Lets say you have a Cisco router that’s running an out of date IOS version and want to get a more recent image. It’s safe to say you’ll want to avoid resorting to piracy, Perhaps you don’t want to spend the money on a SMARTnet subscription. There’s a way to legally obtain an updated version that many people over look, security updates.

As it stands, CISCO’s security vulnerability policy states that (emphasis mine):

As a special customer service, and to improve the overall security of the Internet, Cisco may offer customers free of charge software updates to address security problems. If Cisco has offered a free software update to address a specific issue, noncontract customers who are eligible for the update may obtain it by contacting the Cisco TAC using any of the means described in the Contact Summary section of this document. To verify their entitlement, individuals who contact the TAC should have available the URL of the Cisco document that is offering the update.

Great! So we can probably get free updates if they fix a security issue, so what next? Head over to a handy on-line Cisco tool to identify what vulnerabilities are present in the version of IOS you’re running. Paste in the output of the “show ver” command and you’ll be presented with a list of vulnerabilities affecting your device.

Providing sh ver output to software checker

With that information, send TAC Support an e-mail including the output of the “show ver” command and the list of vulnerabilities and you will be sent a one-off link to obtain the latest IOS image for your device, free of charge.

This article was written by Dave Hope. Dave is a Senior Software Analyst for a UK based retirement developer, in his spare time he enjoys digital photography and rock climbing.

One comment

  • iri
    August 3, 2014 at 10:17 pm. Reply.

    After 2 years of this post, i can say it still works.
    After sending few emails with the TAC i just got from them the lastest firmware for my cisco router.
    Just a mention for anybody that is trying to obtain free firmware from TAC. After 2-3 emails, they said i cannot ever obtain a free firmware from them, but i just copy-pasted the following lines from any cisco security advisory, from the Obtaining Fixed Software section:
    “Customers Without Service Contracts

    Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Customers without service contracts should request free upgrades through the TAC.”

Leave a Reply