What's new in Cisco Packet Tracer 7.2 ?
Packet Tracer 7.2 workspace improvements :
- New themes
- Align workspace objects
- Ability to deploy device to specific rack
- Assessibility update
- Ability to name a rack
Protocol and software improvements :
- PPPoE support
- 802.1x (useful for CCNP switch preparation)
- Answer tree filter
- Real TCP server (see Packet Tracer 7.2 - Real HTTP server using SBC device tutorial)
- Real Websocket
- Real-time activity grading
- Additional IOS security features
- Protocol improvements (see below)
New devices in Packet Tracer 7.2 :
- ASA 5506-X firewall (FirePOWER features not supported) (see Lab 18 - DMZ configuration with ASA 5506-X )
- Meraki security appliance
- Meraki server (for Meraki security appliance centralized configuration, emulating Cisco Meraki dashboard)
- Home router with advanced wireless capabilities (2.4G, 5G, beamforming, wireless bridge, ...)
Meraki server and security appliance are the first two devices emulating Cisco Meraki cloud managed network equipment.
A valid Cisco Netacad account is needed to use Packet Tracer 7.2 . Netacad login is required once after every PC reboot.
Protocol improvements :
- HSRP configurationis now supported on Cisco ISR 2911 sub-interfaces (example : int gi0/0.10)
- debug ip packet command is now supported in Packet Tracer 7.2
- debug ip eigrp command is now supported in Packet Tracer 7.2
- DHCPv6 client is now supported on ISR1941 router interfaces
- Cisco Packet Tracer routers and switches can now act as ntp servers using the ntp master <1-15> IOS command. The show ntp association and show ntp status commands allow NTP peering verification. NTP routers can now be chained for time sync (router acting as both NTP client and NTP master)
The following improvements are expected in a future Packet Tracer release (ie : not included in Packet Tracer 7.2) :
- VTP v3 support is expected on Catalyst 3650 (VTP Version capable : 1 to 3 but no option to move to vtp v3 using vtp version)
- Private vlans and vlan-acl support is expected on IOS 15 in a future Packet Tracer release
- ip rip authentication command is expected in a future Packet Tracer release
New devices in Cisco Packet Tracer 7.2
Cisco ASA 5506-X firewall
Cisco ASA 5506 is an upgrade from legacy Cisco ASA5505 which have been end of sale since August 2017. It incorporates the Cisco FirePOWER IPS technology, provides next-generation Intrusion Prevention (NGIPS), Application Visibility and Control (AVC), Advanced Malware Protection (AMP) and URL Filtering.
ASA 5506 is available in three models, but only ASA 5506X is emulated in Cisco Packet Tracer 7.2 :
- Desktop model 5506-X (emulated in Cisco Packet Tracer 7.2),
- Integrated wireless access point model 5506W-X
- Ruggedized model 5506H-X for industrial control systems and critical infrastructure environment.
ASA 5506-X is emulated with software version 9.6(1) and Security Plus license. Cisco FirePOWER features are not emulated in Cisco Packet Tracer.
The following features are licenced for this ASA 5506 platform in Cisco Packet Tracer 7.2 :
Running Permanent Activation Key: 0xEEA307B2 0x6A05C832 0x36EEC339 0x9E62CC58 0x4946D561
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
Maximum VLANs : 30 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Standby perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 50 perpetual
Total VPN Peers : 50 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total UC Proxy Sessions : 160 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Disabled perpetual
This platform has an ASA 5506 Security Plus license.
Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
Cisco Adaptive Security Appliance Software Version 9.6(1)
Meraki security appliance
A simplified version of the Cisco Meraki Security Appliance, model MX65W, has been added in Cisco Packet Tracer 7.2.
Meraki Security Appliance is a cloud managed Unified Threat Management (UTM) devices with Software Defined Wide Area Networking (SD-WAN) and wireless capabilities included.
Basic networking configuration can be achived via an HTTP session from a PC directly connected to the security appliance through the URL http://setup.meraki.com (login is the serial number of the appliance displayed on the config tab, no password). However, wireless and security functions have to be configured through the Meraki Server via the URL https://dashboard.meraki.com after having linked the Security Appliance to the Meraki Server.
Supported features of the MX65W Meraki appliance are :
- Addressing & VLANs
- DHCP server
- Wireless Access Point. Supported security modes are Open, WEP, WPA2 PSK, and WPA2 Enterprise.
- Firewall (outbound rules only)
- PPPoE internet connection
Home Router
Home Router has been added in Cisco Packet Tracer 7.2 to emulate Linksys WRT120N Wireless-N Home Router. This home router features advanced wireless capabilities:
- Wireless 2.4G and 5G mode
- Wireless Media Bridge
- Wireless Beamforming
- Per Wireless interface Mac address filtering
- WEP, WPA-PSK, WPA-Enterprise, WPA2-PSK, WPA2-Enterprise with radius server and AES / TKIP encryption
New protocol support in Cisco Packet Tracer 7.2
Wired 802.1x (dot1x) device authentication
Wired 802.1x device authentication has been added to Catalyst switches emulated in Cisco Packet Tracer 7.2 . This feature is available with the following limitations :
- dot1x commands only supported with IOS 15. Update of the switch image is required (IOS 15 images available on the server device) before configuring 802.1x authentication.
- EAP-MD5 is the only EAP protocol supported.
802.1x configuration form has been added to end devices IP configuration utility.
PPPoE authentication
PPPOE support has been added to ISR routers, Meraki Security Appliance, and end devices (PC, servers) in Cisco Packet Tracer 7.2.
PAP and CHAP authentication is supported in Cisco Packet Tracer 7.2
PPPoE is a protocol widely used by Internet Service Providers to provide high speed internet services which can use the same authentication server for both PPP and PPPoE sessions, resulting in a cost savings. It expands the capability of PPP by allowing a virtual point to point connection over a multipoint Ethernet network architecture. PPPoE uses the same methods of compression, authentication, and encryption than PPP.
Real HTTP server and real websocket
Cisco Packet Tracer 7.2 IoT programming features now include a realHttpServer capability which starts an HTTP server accessible from outside the Packet Tracer environment. The HTTP server can be accessed from a web browser installed on the PC running Packet Tracer. In order for this to work correctly one may need to enable the [✔] Enable External Network Access from Device Scripts from the Miscellaneous tab of the Options/Preferences dialog box.
Cisco Packet Tracer 7.2 asks for user permission before starting the web server and listening on port 8765.
Output the C:\Program Files\Cisco Packet Tracer 7.2\saves\7.2\IoT\real-websocket.html test page provided to test the new real websocket capability.
! connected to websocket @ ws://localhost:8765/ws
ping: hello: 10
... pong: hello: 10
ping: hello: 9
... pong: hello: 9
ping: hello: 8
... pong: hello: 8
ping: hello: 7
... pong: hello: 7
ping: hello: 6
... pong: hello: 6
ping: hello: 5
... pong: hello: 5
ping: hello: 4
... pong: hello: 4
ping: hello: 3
... pong: hello: 3
! disconnected from websocket
DHCPv6 client on ISR1941 router
DHCP v6 client is now supported on Cisco Packet Tracer 7.2 ISR1941 router interface. Gigabit Ethernet interface IPv6 address can now be dynamically obtained by DHCP with the "ipv6 address dhcp" IOS command. ISR 1941 router can also act as DHCPv6 server with the "ipv6 dhcp pool <pool name>" command.
RouterClient(config)#interface gigabitEthernet 0/0
RouterClient(config-if)#ipv6 address dhcp
RouterClient(config)#end
RouterClient#show ipv6 interface
GigabitEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::202:17FF:FE61:5C01
No Virtual link-local address(es):
Global unicast address(es):
2001:DB8:1111:0:9364:8387:C92D:86B6, subnet is 2001:DB8:1111:0:9364:8387:C92D:86B6/128 [CAL/PRE]
Joined group address(es):
FF02::1
FF02::1:FF2D:86B6
FF02::1:FF61:5C01
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
Bugfixes
The following Cisco Packet Tracer 7.1.1 bugs are fixed in Cisco Packet Tracer 7.2 :
- [Fixed] Packet Tracer crash when booting C1841 ISR router from ROMMON mode (boot flash:c1841-advipservicesk9-mz.124-15.T1.bin)
- [Fixed] Packet Tracer crash when inserting hwic-4esw in C1841 ISR router slot 1.
- [Fixed] EIGRP packet headers not displayed in simulation mode.
- Packet Tracer crash when configuring DHCP on WLC-PT wireless controller
- Unable to use ip http server command on Cisco ISR 1941 router
- LLDP protocol error with LLDP neighbors not showing
- Port-channel interfaces become unassociated from the channel-groups on a router device when a saved file is reloaded after Packet Tracer restart
- After entering the command "show spanning-tree details" on a switch with a spanning-tree instance, program crashes
- Program crashes when placing fiber adaptor GLC-LH-SMD in ISR 2811 router using mixed media adaptor