Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2511
Views
10
Helpful
5
Replies

Cisco Router 1941 IOS Ugrade

Go to solution
Manuel Cruz
Level 1
Level 1

‎04-08-2015 02:42 PM - edited ‎03-05-2019 06:55 AM

I have 3 1941 Routers with IOS version 15.1(4)M3(MD). I noticed that the latest releases are into the 15.5's but the stable recommended ones are 15.4's. My question is that are there any pre-req's or suggested upgrades paths before getting 15.3.3M5(MD)? Also same goes for the next stable one 15.4.3M2(ED) and I do know the differences between ED and MD just wasn't sure of the orders. Any help is appreciated.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Paulo Vasquez
Level 1
Level 1
In response to Manuel Cruz

‎04-09-2015 12:42 PM

Yes, the bootstrap is the Rommon version but in most of the times you don't need to upgrade that.  Actually the "latest" Rommon version is from AUG-2012 so the router should come with the latest.

If you choose a No Payload Encryption (NPE) image, it will not support any crypto or IPSEC features.

 

Q. What is the difference between K9 and NPE images?
 
A. NPE is an image for exporting to countries that might have import restrictions on encryption technologies. It does not allow payload encryption. The K9 image consists of cryptographic features such as Secure Shell (SSH) Protocol and support for IP Security (IPSec).
http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-software-releases-12-2-sx/qa_c67-661785.html
 

View solution in original post

5 Replies 5

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎04-08-2015 03:33 PM 

My question is that are there any pre-req's or suggested upgrades paths before getting 15.3.3M5(MD)?

You can go direct to the release you want.  Just make sure you read the Release Notes and take the time to upgrade the Bootstrap as well.

Also same goes for the next stable one 15.4.3M2(ED) and I do know the differences between ED and MD just wasn't sure of the orders.

MD stands for Maintenance Release and has a lot of bug fixes.  I'd recommend people to use MD instead of ED.

Go to solution
Manuel Cruz
Level 1
Level 1
In response to Leo Laohoo

‎04-09-2015 06:38 AM

Leo your awesome I appreciate the knowledge. As for the ios I noticed that there's always an option with or without payload encryption. Does it matter in a security sense for this choice? Also is the rommon upgrade update the bootstrap or is it another software type?

0 Helpful

Go to solution
Paulo Vasquez
Level 1
Level 1
In response to Manuel Cruz

‎04-09-2015 12:42 PM

Yes, the bootstrap is the Rommon version but in most of the times you don't need to upgrade that.  Actually the "latest" Rommon version is from AUG-2012 so the router should come with the latest.

If you choose a No Payload Encryption (NPE) image, it will not support any crypto or IPSEC features.

 

Q. What is the difference between K9 and NPE images?
 
A. NPE is an image for exporting to countries that might have import restrictions on encryption technologies. It does not allow payload encryption. The K9 image consists of cryptographic features such as Secure Shell (SSH) Protocol and support for IP Security (IPSec).
http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-software-releases-12-2-sx/qa_c67-661785.html
 

Go to solution
Manuel Cruz
Level 1
Level 1
In response to Paulo Vasquez

‎04-09-2015 01:21 PM

Thank you Paulo, just got off the phone with a tech from Cisco since my 3 routers are covered under a contract. Looks like I was having trouble importing the file via tftp using filezilla so I switched to using the TFTPd32 and issued command ip tftp source-interface (Interface connected to network of tftp server)  and that did it. As for the bootstrap file my version is older then 2012 but the tech said that it didn't need to be upgraded because I wasn't updating any hardware items. Thanks Paulo.

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to Manuel Cruz

‎04-09-2015 04:54 PM 

Does it matter in a security sense for this choice?

It matters to me.  If I use an IOS with a "K9" this means I can run SSH and other crypto-related commands.  Very useful.  

Also is the rommon upgrade update the bootstrap or is it another software type?

When you boot up an appliance, the bootstrap is run FIRST before the IOS gets loaded into the memory.  So it's another type of software upgrade.  If you are smart, you can upgrade the bootstrap AND the IOS with one reboot of the appliance.  And this is how it's done: 

 

1.  Copy the IOS into the appliance.  Do everything you need to do, like change the boot variable string (if required) but DO NOT REBOOT the appliance just yet; 

2.  Upgrade the ROMmon using the command:  upgrade rom-monitor file tftp://<TFTP IP address>/bootstrap_filename

When you upgrade the bootstrap the router will automatically reboot the appliance.  So, one reboot only.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card