Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco Router 1941 IOS Ugrade

I have 3 1941 Routers with IOS version 15.1(4)M3(MD). I noticed that the latest releases are into the 15.5's but the stable recommended ones are 15.4's. My question is that are there any pre-req's or suggested upgrades paths before getting 15.3.3M5(MD)? Also same goes for the next stable one 15.4.3M2(ED) and I do know the differences between ED and MD just wasn't sure of the orders. Any help is appreciated.

  • WAN Routing and Switching
Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Yes, the bootstrap is the

Yes, the bootstrap is the Rommon version but in most of the times you don't need to upgrade that.  Actually the "latest" Rommon version is from AUG-2012 so the router should come with the latest.

If you choose a No Payload Encryption (NPE) image, it will not support any crypto or IPSEC features.

 

Q. What is the difference between K9 and NPE images?
 
A. NPE is an image for exporting to countries that might have import restrictions on encryption technologies. It does not allow payload encryption. The K9 image consists of cryptographic features such as Secure Shell (SSH) Protocol and support for IP Security (IPSec).
http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-software-releases-12-2-sx/qa_c67-661785.html
 
5 REPLIES
Hall of Fame Super Gold

My question is that are there

My question is that are there any pre-req's or suggested upgrades paths before getting 15.3.3M5(MD)? 

You can go direct to the release you want.  Just make sure you read the Release Notes and take the time to upgrade the Bootstrap as well.

Also same goes for the next stable one 15.4.3M2(ED) and I do know the differences between ED and MD just wasn't sure of the orders. 

MD stands for Maintenance Release and has a lot of bug fixes.  I'd recommend people to use MD instead of ED.

New Member

Leo your awesome I appreciate

Leo your awesome I appreciate the knowledge. As for the ios I noticed that there's always an option with or without payload encryption. Does it matter in a security sense for this choice? Also is the rommon upgrade update the bootstrap or is it another software type?

New Member

Yes, the bootstrap is the

Yes, the bootstrap is the Rommon version but in most of the times you don't need to upgrade that.  Actually the "latest" Rommon version is from AUG-2012 so the router should come with the latest.

If you choose a No Payload Encryption (NPE) image, it will not support any crypto or IPSEC features.

 

Q. What is the difference between K9 and NPE images?
 
A. NPE is an image for exporting to countries that might have import restrictions on encryption technologies. It does not allow payload encryption. The K9 image consists of cryptographic features such as Secure Shell (SSH) Protocol and support for IP Security (IPSec).
http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-software-releases-12-2-sx/qa_c67-661785.html
 
New Member

Thank you Paulo, just got off

Thank you Paulo, just got off the phone with a tech from Cisco since my 3 routers are covered under a contract. Looks like I was having trouble importing the file via tftp using filezilla so I switched to using the TFTPd32 and issued command ip tftp source-interface (Interface connected to network of tftp server)  and that did it. As for the bootstrap file my version is older then 2012 but the tech said that it didn't need to be upgraded because I wasn't updating any hardware items. Thanks Paulo.

Hall of Fame Super Gold

Does it matter in a security

Does it matter in a security sense for this choice? 

It matters to me.  If I use an IOS with a "K9" this means I can run SSH and other crypto-related commands.  Very useful.  

Also is the rommon upgrade update the bootstrap or is it another software type?

When you boot up an appliance, the bootstrap is run FIRST before the IOS gets loaded into the memory.  So it's another type of software upgrade.  If you are smart, you can upgrade the bootstrap AND the IOS with one reboot of the appliance.  And this is how it's done: 

 

1.  Copy the IOS into the appliance.  Do everything you need to do, like change the boot variable string (if required) but DO NOT REBOOT the appliance just yet; 

2.  Upgrade the ROMmon using the command:  upgrade rom-monitor file tftp://<TFTP IP address>/bootstrap_filename

When you upgrade the bootstrap the router will automatically reboot the appliance.  So, one reboot only.

120
Views
10
Helpful
5
Replies
This widget could not be displayed.