)# mgcpThis should make the router send RSIP:restart to the call agent.
CSCea36231
Router hangs when receive in invalid h225 setup
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCea46342
h.323 crashes in ACFnonStandardInfo DEC_ERR=13
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCea51030
h323: proxy crashes when malformed h225 setup message received
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCea51076
h323: proxy crashes when processing invalid h225 setup messafe
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCea54851
h323 proxy: crash at pxy_proc_recv_SETUP when invalid h225 setup rx
Cisco products running IOS contain vulnerabilities in the processing of H.323 messages, which are typically used in packetized voice or multimedia applications. Features such as NAT and IOS Firewall must inspect H.323 messages and may be vulnerable as well. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T, and all later Cisco IOS releases are affected if configured for various types of Voice/Multimedia Application support. The vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).
There are workarounds available that may mitigate the impact, but these techniques may not be appropriate for use in all customer networks.
This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
CSCeb65637
Unable to set the H.323 callIdentifier from Tcl IVR script
Symptoms: Call setup to an IP network may be delayed or rejected.
Further Problem Description: A call setup without an incoming call leg results in a H.225 SETUP or remote access server (RAS) admission message with the callIdentifier field value of zeroes.
Conditions: TCL IVR script attempts to set up a call without specifying the incoming leg.
Workaround: The workarounds are:
1. Set up a call with an incoming leg.
2. Enter set callinfo(newguid) to force the call setup to generate new conferenceID and callIdentifier fields. This assumes that the generated GUID does not affect the billing system or the remote endpoint.
Example:
set callinfo(newguid) trueleg setup $dest_nr callinfoCSCeb71588
Digital MGCP endp doesnt become active after creation till mgcp res
Symptoms: When digital voice port on Cisco IAD2430 router is added to POTS dial-peer with application mgcpapp, it does not notify Media Gateway Control Protocol (MGCP) call agent and become active automatically.
Conditions: Configure a POTS dial-peer for a digital voice port with application mgcpapp.
Workaround: After configuring the PORT dialpeer, enter no mgcp and followed by MGCP CLIs to bring the digital voice port active.
CSCeb78836
h323: software forced crash if bad packet received and debug opened
Symptoms: Cisco IOS software may cause a Cisco router to reload unexpectedly when the router receives a malformed H.225 setup message.
Conditions: This symptom is observed on a Cisco 1700 series that runs Cisco IOS Release 12.2(13c). The symptom occurs when the following debug privileged EXEC commands are enabled:
•debug h225 asn1
•debug h225 events
•debug h225 q931
Workaround: There is no workaround.
CSCec07327
Cannot Loop IAD2432 T1 Controller
Symptoms: Onboard framer misses the first FDL request. PRM transmission to CO timing is wrong.
Work around: The customer must issue the FDL twice with "no xxxx" in between when the Cisco IAD2430 boots up. After that, the Cisco IAD2430 operates correctly.
There is no workaround for the second problem with PRM.
CSCin51788
progress_ind connect PI is not sent from TGW to OGW
Symptoms: A CONNECT message arrives at an originating gateway (OGW) with an incorrect progress indicator.
Conditions: On the terminating gateway's (TGW) incoming dial-peer configuration, define a progess indicator for the connect event by using progress-ind connect enable 8.
Workaround: There is no workaround.
Open Caveats—Cisco IOS Release 12.2(15)ZJ2
There are no open caveats specific to Cisco IOS Release 12.2(15)ZJ2 that require documentation in these release notes.
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ2
There are no resolved caveats specific to Cisco IOS Release 12.2(15)ZJ2 that require documentation in these release notes.
Open Caveats—Cisco IOS Release 12.2(15)ZJ1
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)ZJ1 and describes only severity 1 and 2 caveats and select severity 3 caveats.
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ1
All the caveats listed in this section are resolved in Cisco IOS Release 12.2(15)ZJ5. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 8 Resolved Caveats for Cisco IOS Release 12.2(15)ZJ1
DDTS ID Number DescriptionCSCdz71127
corrupted packet can cause input queue wedge - reg to CSCdx02283
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
CSCea22283
Wrong voice mail box selected when call fwded across multiple phones
Symptoms: Caller reaches original destination's voicemail when forwarded-to destination is not available.
Conditions: If a call is forwarded across multiple IP phones, the voicemail box selected is that of the orig called number.
For example: A calls B and the call is forwarded to C. C does not answer and the call gets forwarded to B's voice mail (instead of C's voicemail).
Workaround: There is no workaround.
CSCea87260
dpnss: channels not kept in OOS when E1 controller/serial int down
Symptoms: The DLCs end up in the "IDLE" state even though there is a shutdown on the controller/interface.
Conditions: When there is a shutdown on the controller/interface and PGW requests the gateway to bring up the DLCs.
Workaround: There is no workaround.
CSCeb01098
Release Source not being set by new Session app
Symptoms: The Release Sources reported in the radius accounting record or the gateway's call history record for the incoming and outgoing legs don't match. This behavior does not affect the voice call.
Conditions: This behavior may occur when the default voice application handles the incoming call.
Workaround: Configure the application default.c.old command on the incoming dial-peer used for the call.
CSCuk42484
wrong cause value when transfering to busy/unallocated number
Symptoms: The wrong cause value is provided when transferring a call to an unallocated or busy destination.
Conditions: This behavior can occur when an incoming call VoIP call is handled by the app-h450-transfer.2.0.0.3.tcl application.
The gateway places an outbound VoIP call instead of disconnecting the incoming call with the appropriate cause code under the following two conditions:
•If the transfer target is a telephony or ITS destination that is busy or unallocated, and
•If there is a VoIP dial-peer that matches the transfer target phone number
In this case, the final cause value returned to the incoming call depends on the outgoing call setup request.
Workaround: There is no workaround.
CSCuk43681
call mishandled when calling an unallocated number
Symptoms: Congestion tone is not provided to the caller when a call setup attempt fails with cause 'Temporary Failure'(41 / 0x29).
Workaround: There is no workaround.
Open Caveats—Cisco IOS Release 12.2(15)ZJ
This section documents possible unexpected behavior by Cisco IOS Release 12.2(15)ZJ and describes only severity 1 and 2 caveats and select severity 3 caveats.
Resolved Caveats—Cisco IOS Release 12.2(15)ZJ
All the caveats listed in this section are resolved in Cisco IOS Release 12.2(15)ZJ5. This section describes only severity 1 and 2 caveats and select severity 3 caveats.
Table 10 Resolved Caveats for Cisco IOS Release 12.2(15)ZJ
DDTS ID Number DescriptionCSCdz59865
Routed port back to L2 port and unnumbered serial interface.
Symptoms: Changing a Routed port back to a L2 port causes a serial interface to be left configured with the IP unnumbered command while the routed port interface no longer exists.
Conditions: Configure a serial interface with ip unnumbered fastether 1/0 where the fastether 1/0 is a routed port. Then change back the routed port to L2 port (switched port).
This leaves the serial interface configured with ip unnumbered fastether 1/0, but there is no interface (routed port) with a valid IP addresses.
Workaround: Don't use the Unnumbered command.
CSCdz72542
storm-control and no storm-control become global mode
Symptoms: Incomplete Storm control CLI will switch configuration mode to global mode rather than per port Storm control configuration mode.
Conditions: Configuring the no storm-control command in interface configuration mode.
Workaround: Use the no storm-control broadcast | unicast | multicast command instead of just the no storm-control command in interface configuration mode.
CSCdz76940
Fast switching not working on Routed Port.
Symptoms: Routed port does not fast-wswitch IP traffic although router is configured for IP fast-switching
Conditions: Configure IP fast switching.
Workaround: There is no workaround.
CSCdz87738
show isdn status does not retrieve all info
Symptoms: Output of the show isdn status command doesn't display the isdn status information of all the isdn interfaces.
Conditions: The problem appears only when one of the interfaces is configured with a switch type of primary-dpnss.
Workaround: Use the show isdn status <serial-interface-number> command to get the output of an individual interface.
CSCea02355
rare ip packets may cause input queue wedge
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No authentication is required to process the inbound packet. Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
CSCea26990
Routed port to Stacking-partner and still associated to IP address.
Symptoms: Routed port converted back to L2 (switchport) and used as stacking partner retains OSPF configuration as seen in show ip ospf interface.
Conditions: Change a routed port to L2 (switchport) without explicitly removing IP address.
Workaround: There is no workaround.
CSCea30041
L2 port down down, but displays linkup UP UP message continuously.
Symptoms: Fails to bring link UP UP when configured to speed 10 and adjacent router's on-board fe is configured to speed auto. Also displays wrong message about the link changing state to UP UP.
Conditions: L2 port configured for 10 MB and other router as speed auto.
Workaround: Set speed manually.
CSCea34734
dpnss: calls on virtual channels fail
Symptoms: When the PBX sends a call on a Virtual B-Channel, Cisco IOS acknowledges the packet correctly and attempts to send it on to the PGW. The PGW does not do anything, and no call trace is created. Either the PGW does not handle the virtual call or the packet is misformed.
Workaround: There is no workaround.
CSCea40714
Router crash at Dpnss_test_frame_timer when unconfiguring pri-nfas
Symptoms: Router unexpectedly reloads when pri-group is unconfigured on the controller using the no pri-group timeslots 1-31 command.
Conditions: None.
Workaround: There is no workaround.
CSCin43885
Router reloads when oam enabled
Symptoms: A Cisco 2600 series may unexpectedly reload with messages similar to the following:
Unexpected exception to CPUvector 1100, PC = D0D0D0C-Traceback= D0D0D0C 8178B6FC 8178F550 8178C524 8179321C 8157CAB0 81A6EB54 81EC300CWriting crashinfo to flash:crashinfo_20020301-044554 out of room in table, cannot set "CRASHINFO"Queued messages:*Mar 1 04:45:54.627: %SYS-3-LOGGER_FLUSHING: System pausing to ensure console debugging output.*Mar 1 04:45:54.611: %DSLSAR-1-SCC_ERR: Interface ATM0/0: SCC Error: tsc_write: mb_ds->tx_count exceeded max*Mar 1 04:45:54.611: -Traceback= 81795DC0 8178AB9C 8178B158 8178B54C 8178F550 8178C524 8179321C 8157CAB0 81A6EB54 81EC300CConditions: These symptoms are observed when the following two conditions occur:
•The Cisco 2600 series is configured with an asymmetric digital subscriber line (ADSL) or symmetric high-bit rate digital subscriber line (SHDSL) WAN interface card (WIC).
•OAM is enabled on more than two PVCs (by the oam-pvc manage command) on the same DSL interface.
Workaround: Do NOT enable OAM on more than two PVCs on the same DSL interface.
Related Documentation
The following sections describe the documentation available for the Cisco Cisco 2600XM series and Cisco 2691 modular access routers. These documents consist of hardware and software installation guides, Cisco IOS configuration guides and command references, system error messages, and other documents.
Documentation is available as printed manuals or electronic documents. Use these release notes with these documents:
•Cisco IOS Software Documentation Set
Platform-Specific Documents
•Quick Start Guide documents for the Cisco 2600 series
•Hardware Installation Documents for Cisco 2600 series
•Software Configuration Documents for Cisco 2600 series
•Regulatory Compliance and Safety Documents for Cisco 2600 series
On Cisco.com at:
Products & Services: Routers: Cisco 2600 Series Modular Access Platforms: Technical Documentation
On Cisco Connection Online (CCO), http://www.cisco.com/univercd/home/index.htm, at:
Cisco Product Documentation: Access Servers and Routers: Modular Access Routers: Cisco 2600 Series Routers
Feature Modules
Feature modules describe new features supported by Cisco IOS Release 12.2(15)ZJ and are updates to the Cisco IOS documentation set. A feature module consists of a brief overview of the feature, benefits, configuration tasks, and a command reference. As updates, the feature modules are available online only. Feature module information is incorporated in the next printing of the Cisco IOS documentation set.
On Cisco.com at:
Products and Services: Cisco IOS Software: Cisco IOS Software Releases: Cisco IOS Release 12.2 T: Technical Documentation: Feature Guides
On Cisco Connection Online (CCO), http://www.cisco.com/univercd/home/index.htm, at:
Cisco IOS Software: Cisco IOS Release 12.2: New Feature Documentation
Cisco Feature Navigator
Cisco IOS software is packaged in feature sets that are supported on specific platforms. To get updated information regarding platform support for this feature, access Cisco Feature Navigator. Cisco Feature Navigator dynamically updates the list of supported platforms as new platform support is added for the feature.
Cisco Feature Navigator is a web-based tool that enables you to quickly determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or release. Under the release section, you can compare releases side by side to display both the features unique to each software release and the features in common.
To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
http://tools.cisco.com/RPF/register/register.do
Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:
http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp
Cisco IOS Software Documentation Set
The Cisco IOS software documentation set consists of the Cisco IOS configuration guides, Cisco IOS command references, and several other supporting documents.
Documentation Modules
Each module in the Cisco IOS documentation set consists of one or more configuration guides and one or more corresponding command references. Chapters in a configuration guide describe protocols, configuration tasks, and Cisco IOS software functionality, and contain comprehensive configuration examples. Chapters in a command reference provide complete command syntax information. Use each configuration guide with its corresponding command reference.
On Cisco.com, two master hot-linked documents provide information for the Cisco IOS software documentation set.
On Cisco.com, beginning under the Products & Services heading:
Cisco IOS Software: Cisco IOS Software Releases: Cisco IOS Release 12.2 T: Technical Documentation: Configuration Guides and Command References
Release 12.2 Documentation Set
Note You can find the most current Cisco IOS documentation on Cisco.com. These electronic documents may contain updates and modifications made after the paper documents were printed.
On Cisco.com, beginning under the Products & Services heading:
Cisco IOS Software: Cisco IOS Software Releases: Cisco IOS Release 12.2 Mainline: Configuration Guides and Command References
Note The Cisco Management Information Base (MIB) User Quick Reference publication is no longer published. For the latest list of MIBs supported by Cisco, see Cisco Network Management Toolkit on Cisco.com. From Cisco.com, click on the following path: Service & Support: Software Center: Network Mgmt Products: Cisco Network Management Toolkit: Cisco MIB.
Obtaining Documentation
The following sections provide sources for obtaining documentation from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
International Cisco websites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Ordering Documentation
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
•Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace:
http://www.cisco.com/cgi-bin/order/order_root.pl
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
Documentation Feedback
You can submit comments electronically on Cisco.com. In the Cisco Documentation home page, click the Fax or Email option in the "Leave Feedback" section at the bottom of the page.
You can email your comments to bug-doc@cisco.com.
You can submit your comments by mail by using the response card behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, the Cisco Technical Assistance Center (TAC) provides 24-hour-a-day, award-winning technical support services, online and over the phone. Cisco.com features the Cisco TAC website as an online starting point for technical assistance. If you do not hold a valid Cisco service contract, please contact your reseller.
Cisco TAC Website
The Cisco TAC website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The Cisco TAC website is available 24 hours a day, 365 days a year. The Cisco TAC website is located at this URL:
Accessing all the tools on the Cisco TAC website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a login ID or password, register at this URL:
http://tools.cisco.com/RPF/register/register.do
Opening a TAC Case
Using the online TAC Case Open Tool is the fastest way to open P3 and P4 cases. (P3 and P4 cases are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Case Open Tool automatically recommends resources for an immediate solution. If your issue is not resolved using the recommended resources, your case will be assigned to a Cisco TAC engineer. The online TAC Case Open Tool is located at this URL:
http://www.cisco.com/tac/caseopen
For P1 or P2 cases (P1 and P2 cases are those in which your production network is down or severely degraded) or if you do not have Internet access, contact Cisco TAC by telephone. Cisco TAC engineers are assigned immediately to P1 and P2 cases to help keep your business operations running smoothly.
To open a case by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447For a complete listing of Cisco TAC contacts, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
TAC Case Priority Definitions
To ensure that all cases are reported in a standard format, Cisco has established case priority definitions.
Priority 1 (P1)—Your network is "down" or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Priority 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
Priority 3 (P3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.
Priority 4 (P4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as ordering and customer support services. Access the Cisco Product Catalog at this URL:
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
•Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press online at this URL:
•Packet magazine is the Cisco quarterly publication that provides the latest networking trends, technology breakthroughs, and Cisco products and solutions to help industry professionals get the most from their networking investment. Included are networking deployment and troubleshooting tips, configuration examples, customer case studies, tutorials and training, certification information, and links to numerous in-depth online resources. You can access Packet magazine at this URL:
•iQ Magazine is the Cisco bimonthly publication that delivers the latest information about Internet business strategies for executives. You can access iQ Magazine at this URL:
http://www.cisco.com/go/iqmagazine
•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html
•Training—Cisco offers world-class networking training. Current offerings in network training are listed at this URL:
http://www.cisco.com/en/US/learning/index.html