cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2475
Views
0
Helpful
8
Replies

ISR 4331 missing comands

Garrison Botts
Level 4
Level 4

Hello,

 

New to the ISR 4400s and I'm finding that there are some commands that seem to be missing.. I'm trying to do very simple things like prevent snmp,ssh, etc.. to any IP other than the management interface (G0).. 

I've tried using MPP - the "control-plane host" command is missing. 

I've tried using ACL/Class Map/Policy Map/ Service-Policy -  the "drop" command is missing from the Policy Map ... 

Is there something I've not done? This routers are right out the box and have the  version of code isr4400-universalk9.03.16.04b.S.155-3.S4b-ext.SPA.bin... 

Thanks for any help..

 

 

1 Accepted Solution

Accepted Solutions

id say its in the sec license but the feature navigator link i provided should show you exactly you can pick the software and license version and see what features are available for that platform/software

View solution in original post

8 Replies 8

Mark Malone
VIP Alumni
VIP Alumni

MPP should be in that code i use it , what does it show you when you check the help ?
i have 155.3 in flash but moved up slightly recently

 


XXX(config)#control-plane host
XXX(config-cp-host)#?
Control Plane host configuration commands:
exit Exit from control-plane host configuration mode
management-interface Configure interface for receiving network management traffic
no Negate or set default values of a command

XXX(config-cp-host)#do sh ver | i 15
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(3)S5a, RELEASE SOFTWARE (fc3)
System image file is "bootflash:isr4300-universalk9.03.16.05a.S.155-3.S5a-ext.SPA.bin"
XXX(config-cp-host)#


That's what's so crazy... I'm only seeing :

nR-IR-02(config-cp)#?
Control Plane configuration commands:
exit Exit from control-plane configuration mode
no Negate or set default values of a command
service-policy Configure QOS Service Policy

 

nR-IR-02(config-cp)#do sh ver | i 15
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(3)S4b, RELEASE SOFTWARE (fc1)
System image file is "bootflash:isr4400-universalk9.03.16.04b.S.155-3.S4b-ext.SPA.bin"

hmm what license you got running i got appxk9, securityk9,ipbasek9 and voice but it wouldnt be in the uck

 

feature navigator

http://cfn.cloudapps.cisco.com/ITDIT/CFN/jsp/index.jsp

Cisco just checked and it looks like just the base license... one would think that the control plane configuration would be on that seeing as how it's to secure the router... I'm gonna have to do a little research with the customer to see what the deal is.. 

id say its in the sec license but the feature navigator link i provided should show you exactly you can pick the software and license version and see what features are available for that platform/software

I'm pretty much in agreement here...  I'm looking at the security license... It's crazy to me that "securing" the actual control plane would require a different license nowadays... 

 

Garrison Botts
Level 4
Level 4

I've got Cisco TAC verifying that supposedly as we speak.... 

bcoverstone
Level 1
Level 1

I have one of the ISR 4400s with the securityk9 and it also is missing the "control-plane host" command. After over an hour of searching, there isn't any good documentation on the difference between IOS and IOS-XR, but this appears to be one of those things. (it's also how I found this post)

For future people Googling this, the IOS-XE COPP/COPR is handled differently than IOS and works on control-plane instead of control-plane host.

I believe this is the documentation:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/16-6/configuration_guide/sec/b_166_sec_3850_cg/configuring_control_plane_policing.html

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco