Cisco 2504 wireless WLC

Packet Tracer 7.1 has a new Cisco 2504 Wireless LAN Controller (WLC) and Lightweight Access Point capabilities. The Lightweight Access Point connect to the WLC using CAPWAP tunnels and get their radio configuration (SSID) from it. The simulated WLC provides the following capabilities in Packet Tracer 7.1 :

  • CAPWAP tunnels
  • Multiple SSID with wlan to vlan mapping
  • WPA / WPA2 encryption (TKIP / AES) with 802.1x authentication support
  • Dynamic access point management interface
  • Internal DHCP server
  • DHCP proxy

Mobility management and rogue AP detection are not supported in Packet Tracer 7.1

Packet Tracer 7.1 - Cisco 2504 WLC

Read more on Cisco WLC 2504 configuration

Cisco 3702i Aironet Light Weight Access Point

Light Weight Access are centrally managed by a wireless controller. The WLC uses the CAPWAP protocol for Access Points registration and configuration.

The Cisco 3702i Aironet access points emulated in Packet Tracer 7.1 support the follwoing features :

  • PoE power supply (automatic when connected to a power inline enabled switch)
  • Local power supply (when PoE is not available)
  • DHCP client
  • Manual WLC address IP configuration
  • Power on auto provisionning with automatic WLC discovery using DHCP option 150

DHCP configuration for Light Weight access point automatic registration to a WLC using the IP address

ip dhcp excluded-address
ip dhcp pool MGMT
 option 150 ip


Cisco ISR 4321 Router

Packet Tracer 7.1 features a new Cisco ISR 4321 router with optical capabilities over (100BASE-FX and 1000BASELX/LH). This router runs IOS-XE unifying the 4000 Series Integrated Services Routers, 1000 Series Aggregation Services Routers. The Cisco ISR 4000 have been designed as multi-service branch office routers that has superior performance to the second generation ISRs, while the ASR 1000s series can serve as hight performance WAN edge router or aggregation service routers.

The Cisco ISR 4000 series also support IOX application, which extends  IOX hosting capabilities from small footprint routers, such as the ISR 819 routers which already allowed IOX simulation in Packet Tracer 7.0, to more powerful routers.

However, IOX features does not seem to have been implemented in the ISR 4321 emulated in Packet Tracer 7.1 . Only the securityk9 package is available :

Router(config)#license boot level ?
  securityk9  Security License Level
Router#show license feature 
Feature name      Enforcement  Evaluation  Subscription   Enabled  RightToUse
hseck9            yes          no          no             no       no
AdvUCSuiteK9      yes          yes         no             no       yes
FoundationSuiteK9 yes          yes         no             no       yes
appxk9            yes          yes         no             no       yes
cme-srst          yes          yes         no             no       yes
ipbasek9          no           no          no             yes      no
securityk9        yes          yes         no             yes      yes
throughput        yes          yes         no             no       yes
uck9              yes          yes         no             no       yes
internal_service  yes          no          no             no       no


Packet Tracer 7.1 new features

The current Packet Tracer 7.1 release is Packet Tracer as of 03th September, 2017.


  • Containers scale properly
  • Rack updates/spacing
  • Patch panels and wall mounts
  • Power distribution units
  • Updated high resolution display support

Other Changes

  • Updated IOS version for existing switch / router devices
  • Uniform PDU format
  • New IOS/IOS-XE
  • CAPWAP protocol (see Packet Tracer 7.1 - Wireless WLC configuration tutorial)
  • App support on PC
  • Export programming project as pkp
  • Custom user command to PC CLI
  • MQTT messaging protocol for IoT devices
  • Activity Sequencer and Editor
  • Activity Wizard Code Testing
  • Ability to use different providers for cellular networks
  • IoX client support on PC
  • Cartridge support on ISR829 router (bundle install command to install a Guest OS cartridge). More on
  • ASA security plus license. An ASA activated with Security Plus license is able to create up to 20 vlans
    with no restrictions and trunking on.
  • Various enhancements to existing protocols


ASA Security plus license

Use the activation-key 0x1321CF73 0xFCB68F7E 0x801111DC 0xB554E4A4 0x0F3E008D command to activate the security plus licence on the ASA 5505 in Packet Tracer 7.1

ciscoasa#activation-key 0x1321CF73 0xFCB68F7E 0x801111DC 0xB554E4A4
Validating activation key. This may take a few minutes...
ERROR: The requested activation key was not saved because it is not valid for this system.
ciscoasa#activation-key 0x1321CF73 0xFCB68F7E 0x801111DC 0xB554E4A4 0x0F3E008D
Validating activation key. This may take a few minutes...
Failover is different.
   running permanent activation key: Restricted(R)
   new permanent activation key: Unrestricted(UR)
WARNING: The running activation key was not updated with the requested key.
Proceed with update flash activation key? [confirm]
The flash permanent activation key was updated with the requested key, and will become active after the next reload.

Save the running-config of the ASA and reload the device. Licence activation is performed after device reload.

ciscoasa#show activation-key 
Serial Number:  JMX15369U1A
Running Permanent Activation Key: 0x10D845A7 0x848E9B92 0x7A4722BE 0xB19C781A 0x972C4CEC

Licensed features for this platform:
Maximum Physical Interfaces       : 8              perpetual
VLANs                             : 3              DMZ Restricted
Dual ISPs                         : Disabled       perpetual
VLAN Trunk Ports                  : 0              perpetual
Inside Hosts                      : 10             perpetual
Failover                          : Disabled       perpetual
VPN-DES                           : Enabled        perpetual
VPN-3DES-AES                      : Enabled        perpetual
AnyConnect Premium Peers          : 2              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 10             perpetual
Total VPN Peers                   : 25             perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
UC Phone Proxy Sessions           : 2              perpetual
Total UC Proxy Sessions           : 2              perpetual
Botnet Traffic Filter             : Disabled       perpetual
Intercompany Media Engine         : Disabled       perpetual

This platform has a Base license.

The flash permanent activation key is the SAME as the running permanent key.

Packet Tracer 7.1 - ASA Security Plus licence activation


IOS 15.5(3) for Cisco 1900 and 2900 ISR routers

Cisco updated IOS version for Integrated Service Routers and Catalyst switches in Packet Tracer 7.1 (requires IOS upgrade from TFTP server, ot directly available when adding a new device) :

  • ISR 1941 - 15.5.3
  • ISR 2901 - 15.5.3
  • ISR 2911 - 15.5.3
  • ISR 819 - 15.4.3
  • ISR 829 - 15.6.3
  • Aironet CGR 1240 - 15.6.3
  • Calalyst 3560 - advipservicesk9  12.2.4

Use the following steps to perform the upgrade Cisco Integrated Service Routers (ISR) 1941, 2901, and 2911 to IOS 15.5-3 :

Install a TFTP server and make sure it has these two files :

  1. c1900-universalk9-mz.SPA.155-3.M4a.bin
  2. c2900-universalk9-mz.SPA.155-3.M4a.bin

On each router, enter the following commands. Change the image file name accordingly to the ISR router model (1900 or 2900). Don't forget to save the configuration and to reload the router to boot on the new IOS image.

Router#copy tftp flash
Address or name of remote host []? **TFTP server address**
Source filename []? c1900-universalk9-mz.SPA.155-3.M4a.bin
Destination filename [c1900-universalk9-mz.SPA.155-3.M4a.bin]? 

Router(config)#boot system c1900-universalk9-mz.SPA.155-3.M4a.bin

Proceed with reload? [confirm]


MQTT messaging protocol for IoT devices

Packet Tracer 7.1 improves IoT objects communication by introducing an inovative MQTT messaging capability. MQTT is a machine-to-machine (M2M)/"Internet of Things" connectivity protocol. It was designed as an extremely lightweight publish/subscribe messaging transport. This lightweight protocol for connections with remote locations where a small code footprint is required and/or network bandwidth is at a premium. It is also an ideal messaging protocol for mobile applications because of its small size, low power usage, minimised data packets, and efficient distribution of information to one or many receivers

MQTT has been an OASIS Standard since 15 October 2014.

The following sample shows an example of MQTT messages available in Packet Tracer 7.1 . MQTT clients subscribe to MQTT message queues hosted by a MQTT broker. Those two functions are available in Packet Tracer SBC-PT IoT module

{"cmd":"CONNECT","client":"MQTT Client (357fa587ed1de0L)","protocolId":"MQTT","protocolVersion":"3.1.1","clean":1,"clientId":"357fa587ed1de0L","keepalive":60,"username":"cisco","password":"cisco","will":{}}
{"cmd":"CONNACK","client":"MQTT Client (357fa587ed1de0L)","returnCode":0,"sessionPresent":0}
{"cmd":"SUBSCRIBE","client":"MQTT Client (357fa587ed1de0L)","packetId":31276,"topic":"myhome/bedroom/temp","qos":0}
{"cmd":"SUBACK","client":"MQTT Client (357fa587ed1de0L)","packetId":31276,"topic":"myhome/bedroom/temp","qos":0,"returnCode":0}
{"cmd":"SUBSCRIBE","client":"MQTT Client (357fa587ed1de0L)","packetId":23347,"topic":"myhome","qos":0}
{"cmd":"SUBACK","client":"MQTT Client (357fa587ed1de0L)","packetId":23347,"topic":"myhome","qos":0,"returnCode":0}
{"cmd":"PUBLISH","client":"MQTT Client (357fa587ed1de0L)","qos":0,"dup":0,"topic":"myhome/bedroom/temp","payload":"TestTestTest","retain":0}
{"cmd":"PUBLISH","client":"MQTT Client (357fa587ed1de0L)","qos":0,"dup":0,"topic":"myhome/bedroom/temp","payload":"TestTestTest","retain":0}


Central Office device (3G / 4G network improvement

The 3G / 4G Central Office device has been modified to allow outgoing ping from the network to mobile devices connected to the cell towers. In previous Packet Tracer versions, only incoming communications from the mobile devices were allowed.

1. Click on the Central Office Server0 Config tab

2. Click on settings and enable "Allow External Access".

Bug fix:

This new version correct the following issues :

  • Crash when running "show ip ospf interface" command
  • Crash when moving from physcal to config menu of the 2901 ISR router
  • Crash when running entering the "service password-encryption" command on the ISR 829 router
  • Packet Tracer not remembering Netacad credentials -> login required at each application load
  • Home-VoIP-PT device does not save Server Address.