I have tried 12.4(13b), 12.4.(17) c1700-advsecurityk9-mz.123-20a.bin,c1700-advsecurityk9-mz.124-12.bin.

trere is the config below:

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname VPN-Carl
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
aaa authorization network localgroups local
!
!
aaa session-id common
memory-size iomem 25
ip cef
no ip dhcp use vrf connected
no ip dhcp conflict logging

!
ip dhcp pool Contractor
   network x.x.x.0 255.255.255.0
   dns-server x.x.x.x
   default-router x.x.x.x
   netbios-name-server x.x.x.x
!
ip dhcp pool DHCPPOOL-Voice
   network y.y.y. 255.255.255.0
   option 150 ip y.y.y.y
   default-router y.y.y.y
   dns-server y.y.y.y
!
!
no ip domain lookup
!
!
!
!
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key 543b33rg0gles!8199 address z.z.z.z no-xauth
crypto isakmp keepalive 20 3
!
!
crypto ipsec transform-set cvp esp-3des esp-md5-hmac
mode transport
!
crypto ipsec profile nocvpn
set transform-set vpn
!
!
!
!
!
interface Tunnel1
bandwidth 1000
ip address t.t.t.t 255.255.255.240
no ip redirects
ip mtu 1436
ip nhrp authentication nocvpn
ip nhrp map multicast t.t.t.t
ip nhrp map y.y.y.y z.z.z.z
ip nhrp network-id 8199
ip nhrp nhs y.y.y.y
delay 1000
tunnel source FastEthernet4
tunnel mode gre multipoint
tunnel key 543403819
tunnel protection ipsec profile nocvpn
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
switchport access vlan 2
!
interface FastEthernet4
ip address dhcp
duplex auto
speed auto
!

ip http server
no ip http secure-server
!
access-list 20 permit 192.x.r.0 0.0.0.255
access-list 20 permit 10.x.0.0 0.0.255.255
access-list 20 deny   any
!
!
!
control-plane
!
!
line con 0
exec-timeout 999 0
no modem enable
line aux 0
line vty 0 4
access-class 20 in
exec-timeout 5 0
authorization exec local_author
login authentication local_authen
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 20000 1000
end

Here is command reference guide for 12.3

I don't see the command you posted here

http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_i2g.html

HTH

Reza

This iswhen I downgraded the unit to 12.3 . Cisco web site claims that the command : ip nhrp cache non-authoritative this command was introduced in 12.3(7T): https://www.cisco.com/en/US/docs/ios/security/command/reference/sec_i2.html .

Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-ADVSECURITYK9-M), Version 12.3(13b), RELEASE SOFT
WARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Thu 11-Aug-05 13:18 by alnguyen
Image text-base: 0x8000816C, data-base: 0x81009648

ROM: System Bootstrap, Version 12.2(4r)XL, RELEASE SOFTWARE (fc1)
ROM: C1700 Software (C1700-ADVSECURITYK9-M), Version 12.3(13b), RELEASE SOFTWARE
(fc2)

GP-OFFICE uptime is 0 minutes
System returned to ROM by power-on
System restarted at 06:46:49 UTC Wed May 11 2005
System image file is "flash:c1700-advsecurityk9-mz.123-13b.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html you require further assistance please contact us by sending email to
export@cisco.com. 1760 (MPC860P) processor (revision 0x200) with 49152K/16384K bytes of memo
ry.
Processor board ID FOC07100SML (2976509824), with hardware revision BB67
MPC860P processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
32K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)

If

cisco

Configuration register is 0x2102

Try downloading a T (train) version

There is no 12.3(T) available on the cisco web site.

Now Router is running the follow inmage 12.4(4)T8, but still cannot find the command mentionned above under the tunnel interface. Is there a prerequisit command that I have to type first below this command appears under the tunnel interface??

Cisco IOS Software, C1700 Software (C1700-ADVSECURITYK9-M), Version 12.4(4)T8, R
ELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Fri 10-Aug-07 14:21 by khuie

ROM: System Bootstrap, Version 12.2(4r)XL, RELEASE SOFTWARE (fc1)

GP-OFFICE uptime is 8 minutes
System returned to ROM by reload
System image file is "flash:c1700-advsecurityk9-mz.124-4.T8.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

Thanks,