First Published: April 7, 2023

Last Updated: November 2, 2023

Introduction to this Document

This Release Notes document provides information about the Cisco Catalyst IR1101 Rugged Series Routers, Cisco Catalyst IR1800 Rugged Series Routers, Cisco Catalyst IR8140 Heavy Duty Series Routers, Cisco Catalyst IR8340 Rugged Series Routers, and Cisco ESR6300 Embedded Series Routers running Cisco IOS XE 17.11.1a.

This document describes the new features, limitations, troubleshooting, besides providing recommended configurations, caveats, and information on how to obtain support and documentation.


Note
The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.

Cisco Catalyst IR1101 Rugged Series Router

The Cisco Catalyst IR1101 Rugged Series Router is a next-generation modular industrial router, which has a base platform with additional pluggable modules that can be added. The pluggable modules provide the flexibility of adding different interfaces to the IR1101 platform, for example, a cellular module, which provides 5G and Fourth-Generation Long-Term Evolution (4G LTE) cellular networks.

The IR1101 also has expansion modules that adds key capabilities to the IR1101. The expansion modules are:

SKU ID

Description

IRM-1100-SPMI

Expansion Module with 1 GE SFP, 1 Pluggable Module, 4 GPIO ports on 1 Digital I/O Connector, and 1 mSATA SSD Slot.

IRM-1100-SP

Expansion Module with 1 GE SFP and1 Pluggable Module.

IRM-1100-4A2T

Expansion Module with an additional four asynchronous serial ports and two Ethernet RJ45 LAN interfaces.

Cellular pluggable modules

A number of pluggable modules are available for cellular connectivity.

IRM-SSD-100G

100 GB pluggable industrial SSD.

P-LPWA-800

P-LPWA-900

Cisco LoRaWAN Pluggable Interface Module designed for the EU868, IND865 and RU864 RF regional profile.

Cisco LoRaWAN Pluggable Interface Module designed for RF regional profile US915, AS923 and AU915.

Cisco Catalyst IR1800 Rugged Series Router

The Cisco Catalyst IR1800 Rugged Series Router is a modular industrial router. The IR1800 series has four base platforms with additional pluggable modules that can be added. The pluggable modules provide the flexibility of adding different interfaces to the base platform.

The IR1800 series consists of four base platforms:

  • IR1821

  • IR1831

  • IR1833

  • IR1835

The IR1800 series features a base platform with modularity, which includes:

SKU ID

Description

IRM-GNSS-ADR

GPS Module with Automotive Dead Reckoning.

WP-WIFI6-x

Wi-Fi 6 Network Interface Module (NIM).

Cellular pluggable modules

A number of pluggable modules are available for cellular connectivity.

IRM-SSD-100G

100 GB pluggable industrial SSD.
Table 1. Differences Between the IR1800 Series Routers' Features

Feature

IR1821

IR1831

IR1833

IR1835

Processor Frequency

600 MHz

600 MHz

600 MHz

1200 MHz

DDR Memory

4 GB

4 GB

4 GB

8 GB

Flash Storage

4 GB

4 GB

4 GB

8 GB

PIM Slot

1

2

2

2

Wi-Fi-6 NIM Module Slot

1

1

1

1

PoE

No

No

Yes

Yes

SSD Module Slot

No

No

Yes

Yes

GPS FRU Module Slot

No

No

Yes

Yes

Digital I/O

No

No

No

Yes

Asynchronous Serial Interface

(1) RS232 DTE

(1) RS232 DTE

(1) RS232 DCE

(1) RS232 DTE

(1) RS232 DCE

(1) RS232 DTE

(1) RS232 DCE/RS485

Cisco Catalyst IR8140 Heavy Duty Series Router

The Cisco Catalyst IR8140 Heavy Duty Series Router (IR8140H), is a next-generation modular IP67 Industrial Router for outdoor use.

These are the two IR8140H models:

  • IR8140H-P-K9 (with PoE PSE)

  • IR8140H-K9 (without PoE PSE)

The IR8140H series features contains four external module slots plus two onboard WAN ports, and supports the following:

  • 60-W PSU

  • CPU 1.2 GHz

  • 8GB RAM

  • 8GB Flash Storage

  • GPS onboard receiver

  • 900-MHz WPAN – OFDM/FSK Module

  • mSATA module

  • 1x 1-Gigabit Ethernet SFP WAN

  • 1x 1-Gigabit Ethernet Cu WAN

  • PoE (15 W) supported only in the IR8140H-P-K9 PID

  • 12VDC_OUT port (only available when PoE is not in use)

  • Battery Backup Units (BBUs): Up to three

  • 2x Alarm ports (Digital I/O)

  • IRMH modules for CAT 4 LTE, CAT 6 LTE, CAT 18 LTE, and 5G

Cisco Catalyst IR8340 Rugged Series Router

The Cisco Catalyst IR8340 Rugged Series Router, is the first all-in-one industrial-grade, integrated routing, switching, and security platform.

The IR8340 router features two Pluggable Interface Module (PIM) slots, two single-wide IRM-NIM slots, plus 12 onboard LAN ports, and two WAN ports, and supports the following:

  • 150W or 250W PSU, low-voltage DC and high-voltage AC/DC options

  • PTP on LAN ports - Default, power and Dot1as profiles

  • Dual slots for 5G and 4G LTE PIM

  • T1/E1 Network Interface Modules (NIM)

  • 8-port Asynchronous/Synchronous Network Interface Module (NIM) IRM-NIM-RS232

  • mSATA module

  • 2 x 1-G Combo WAN ports

  • 4 x 1-G Copper LAN ports

  • 4 x 1-G Combo LAN ports

  • 4 x 1-G SFP LAN ports

  • PoE PoE+ UPoE (up to 60 W) support on LAN ports 1-4

  • 2 x IN and 1 x OUT Alarm ports (RJ45)

Cisco ESR6300 Embedded Series Router

The ESR6300 is a small form factor embedded router module with a board size of 3.0 in. x 3.775 in. (76.2 mm x 95.885 mm).

The more compact design simplifies integration and offers system integrators the ability to use the Cisco ESR6300 in a wide variety of embedded applications. The ESR module is available with a Cisco-designed cooling plate customized to the ESR, as well as without the cooling plate for system integrators who want to design their own custom thermal solution.

There are two ESR6300 SKUs:

  • ESR-6300-NCP-K9: Embedded Router Board without a cooling plate

  • ESR-6300-CON-K9: Embedded Router Board with a cooling plate

Both SKUs offer the following port and module interfaces:

  • Four GE LAN ports

  • Two combo GE WAN ports

  • One USB 3.0 port

  • One mSATA module interface

Interface Naming Conventions

Cisco Catalyst IR1101 Rugged Series Router

The following section shows the names of the interfaces on each of the IoT routers.

Port

Naming Convention

Gigabit Ethernet combo port

GigabitEthernet0/0/0

Gigabit Ethernet SFP port on IRM-1100

GigabitEthernet0/0/5

Gigabit Ethernet on IRM-1100-4A2T mounted on the Expansion side

gigabitetherenet 0/0/5

gigabitetherenet 0/0/6

Fast Ethernet ports

FastEthernet0/0/1

FastEthernet0/0/2

FastEthernet0/0/3

FastEthernet0/0/4

Cellular Interface on IR1101 Base

Cellular 0/1/0

Cellular 0/1/1

Cellular Interface on IRM-1100 mounted on the top (EM) side

Cellular 0/3/0

Cellular 0/3/1

Cellular Interface on IRM-1100 mounted on the bottom (CM) side

Cellular 0/4/0

Cellular 0/4/1

Asynchronous Serial Interface Base

Async0/2/0

IRM-1100-4A2T is mounted on the top (EM) side

async 0/3/0

async 0/3/1

async 0/3/2

async 0/3/3

IRM-1100-4A2T is mounted on the bottom (CM) side

async 0/4/0

async 0/4/1

async 0/4/2

async 0/4/3

USB

usbflash0:

mSATA

msata

IR1101 Base Unit Alarm input

alarm contact 0

GPIO on IRM-1100

alarm contact 1-4

LoRaWAN interface on IR1101 Base

LORAWAN0/1/0

LoRaWAN interface on the top (EM) side

LORAWAN0/3/0

Cisco Catalyst IR1800 Rugged Series Router

Port

Naming Convention

Gigabit Ethernet combo port

GigabitEthernet0/0/0

Gigabit Ethernet ports

GigabitEthernet0/1/0

GigabitEthernet0/1/1

GigabitEthernet0/1/2

GigabitEthernet0/1/3

Cellular Interface

Cellular 0/4/0

Cellular 0/4/1

Cellular 0/5/0

Cellular 0/5/1

Asynchronous Serial Interface

Async0/2/0

Async0/2/1 (when the base platform supports two asynchronous serial interfaces)

Wi-Fi Interface

Cellular Interface in WIM slot

Wl0/1/4

Cellular 0/3/0

USB

usbflash0:

mSATA

msata

GPIO

alarm contact 1-4

Cisco Catalyst IR8140 Heavy Duty Series Router

Port

Naming Convention

Gigabit Ethernet ports

GigabitEthernet0/0/0

GigabitEthernet0/0/1

Cellular Interface

Cellular 0/2/0

OR

Cellular 0/3/0

SSD

Virtual port Group0

WPAN

Wpan 0/1/0

Wpan 0/2/0

Wpan 0/3/0

Digital IO

alarm contact 1-2

Cisco Catalyst IR8340 Rugged Series Router

Port

Naming Convention

Gigabit Ethernet WAN ports

GigabitEthernet0/0/0

GigabitEthernet0/0/1

Gigabit Ethernet LAN ports

GigabitEthernet0/1/0

GigabitEthernet0/1/1

GigabitEthernet0/1/2

GigabitEthernet0/1/3

GigabitEthernet0/1/4

GigabitEthernet0/1/5

GigabitEthernet0/1/6

GigabitEthernet0/1/7

GigabitEthernet0/1/8

GigabitEthernet0/1/9

GigabitEthernet0/1/10

GigabitEthernet0/1/11

Cellular Interface

Cellular 0/4/0

Cellular 0/4/1

Cellular 0/5/0

Cellular 0/5/1

NIM Interface

(Asynchronous/Synchronous Serial Ports or E1/T1 ports)

0/2/0

0/2/1

0/3/0

0/3/1

mSATA SSD

msata

GPIO

alarm contact 1-2

USB Port

usb0:

Console Port

Line console 0

Cisco ESR6300 Embedded Series Router

Port

Naming Convention

Gigabit Ethernet combo port WAN Layer3

GigabitEthernet0/0/0

GigabitEthernet0/0/1

Gigabit Ethernet LAN Layer 2 ports

GigabitEthernet0/1/0

GigabitEthernet0/1/1

GigabitEthernet0/1/2

GigabitEthernet0/1/3

Cellular Interface

Cellular 0/3/0

USB Port

usbflash0: (IOS and rommon)

Console Port

Line console 0

Software Images for Cisco IOS XE Release 17.11.1a


Note
You must have a Cisco.com account to download the software.

Cisco IOS XE Release 17.11.1a includes the following Cisco images.

Table 2. Software Images for Cisco IOS-XE, Release 17.11.1a

Router

Image Type

Filename

IR1101

Universal

ir1101-universalk9.17.11.01a.SPA.bin

NPE

ir1101-universal9_npe.17.11.01a.SPA.bin

IR1800

Universal

IR1800-universalk9.17.11.01a.SPA.bin

NPE

IR1800-universal9_npe.17.11.01a.SPA.bin

IR8140

Universal

IR8100-universalk9.17.11.01a.SPA.bin

NPE

IR8100-universal9_npe.17.11.01aa.SPA.bin

IR8340

Universal

IR8340-universalk9.17.11.01a.SPA.bin

NPE

IR8340-universalk9_npe.17.11.01a.SPA.bin

ESR6300

Universal

c6300-universalk9.17.11.01a.SPA.bin

The latest software downloads for the routers can be found at:

https://software.cisco.com/download/home/286323433

Click the link corresponding to your device to take you to the specific software you are looking for.

Cellular Module Modem Firmware, OEM/PRI for Cisco IoT Polaris Platforms

This section contains the latest modem firmware available for each of the modems used by the Cisco IoT Industrial routers.


Note
Cisco IOS XE updates do not automatically update the modem firmware. The user should check and update to the latest firmware. See the following table for the latest information:

See the Cisco Firmware Upgrade Guide for 4G LTE and 5G Cellular Modems for upgrade instructions.

Table 3. Cellular Module Modem Firmware

Cellular Module

Modem

Firmware Version

Software Download Link

P-5GS6-GL

FN980

https://software.cisco.com/download/home/286329300/type/

P-LTEAP18-GL IRMH-LTEAP18-GL

LM960

32.00.1x7

https://software.cisco.com/download/home/286324947/type

P-LTEA-EA IRMH-LTEA-EA

EM7455

02.32.11.00

https://software.cisco.com/download/home/286308426/type

P-LTEA-LA IRMH-LTEA-LA

EM7430

02.33.03.00

https://software.cisco.com/download/home/286308413/type

P-LTE-VZW

WP7601

02.37.0x.00

https://software.cisco.com/download/home/286322139/type

P-LTE-US

WP7603

02.37.0x.00

https://software.cisco.com/download/home/286322143/type

P-LTE-JN

WP7605

02.28.03

https://software.cisco.com/download/home/286322156/type

P-LTE-GB

WP7607

02.37.03.05

https://software.cisco.com/download/home/286322147/type

P-LTE-IN

WP7608

02.28.03

https://software.cisco.com/download/home/286322152/type

P-LTE-AU

WP7609

02.28.03

https://software.cisco.com/download/home/286323720/type

P-LTE-MNA

WP7610

02.37.0x.00

https://software.cisco.com/download/home/286324942/type

New Features in Cisco IOS XE 17.11.1a

The following sections describe the major enhancements available in Cisco IOS XE 17.11.1a on each of the routers.

Major Enhancements in IR1101

This section describes the new features for the IR1101.

Also see the Major Enhancements Common to all IoT Routers.

Async Serial Port for Console

The IR1101 console port is a USB port. Some installations require that the console port be an RS232 port. This release provides a workaround that allows the Async 0/2/0 port to be used as a console port.

This change requires to ROMMON variables as well as IOS XE. You will need to setup both Mini-USB console and Async 0/2/0 with the same baudrate and 8-N-1.

To change the ROMMON variable, perform the following:

  1. Access ROMMON by following the procedure in the IR1101 Software configuration Guide.

  2. Set the ROMMON variable CONSOLE_SERIAL with value as 1 using the following command in ROMMON: set CONSOLE_SERIAL=1

  3. sync

When ROMMON detects CONSOLE_SERIAL=1, it should start to use the new variable. It will also pass console=ttyS1 as boot parameter instead of console=ttyS0.

After setting the ROMMON variable, then boot up the Cisco IOS XE 17.11.1a image. It will read the new variable and use console=ttyS1 as boot parameter instead of console=ttyS0. Cisco IOS XE 17.11.1a should update the new ROMMON image. Then, reboot the device again and setup auto boot if needed.


Note
Async 0/2/0 pinout is EIA-TIA-561 DTE. When CONSOLE_SERIAL=1 is setup, Async 0/2/0 won’t exist. Do NOT perform a factory reset or downgrade the software below 17.11.

Major Enhancements in IR1800

This section describes the new features for the IR1800.

Also see the Major Enhancements Common to all IoT Routers.

LoRaWAN Pluggable Interface Module Support

These release adds support for the LoRaWAN Pluggable Interface Module which was first available on the IR1101.


Note
This is a software parity release only. The LoRaWAN Pluggable Interface Module is neither orderable or hardware deployment ready for the IR1800 until the product is announced. Please reach out to your Cisco contact for any additional info.

The Cisco LoRaWAN Pluggable Interface Module supports eight channels of LoRa connectivity.

There are two different P-LPWA modules:

The Cisco LoRaWAN pluggable modules can be managed by command line interface (CLI), or the Cisco IOS XE Web User Interface (WebUI).

Details on installation, configuration, and regulatory information are found in the Cisco LoRaWAN Pluggable Interface Module Installation and Configuration Guide.

Cisco IoT Operations Dashboard (OD) Support to Configure and Manage the WP-WIFI6-x Module

Cisco IOS XE release 17.11.1a provides additional capabilities to the Cisco Wi-Fi Interface Module (WIM).

This section contains the following:

WGB Concurrent Radio

Cisco IOS XE 17.11.1a supports the Cisco Wi-Fi Interface Module (WIM) configuration of concurrent radio in Workgroup Bridge (WGB) mode. This feature applies to the WIM that already has the CAPWAP image on Cisco IOS XE 17.11.1a and the unified client image.

The following table lists the Cisco Operational Dashboard use case and corresponding CLIs:

Use Case

CLI

Choose 2.4GHz or 5GHz frequency for the WiFi access or WiFi uplink.

show platform hardware subslot 0/3 module device "config start"

show platform hardware subslot 0/3 module device “send_cmd configure dot11Radio <0|1> mode root-ap”

show platform hardware subslot 0/3 module device “config end”

Enable Concurrent Radio.

N/A

If root-radio is configured, it will be enabled. There is no additional CLI for it.

On the Router, configure a unique MAC address for WGB uplink VLAN interface:

interface Vlan <WGB uplink VLAN number>
mac-address <unique mac addr>

Note

 
<unique mac address> - Derived from GigabitEthernet0/0/0 interface mac address + 4

Configure the SSID profile with a customer-defined name.

show platform hardware subslot 0/3 module device “config start”

Configure SSID (in the profile) with a customer-defined name.

Configure the Authentication type (in the profile).

show platform hardware subslot 0/3 module device "config start”

show platform hardware subslot 0/3 module device “send_cmd configure ssid-profile <profile-name> ssid <ssid-name> authentication <auth-type> key-management <key-mgmt>”

show platform hardware subslot 0/3 module device “config end”

Choose between WGB or uWGB (universal) options.

show platform hardware subslot 0/3 module device “config start”

show platform hardware subslot 0/3 module device “send_cmd configure dot11Radio <0/1> mode uwgb <client mac> ssid-profile <ssid>”

show platform hardware subslot 0/3 module device “config end”

Note

 
<client mac> - Wired client mac connected to the IR1800.

Get running configuration.

Get Wi-Fi Mode.

Get Radio allocated to WGB vs Wi-Fi.

show platform hardware subslot 0/3 module device “show running-config”

Get list of Wi-Fi clients.

show platform hardware subslot 0/3 module device “show controllers dot11 0 client”

show platform hardware subslot 0/3 module device “ show client summary”

Get hardware status.

Get AP status after firmware bootup.

show hw status

Get WGB connection status.

show platform hardware subslot 0/3 module device “show wgb dot11 associations”

show platform hardware subslot 0/3 module device “show run”

Get AP Firmware version.

show platform hardware subslot 0/3 module device “show ver”

Radio traffic monitoring for 2.4 & 5Ghz radio.

show platform hardware subslot 0/3 module device “show interface dot11 <0/1>”
Firmware Upgrade

The firmware on the Cisco Wi-Fi Interface Module (WIM) needs to be upgraded from Cisco IOS XE release 17.9.1 to 17.11.1a. In order to perform the upgrade, the WIM needs to be in CAPWAP mode.

The following figure illustrates the work-flow to upgrade the module:

Prerequisites

The following prerequisites exist:

  • There must be a network connection between the IR1800 and the AP.

  • The IR1800 will need a tftp server enabled for the AP to obtain the images.

Upgrade Steps

This section provides the steps to upgrade the AP Firmware.

Procedure

Step 1

If not already in CAPWAP mode, convert from your existing mode to CAPWAP.

Example:
# ap-type capwap
AP serving in WGB mode, system will reboot when ap type is changed to CAPWAP.
Do you want to proceed? (y/n): Y

  1. Reload the device.

  2. Log back in with Username/Password.

Step 2

Upgrade the CAPWAP 17.11.1a images.

  1. archive download-sw /reload tftp://<IP of IR1800 TFTP>/ap1g8-k9w8-tar.<version>

  2. The device will reload automatically.

  3. Log back in with Username/Password.

Step 3

Upgrade the second image.

  1. archive download-sw /reload tftp://<IP of IR1800 TFTP>/ap1g8t-k9c1-tar.<version>

  2. Allow the image to upgrade.

    *********************************************************
Detected field upgrading URWB by CAPWAP image...
New URWB image will be added into flash, but EWC will be removed.
Are you sure to proceed? (y/n) Y

  3. The device will reload automatically.

  4. Log back in with Username/Password.

Step 4

Once the upgrade is completed, the configure boot mode command can be used to swap from CAPWAP to URWB mode. 

#configure boot mode urwb
Image swapping will restore the device to factory settings.
Are you sure to proceed? (y/n) Y

Step 5

You can verify the AP version with the show version command. 

#show version
Cisco AP Software, (ap1g8t), [build-info]
Processor board ID FOC251943PG
AP Running Image     : 11.4.8.87
Primary Boot Image   : 11.4.8.87
Backup Boot Image    : 11.4.8.87
What to do next

If you want to perform a downgrade from Cisco IOS XE release 17.11.1a back to 17.9.1, perform the following:

#archive download-sw /reload tftp://<IP of IR1800 TFTP> /ap1g8

The image will download and the device will reload. The device comes back up in CAPWAP mode using Cisco IOS XE 17.9.1

Switch Between CAPWAP and WGB Mode

In Cisco IOS XE 17.11.1a, support has been added for switching the Cisco Wi-Fi Interface Module (WIM) running mode between Control and Provisioning of Wireless Access Points Protocol (CAPWAP) mode and workgroup bridge (WGB) concurrent radio mode. This feature applies to the WIM that already has the CAPWAP image on Cisco IOS XE 17.11.1a and the unified client image.

The following table shows the command and corresponding behaviors to support the switch mode operation:

Current Mode

Target Mode

CLI

Behavior

CAPWAP

WGB concurrent radio

show platform hardware subslot 0/3 module device "config start"

show platform hardware subslot 0/3 module device "configure boot mode wgb"

show platform hardware subslot 0/3 module device "config end"

Factory reset and the WP-WIFI6-x will run the unified client image

WGB concurrent radio

CAPWAP

show platform hardware subslot 0/3 module device "config start"

show platform hardware subslot 0/3 module device "configure boot mode capwap"

show platform hardware subslot 0/3 module device "config end"

Factory reset and the WP-WIFI6-x will run the CAPWAP image

GNSS Support on the GPS/Dead Reckoning Module (IRM-GNSS-ADR)

Prior to the Cisco IOS XE 17.11.1a release, the only GNSS constellation supported was GPS. This release introduces support for GPS and Galileo.


Note
Only ONE constellation can be enabled at a time.

There are new CLI options available to support the new constellation:

Configuration Commands:
(config-controller)# controller gps
<no> dead-reckoning constellation <gps | galileo |gnss >

Note
The default setting is gps mode. The new galileo and gnss options in the above CLI example is used to configure Galileo and Multiple/Simultaneous GNSS (GPS + Galileo etc) respectively.
Show Commands
show platform hardware gps <mode | status | details>
....
Current Constellation Configured =  gps | galileo | gnss
....

Any changes made to the configuration will require the router to be rebooted.

More information is available in the Configuring GPS chapter of the IR1800 Software Configuration Guide.

Major Enhancements in IR8140

This section describes the new features for the IR8140.

Also see the Major Enhancements Common to all IoT Routers.

Galileo Support for GNSS

Hardware on the IR8140 supports the following constellations: GPS, Galileo, GLONASS, BeiDou. By default, GPS and GLONASS are enabled.


Note
Only ONE constellation can be enabled at a time.

For release 17.11.1a, Galileo support will be enabled in addition to the currently enabled GPS and GLONASS. BeiDou support may be added in the future.

Configuration YANG Model and CLI Template Support for WPAN

Currently WPAN supports the operational YANG model but not the configuration model. The configuration model will be implemented that covers the WPAN-specific configuration CLIs under WPAN interfaces, including those part of the WPAN subsystem as well as the mesh-security CLIs. Both WPAN and Virtual-WPAN interfaces will be supported.


Note
The install-firmware command is excluded from this change.

Major Enhancements in IR8340

This section describes the new features for the IR8340.

Also see the Major Enhancements Common to all IoT Routers.

VXLAN L3 Support for the IR8340

VXLAN is a MAC in IP/UDP(MAC-in-UDP) encapsulation technique with a 24-bit segment identifier in the form of a VXLAN ID. The larger VXLAN ID allows LAN segments to scale to 16 million in a cloud network. In addition, the IP/UDP encapsulation allows each LAN segment to be extended across existing Layer 3 networks, making use of Layer 3 equal-cost multipath (ECMP).

There are three modes of configuration that have been tested.

  1. VxLAN with Ingress Replication

  2. VxLAN L3 VNI

  3. VxLAN L2 VNI

Complete information on VXLAN is contained in the BGP EVPN VXLAN Configuration Guide.

Secure Data Wipe

This feature is to ensure the secure data wipe functionality performs the same as the other IoT routers.

Secure data wipe is a Cisco wide initiative to ensure storage devices on all the IOS XE based platforms to be properly purged using NIST SP 800-88r1 compliant secure erase commands. Whenever possible, IoT platforms will leverage the corresponding ENG design and implementation available so far on their platforms.

Performing a Secure Data Wipe

To enable the feature, perform the following:

Router#factory-reset all secure
The factory reset operation is irreversible for securely reset all. Are you sure? [confirm]Y

Important
This operation may take hours. Please do not power cycle.

To check the log after the command is executed, and booting up IOS XE, perform the following:

Router#show platform software factory-reset secure log
Factory reset log:
#CISCO DATA SANITIZATION REPORT:# IR1800
Purge ACT2 chip at 12-08-2022, 15:17:28
ACT2 chip Purge done at 12-08-2022, 15:17:29
mtd and backup flash wipe start at 12-08-2022, 15:17:29
mtd and backup flash wipe done at 12-08-2022, 15:17:29.

Major Enhancements Common to all IoT Routers

This section describes the new features that are common to all routers.

Change to Smart Licensing Packaging

This release brings the IoT routing products inline with other Integrated Service Routers (ISR).

Smart Licensing Overview

Cisco Smart Licensing is a flexible licensing model that provides users with an easier, faster, and more consistent way to purchase and manage software across the Cisco portfolio and across their organization. And it’s secure. With Smart Licensing users get:

  • Easy Activation: Smart Licensing establishes a pool of software licenses that can be used across the entire organization—no more Product Activation Keys (PAKs).

  • Unified Management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco products and services in an easy-to-use portal, so you always know what you have and what you are using.

  • License Flexibility: Your software is not node-locked to your hardware, so you can easily use and transfer licenses as needed.

Smart Licensing Using Policy (SLP), was previously referred to as Smart Licensing Enhanced (SLE), and is the default mode starting with Cisco IOS-XE release 17.3.2. SLE replaced Smart Software Licensing. This feature change for Cisco IOS XE release 17.11.1a focuses on the licensing packaging.

License Levels

The following are the license levels available for all Cisco IR devices.

Base Licenses

  • Network Essentials

  • Network Advantage (includes Network Essentials)


Note
These licenses are ordered through Cisco Commerce Workspace (CCW), and are permanent.

Add-on Licenses — These can be subscribed for a fixed term of three, five, or seven years.

  • Digital Networking Architecture (DNA) Essentials

  • DNA Advantage (includes DNA Essentials)


Note
These licenses are ordered through Cisco Commerce Workspace (CCW), and relate to DNA-C and SDWAN. For further information, see the Cisco SD-WAN and Cisco DNA Center web pages.

The following tables provide details on the licensing levels:

Table 4. Network Essentials (Perpetual License)

Essential Switch Capabilities

Layer 2, Routed Access(RIP, EIGRP Stub, OSPF (1000 routes)), PBR, PIM Stub Multicast (1000 routes) PVLAN, VRRP, PBR, CDP, QoS, FHS, 802.1x, Macsec-128, CoPP, SXP, IP SLA Responder SSO

Note

 
For the device to be compliant with the DNA Essential License it must not exceed 1000 routes in the routing table regardless of how the routes were learned.

DevOps Integration

  • Netconf, Restconf, gRPC

  • Yang Data Models

  • GuestShell (On-Box Python)

  • PnP Agent, ZTP
Table 5. Network Advantage (Perpetual License) Contains all of the Network Essentials plus the following:

IoT & Mobility

CoAP

Full Routing Functionality

BGP, HSRP, OSPF, ISIS,GLBP

Flexible Network Segmentation

VRF, VXLAN, LISP, SGT, MPLS

High Availability & Resiliency

NSF, GIR, Stackwise Virtual*, ISSU/eFSU, Patching (CLI)

Optimize Bandwidth Utilization with Multicast

MSDP, mVPN, AutoRP, PIM-BIDIR
Table 6. DNA Essentials (3,5,7 year terms)

Basic Automation

  • PnP Application

  • LAN Automation

  • Embedded Event Manager

Basic Assurance

  • Health Dashboards – Network and Client

  • Basic Device & Wired Client Health Monitoring
Table 7. DNA Advantage (3,5,7 year terms) Contains all of the DNA Essentials plus the following:

Advanced Automation

  • Encrypted Traffic Analytics

  • DNA Service for Bonjour

Assurance & Analytics

  • Compliance, Custom Reports

  • Switch 360 & Wired Client 360
Licensing Throughput Levels

In addition to configuring the license level, it is also possible to configure the throughput level on the device. The throughput level determines the bandwidth limit which is applied to encrypted traffic. There is no limit applied to the non-encrypted (clear) traffic going through a device.


Important
To comply with global export regulations, if more than 250Mbs of encrypted traffic is required, then an “uncapped” – platform dependent – selection must be done on CCW, as well as an HSEC license.

This limit is imposed bidirectionally. This means that if the throughput limit is set to 250Mbps then up to 250Mbps of encrypted traffic can flow through the device in either direction. For example, the device can both receive and transmit up to 250Mbps of encrypted traffic. There is no limit applied on unencrypted traffic.

When the throughput level on the device is set to ‘uncapped’ there are no limits imposed on both encrypted and unencrypted traffic flowing through it.


Note
To avoid confusion on throughput limits and IOS XE software releases, please note the following:

Cisco IOS XE release 17.11.1a and earlier running on the ESR6300, IR1800, and IR8140 platforms support boost, uncapped, and unlimited licenses. These are configured using the platform hardware throughput level 2G CLI.

Future Cisco IOS XE release 17.12.1 and later running on the ESR6300, IR1800, and IR8140 support the same licenses, but will be configured using the platform hardware throughput level uncapped CLI.

With future Cisco IOS XE release 17.12.1 and later, the platform hardware throughput level 2G and the platform hardware throughput level uncapped CLIs will both provide the same throughput as the uncapped license.

The following table shows the throughput limits (also referred to as Tier license) supported on IoT devices as of Cisco IOS XE 17.11.1a release.

Platform

25 Mbps bidirectional (Tier 0)

50 Mbps bidirectional

Up to 200 Mbps bidirectional (Tier 1)

250 Mbps bidirectional

2 Gbps

Uncapped (Tier 2)

ESR 6300

N/A

Yes

N/A

Yes

Yes

To be supported starting with 17.12.1

ESR-6300-LIC-K9

N/A

Yes

N/A

N/A

N/A

Yes

IR1101

N/A

N/A

N/A

Yes

N/A

Supported starting with 17.10.1.

IR1800

N/A

Yes

N/A

Yes

Yes

To be supported starting with 17.12.1

IR8100

N/A

Yes

Yes

Yes

Yes

To be supported starting with 17.12.1

IR8300

Yes

N/A

Yes

N/A

N/A

Yes
Command Line Interface

The following commands are available:

license boot level <network-essentials/network-advantage>

The throughput level can be configured using the following CLI on all IR devices except IR8300:

platform hardware throughput level <limit>

On the IR8300, the throughput level can be configured using the following CLI:

platform hardware throughput crypto <limit>

To see the throughput configured on the device, use the following CLI:

show version | include throughput 
The current crypto throughput level is: 50000 kbps

Galileo Support on the LTE Pluggable Modules

With Cisco IOS XE 17.11.1a and earlier, the only GNSS constellation supported was GPS. This release introduces support for Galileo.


Note
Only ONE constellation can be enabled at a time.

There are new CLI options available to support the new constellation:

Configuration Commands
config# controller cellular <slot/port>
(config-controller)# <no> lte gps constellation <gps | galileo | gnss >

Example:

(config-controller)#lte gps constellation ?
  galileo  select Galileo as active constellation
  gps      select GPS as active constellation
  gnss      select multiple GNSS as active constellation

Note
The default setting is gps mode.

The new galileo and gnss options in the above CLI are used to configure Galileo and Multiple/Simultaneous GNSS (GPS + Galileo etc) respectively.

If you disable the GPS configuration, ensure there is no constellation configured, consistent with GPS mode configuration. For example: 

config# controller Cellular 0/1/0
(config-controller)# no lte gps constellation gps
Show Commands

The following example shows the current GNSS constellation as Galileo:

#show cellular 0/1/0 gps detail
GPS Feature =  enabled
GPS Mode Configured =  standalone
Current Constellation Configured =  galileo | gps | gnss
GPS Port Selected =  Dedicated GPS port
GPS Status =  GPS acquiring

Any changes made to the configuration will require the router to be rebooted.

More information is available in the Cellular Pluggable Interface Module Configuration Guide.

Related Documentation

Cisco Catalyst IR1101 Rugged Series Router

IR1101 documentation landing page

Cisco Catalyst IR1800 Rugged Series Router

IR1800 documentation landing page

Cisco Catalyst IR8140 Heavy Duty Series Router

IR8100 documentation landing page

Cisco Catalyst IR8340 Rugged Series Router

IR8340 documentation landing page

Cisco ESR6300 Embedded Series Router

ESR6300 documentation landing page

Product Independent Documentation

Cisco Industrial Routers and Industrial Wireless Access Points Antenna Guide

Cisco IOS XE 17.x

Cisco SD-WAN

Cisco IoT Field Network Director

Cisco Industrial Network Director

Cisco IoT Operations Dashboard

Known Limitations

Smart Licensing Using Policy

Starting with Cisco IOS XE 17.6.1, with the introduction of Smart Licensing Using Policy, even if you configure a hostname for a product instance or device, only the Unique Device Identifier (UDI) is displayed. This change in the display can be observed in all licensing utilities and user interfaces where the hostname was displayed in earlier releases. It does not affect any licensing functionality. There is no workaround for this limitation.

The licensing utilities and user interfaces that are affected by this limitation include only the following: Cisco Smart Software Manager (CSSM), Cisco Smart License Utility (CSLU), and Smart Software Manager On-Prem (SSM On-Prem).

IOx on the ESR6300


Note
IOx development is not supported on the ESR6300. While this is platform independent code, it is unsupported and untested on this device.

Deprecation of Weak Ciphers in Cisco IOS XE Release 17.11.1 and Later

The minimum Rivest, Shamir, and Adleman (RSA) key pair size must be 2048 bits. The compliance shield on the device must be disabled using the crypto engine compliance shield disable command to use the weak RSA key.

For additional information see Field Notice: FN - 72511 - RSA Keys Less Than 2048 Bits Are Not Supported for SSH in Cisco IOS XE Release 17.11.1 and Later - Workaround Provided.

Expansion Module on the IR1101

The expansion module IR1101 does not support +1500 MT size on LAN interfaces. See this Caveat for details.

Standalone MAC Authentication Bypass (MAB) Limitation

Standalone MAC Authentication Bypass (MAB) is an authentication method that grants network access to specific MAC addresses regardless of 802.1X capability or credentials. The IR1100 crashes with concurrent IPSec traffic and macsec traffic (device to client).

Refer to the following table for details:

Details

Release Affected

Release Fixed

MAB/Dot1x may not work if the global type-6 encryption setting is enabled.

If users still want to use MAB/Dot1x, they should disable the type-6 encryption and enable type-7 encryption.

17.4.X

17.5.X

17.6.1

17.6.2

17.7.1

17.3.5

Fixed in these future releases:

17.6.3

17.7.2

17.8.1 and later.

dACL and device-tracking features are not supported on the IR1101 and ESR6300 due to a hardware limitation. dACL is supported on the IR1800 series.

Therefore, features such as MAB and Dot1x should not be used with the optional dACL/device-tracking enabled.

Note

 
Occurs in all releases.

Hardware limitation, no software fix available.

Caveats

Caveats describe unexpected behavior in Cisco IOS XE releases. Caveats listed as open in a prior release are carried forward to the next release as either open or resolved.

The Cisco Bug Search Tool (BST) is a gateway to the Cisco bug-tracking system, which maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. The BST provides you with detailed defect information about your products and software.

Open Caveats in Cisco IOS XE 17.11.1a

To view the details of a caveat, click on the identifier.

Identifier

Description

Platform

CSCwc31184

FN980: ATT sim attached with wrong profile during sim switching.

P-5GS6-GL

CSCwa76815

Line range limitations on controller mode.

IR1101

CSCvz30726

High CF/TE,Turnaround and Latency number after reload of router.

IR8340

CSCwa92737

IR8340 throws CPP/FMAN Download errors on attaching ngsw class-map using etype classification.

IR8340

CSCwb40769

PTP Dot1as Latency accuracy is seen 13ms on latest 1781 image

IR8340

CSCvz19429

PTP Forward mode functionality is not working.

IR8340

CSCvw58347

Last reporter of IGMPV3 report is all "0" if receiver connected on SVI interface.

IR8340

CSCwc28468

SDWAN mode: vManage always fails to push any template to device if device is running in FIPS mode.

ESR6300

CSCwd09947

Day0 Webui Error: Router failed to issue 192.168.x.x address to workstation for dayzero WebUI launch.

IR1101

IR1800

CSCwd58723

IR1100 crashes with concurrent IPSec traffic and macsec traffic (device to client).

IR1101

CSCwd38611

FN980 modem is not showing in show inventory after multiple modem-power cycle.

P-5GS6-GL

CSCwf22381

WAN SFP link goes down after reloading Peer.

IR1800

CSCwf84896

Bootflash doesn't have enough space to install new image

IR1101

Resolved Caveats in Cisco IOS XE 17.11.1a

To view the details of a caveat, click on the identifier.

Identifier

Description

Platform

CSCwd56131

LTE modem doesn't show GSM bands.

Note

 
This defect started with release 17.5.1

IR1101
CSCwd28373

ESR-6300 can´t ping from SVI to another ESR-6300 SVI.

ESR 6300
CSCwc25912

PUNT Policer messages when DLEP conf is attached.

ESR6300

CSCwc24547

Cellular serviceability feature is not enabled on IR8340

IR8340

Communications, Services, and Additional Information

  • To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

  • To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.

  • To submit a service request, visit Cisco Support.

  • To discover and browse secure, validated enterprise-class apps, products, solutions, and services, visit Cisco DevNet.

  • To obtain general networking, training, and certification titles, visit Cisco Press.

  • To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Documentation Feedback

To provide feedback about Cisco technical documentation, use the feedback form available in the right pane of every online document.

Cisco Support Community

Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers. Join the forum at: https://supportforums.cisco.com/index.jspa.

Cisco Bug Search Tool (BST)

The Cisco Bug Search Tool (BST) is a gateway to the Cisco bug-tracking system, which maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. The BST provides you with detailed defect information about your products and software.

Abbreviated Cisco Trademarks

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)