Release Notes for Cisco Embedded Wireless Controller on Catalyst Access Points, Cisco IOS XE 17.14.x
Introduction to Cisco Embedded Wireless Controller on Catalyst Access Points
 Caution |
Problem Description: Authentication fails when attempting to upgrade software using the "CCO mode" in Cisco Embedded Wireless Controller (EWC) on a Cisco Catalyst Access Point (EWC-AP). This issue occurs when attempting to upgrade from a software release prior to one of the following releases: 17.3.x, 17.6.x, 17.9.5, 17.12.3, and 17.14.1. Background: From May 1, 2024, onwards, Cisco Connection Online (CCO, known as cisco.com) will use a new authentication system for EWC-AP. This system is not backward compatible with the earlier EWC-AP software releases. EWC-AP software developed after January 31, 2024, will be able to authenticate with Cisco.com, before and after May 1, 2024. The releases include: 17.9.5 and later, 17.12.3 and later, and 17.14.1 and later. Workaround: Download the desired EWC-AP image and load it into the EWC-AP over TFTP, SFTP, or (Desktop) HTTP. Upgrade to one of the following releases:
After the upgrade, the CCO method for upgrades will work. For more information, see Field Notice: FN74124. |
The Cisco Embedded Wireless Controller on Catalyst Access Points is a version of the Cisco IOS XE-based controller software on Catalyst access points. In this solution, a Catalyst access point (AP) that is running the Cisco Embedded Wireless Controller on Catalyst Access Points software, is designated as the primary AP. Other APs, referred to as subordinate APs, associate to this primary AP.
The Cisco Embedded Wireless Controller on Catalyst Access Points provides enterprise-level WLAN features while maintaining operational simplicity and affordability. This solution is targeted at small and medium-sized business (SMB) customers or distributed enterprises, and can be run at single site deployments.
-
The controllers come with high availability (HA) and seamless software updates. This keeps your services on always, both during planned and unplanned events.
-
The deployment can be managed using a mobile application, Cisco Catalyst Center, Netconf/Restconf, web-based GUI, or CLI.
What's New in Cisco IOS XE 17.14.1
|
Feature Name |
Description and Documentation Link |
|---|---|
|
CAPWAP Message Aggregation |
This feature aggregates the CAPWAP control messages of the same type waiting in the queue to be transmitted to the AP. The following command is introduced:
For more information, see CAPWAP Message Aggregation. |
|
Kernel Minidump and Trustzone Upgrade |
From this release, the Kernel Minidump and Trustzone Upgrade feature offers a more effective method for diagnosing kernel issues. The following command is introduced:
For more information, see Kernel Minidump and Trustzone Upgrade |
|
Radio Resource Management (RRM) Dynamic Channel Assignment (DCA) Support on Mesh Backhaul |
Until the Cisco IOS XE 17.13.1 release, the RRM DCA optimized the root AP (RAP) backhaul radio channel of a mesh subtree by considering the noise, interference, load, and the RF parameter measurements only from the RAP. From this release, the RRM DCA on Mesh Backhaul feature enables DCA to make better channel assignments for a mesh subtree, by having continuous measurements and inputs from the whole mesh tree required to run DCA. The following command is introduced:
For more information, see Mesh Access Points. |
|
YANG RPC Support for clear aaa counters and clear radius statistics Commands. |
From this release, YANG RPC is supported for the clear aaa counters and clear radius statistics commands so that they can clear all counters, or specified RADIUS server ID counters to the device. |
Interactive Help
The Cisco Catalyst 9800 Series Wireless Controller GUI features an interactive help that walks you through the GUI and guides you through complex configurations.
You can start the interactive help in the following ways:
-
By hovering your cursor over the blue flap at the right-hand corner of a window in the GUI and clicking Interactive Help.
-
By clicking Walk-me Thru in the left pane of a window in the GUI.
-
By clicking Show me How displayed in the GUI. Clicking Show me How triggers a specific interactive help that is relevant to the context you are in.
For instance, Show me How in Configure > AAA walks you through the various steps for configuring a RADIUS server. Choose Configuration> Wireless Setup > Advanced and click Show me How to trigger the interactive help that walks you through the steps relating to various kinds of authentication.
The following features have an associated interactive help:
-
Configuring AAA
-
Configuring FlexConnect Authentication
-
Configuring 802.1x Authentication
-
Configuring Local Web Authentication
-
Configuring OpenRoaming
-
Configuring Mesh APs
 Note |
If the WalkMe launcher is unavailable on Safari, modify the settings as follows:
|
Supported Cisco Access Point Platforms
The following Cisco access points are supported in the Cisco Embedded Wireless Controller on Catalyst Access Points network. Note that the APs listed as primary APs can also function as subordinate APs.
|
Primary AP |
Subordinate AP |
|---|---|
|
Cisco Catalyst 9115 Series Cisco Catalyst 9117 Series Cisco Catalyst 9120 Series Cisco Catalyst 9124AXE/I/D Cisco Catalyst 9130 Cisco Catalyst 9105AXI |
Cisco Aironet 1540 Series Cisco Aironet 1560 Series Cisco Aironet 1815i Cisco Aironet 1815w Cisco Aironet 1830 Series Cisco Aironet 1840 Series Cisco Aironet 1850 Series Cisco Aironet 2800 Series Cisco Aironet 3800 Series Cisco Aironet 4800 Series Cisco Catalyst 9115 Series Cisco Catalyst 9117 Series Cisco Catalyst 9120 Series Cisco Catalyst 9124AXE/I/D Cisco Catalyst 9130 Cisco Catalyst 9105AXW Cisco Catalyst 9105AXI Cisco Catalyst Industrial Wireless 6300 Heavy Duty Series Access Points Cisco 6300 Series Embedded Services Access Points |
|
Image Type |
Supported APs |
|---|---|
|
ap1g4 |
Cisco Aironet 1810 Series Cisco Aironet 1830 Series Cisco Aironet 1850 Series |
|
ap1g5 |
Cisco Aironet 1815i Cisco Aironet 1815w Cisco Aironet 1540 Series Cisco Aironet 1850 Series |
|
ap1g6 |
Cisco Catalyst 9117 Series |
|
ap1g6a |
Cisco Catalyst 9130 Cisco Catalyst 9124AXE/I/D |
|
ap1g7 |
Cisco Catalyst 9115 Series Cisco Catalyst 9120 Series |
|
ap1g8 |
Cisco Catalyst 9105 Series |
|
ap3g3 |
Cisco Aironet 2800 Series Cisco Aironet 3800 Series Cisco Aironet 4800 Series Cisco Aironet 1560 Series Cisco Catalyst Industrial Wireless 6300 Heavy Duty Series Access Points Cisco 6300 Series Embedded Services Access Points |
Maximum APs and Clients Supported
|
Primary AP Model |
Maximum APs Supported |
Maximum Clients Supported |
|---|---|---|
|
Cisco Catalyst 9105 AWI |
50 |
1000 |
|
Cisco Catalyst 9115 Series |
50 |
1000 |
|
Cisco Catalyst 9117 Series |
50 |
1000 |
|
Cisco Catalyst 9120 Series |
50 |
1000 |
|
Cisco Catalyst 9124AXE/I/D |
50 |
1000 |
|
Cisco Catalyst 9130 |
50 |
1000 |
Note |
|
Compatibility Matrix
The following table provides software compatibility information:
|
Cisco Embedded Wireless Controller on Catalyst Access Points |
Cisco ISE |
Cisco CMX |
Cisco Catalyst Center |
|---|---|---|---|
|
Cisco IOS XE 17.14.x |
3.0 2.7 2.6 2.4 2.3 |
10.6.3 10.6.2 10.6 10.5.1 |
Supported Browsers and Operating Systems for Web UI
Note |
The following list of Supported Browsers and Operating Systems is not comprehensive at the time of writing this document and the behavior of various browser for accessing the GUI of the EWC is as listed below. |
|
Browser |
Version |
Operating System |
Status |
Workaround |
|---|---|---|---|---|
|
Google Chrome |
77.0.3865.120 |
macOS Mojave Version 10.14.6 |
Works |
Proceed through the browser warning. |
|
Safari |
13.0.2 (14608.2.40.1.3) |
macOS Mojave Version 10.14.6 |
Works |
Proceed through the browser warning. |
|
Mozilla Firefox |
69.0.1 |
macOS Mojave Version 10.14.6 |
Works only if exception is added. |
Set the exception. |
|
Mozilla Firefox |
69.0.3 |
macOS Mojave Version 10.14.6 |
Works only if exception is added. |
Set the exception. |
|
Google Chrome |
77.0.3865.90 |
Windows 10 Version 1903 (OS Build 18362.267) |
Works |
Proceed through the browser warning. |
|
Microsoft Edge |
44.18362.267.0 |
Windows 10 Version 1903 (OS Build 18362.267) |
Works |
Proceed through the browser warning. |
|
Mozilla Firefox |
68.0.2 |
Windows 10 Version 1903 (OS Build 18362.267) |
Works |
Proceed through the browser warning. |
|
Mozilla Firefox |
69.0.3 |
Windows 10 Version 1903 (OS Build 18362.267) |
Works only if exception is added. |
Set the exception. |
|
Google Chrome |
78.0.3904.108 |
macOS Catalina 10.15.1 |
Does not work |
NA |
Before You Upgrade
The following Remote Procedure Call (RPCs) should be used for Cisco Catalyst 9800 Series Wireless Controller and Cisco Embedded Wireless Controller:
-
Cisco Catalyst 9800 Series Wireless Controller: Use ewlc-wncd-stats within Cisco-IOS-XE-wireless-ap-global-oper.
-
Cisco Embedded Wireless Controller: Use ewlc-wncd-stats within Cisco-IOS-XE-wireless-access-point-oper.
Upgrade Path to Cisco IOS XE 17.14.x
|
Current Software |
Upgrade Path for Deployments with 9130 or 9124 |
Upgrade Path for Deployments Without 9130 or 9124 |
|---|---|---|
|
16.10.x |
— |
Upgrade first to 16.12.5 or 17.3.x and then to 17.14.x. |
|
16.11.x |
— |
Upgrade first to 16.12.5 or 17.3.x and then to 17.14.x. |
|
16.12.x |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
|
17.1.x |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
|
17.2.x |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
|
17.3.1 to 17.3.4 |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
Upgrade first to 17.3.5 or 17.6.x or later and then to 17.14.x. |
|
17.3.4c or later |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.4.x |
Upgrade first to 17.6.x and then to 17.14.x. |
Upgrade first to 17.6.x and then to 17.14.x. |
|
17.5.x |
Upgrade first to 17.6.x and then to 17.14.x. |
Upgrade first to 17.6.x and then to 17.14.x. |
|
17.6.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.7.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.8.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.9.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.10.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.11.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.12.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
|
17.13.x |
Upgrade directly to 17.14.x. |
Upgrade directly to 17.14.x. |
Upgrading the Controller Software
This section covers the various aspects of upgrading the controller software.
Note |
Before converting from CAPWAP to embedded wireless controller (EWC), ensure that you upgrade the corresponding AP with the CAPWAP image in Cisco AireOS Release 8.10.105.0. If this upgrade is not performed, the conversion will fail. |
Finding the Software Version
The following table lists the Cisco IOS XE 17.14.x software for Cisco Embedded Wireless Controller on Catalyst Access Points.
Choose the appropriate AP software based on the following:
-
Cisco Embedded Wireless Controller on Catalyst Access Points software to be used for converting the AP from an unified wireless network CAPWAP lightweight AP to a Cisco Embedded Wireless Controller on Catalyst Access Points-capable AP (primary AP)
-
AP software image bundle to be used either for upgrading the Cisco Embedded Wireless Controller on Catalyst Access Points software on the primary AP or for updating the software on the subordinate APs or both
Prior to ordering Cisco APs, see the corresponding ordering guide for your Catalyst or Aironet access point.
|
Primary AP |
AP Software for Conversion from CAPWAP to Cisco EWC |
AP Software Image Bundle for Upgrade |
AP Software in the Bundle |
|---|---|---|---|
|
Cisco Catalyst 9115 Series |
C9800-AP-universalk9.17.14.01.zip |
C9800-AP-universalk9.17.14.01.zip |
ap1g7 |
|
Cisco Catalyst 9117 Series |
C9800-AP-universalk9.17.14.01.zip |
C9800-AP-universalk9.17.14.01.zip |
ap1g6 |
|
Cisco Catalyst 9120 Series |
C9800-AP-universalk9.17.14.01.zip |
C9800-AP-universalk9.17.14.01.zip |
ap1g7 |
|
Cisco Catalyst 9124AXE/I/D |
C9800-AP-universalk9.17.14.01.zip |
C9800-AP-universalk9.17.14.01.zip |
ap1g6a |
|
Cisco Catalyst 9130 |
C9800-AP-universalk9.17.14.01.zip |
C9800-AP-universalk9.17.14.01.zip |
ap1g6a |
Supported Access Point Channels and Maximum Power Settings
Supported access point channels and maximum power settings on Cisco APs are compliant with the regulatory specifications of channels, maximum power levels, and antenna gains of every country in which the access points are sold. For more information about the supported access point transmission values in Cisco IOS XE software releases, see the Detailed Channels and Maximum Power Settings document at https://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-xe-17/products-technical-reference-list.html.
For information about Cisco Wireless software releases that support specific Cisco AP modules, see the "Software Release Support for Specific Access Point Modules" section in the Cisco Wireless Solutions Software Compatibility Matrix document.
Guidelines and Restrictions
Internet Group Management Protocol (IGMP)v3 is not supported on Cisco Aironet Wave 2 APs.
Embedded Wireless Controller SNMP configuration is supported in Cisco Catalyst Center.
High memory usage on AP running Embedded Wireless Controller. Enabling crash kernel on the AP consumes additional memory on the AP. Hence, if crash kernel is enabled, the overall memory usage of the device will increase and will impact the scale numbers. On Cisco Catalyst 9130 Access Points, the memory consumption is a high of 128 MB.
During the EWC HA pair selection, after a power outage, the standby AP fails to come up in the new EWC HA pair. Another EWC capable AP becomes the standby AP and fails to come up as well. To avoid this situation, ensure that the same IP address is enforced on the active or standby APs during HA pair selection.
Interoperability with Clients
This section describes the interoperability of the controller software with client devices.
The following table describes the configurations used for testing client devices.
|
Hardware or Software Parameter |
Hardware or Software Type |
|---|---|
|
Release |
Cisco IOS XE Dublin 17.14.x |
|
Access Points |
|
|
Radio |
|
|
Security |
Open, PSK (WPA2-AES), 802.1X (WPA2-AES) (EAP-FAST, EAP-TLS), WPA3. |
|
Cisco ISE |
See Compatibility Matrix. |
|
Types of tests |
Connectivity, traffic (ICMP), and roaming between two APs |
The following table lists the client types on which the tests were conducted. Client types included laptops, hand-held devices, phones, and printers.
Issues
Issues describe unexpected behavior in Cisco IOS releases. Issues that are listed as Open in a prior release are carried forward to the next release as either Open or Resolved.
Note |
All incremental releases will cover fixes from the current release. |
Cisco Bug Search Tool
The Cisco Bug Search Tool (BST) allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The BST is designed to improve the effectiveness in network risk management and device troubleshooting. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.
To view the details of a caveat, click the corresponding identifier.
Open Issues for Cisco IOS XE 17.14.1
|
Identifier |
Headline |
|---|---|
|
Controller CAPWAP Mobility Control and Data Path goes down as it fails to handle Path Maximum Transmission Unit (PMTU) acknowledgement. |
|
|
Virtual Routing and Forwarding (VRF) mismatch between the Cisco 5520 Series Wireless Controller as anchor controller and the Cisco Catalyst 9800-80 Wireless Controller as foreign causes user connection failure. |
|
|
Cisco Catalyst 9800-L Wireless Controller interface connecting to TenGigabitEthernet0/1/0 encounters input/overrun errors. |
|
|
AP undergoing Extensible Authentication Protocol (EAP) fails if the password is more than 31 characters. |
|
|
Cisco Catalyst 9800-40 Wireless Standby Controller unexpectedly becomes unresponsive with the last reload reason 'Critical software exception'. |
|
|
AAA override VLAN is not applied upon roaming in local authentication as the user is placed back in the default VLAN. |
|
|
Cisco Aironet 1815w AP encounters kernel unresponsiveness on image version 17.9.4.205. |
|
|
Cisco Catalyst 9130 and 9166 APs show high channel utilization with one single client connected. |
|
|
Cisco Catalyst 9124AXI-E AP becomes unresponsive due to channel 36 not being supported in the Jordan regulatory domain. |
|
|
Active controller becomes ActiveRecovery when the redundancy port link is down. |
|
|
Wired clients behind a WGB lose network connectivity when doing IRCM roaming from Cisco Catalyst 9800 Wireless Controller to Cisco 5520 Wireless Controller. |
|
|
Cisco Aironet 1815 APs report 0 dBm as the Received Signal Strength Indicator (RSSI) for neighboring APs. |
|
|
Cisco Catalyst 9120 AP encounters kernel unresponsiveness with the PC due to wlc_bmac_suspend_mac_and_wait. |
|
|
Cisco Catalyst 9124 APs do not assign the correct channels where 2.4 GHz is set for clients. |
|
|
Controller does not display the redundancy details on the Web-UI, only on the Command Line Interface (CLI). |
|
|
Controller causes IP theft and client deletion via Address Resolution Protocol (ARP) with DHCP required enabled. |
|
|
Controller encounters memory leak at the CAPWAP control message fragmentation issue. |
|
|
Inventory app shows "Internal Error" for controller that was in Catalyst Center for several releases. |
|
|
Cisco Aironet 4800 AP: Radio Core data files generated Radio 1 During the Longevity testing. |
|
|
Cisco Catalyst 9115 APs disjoin repeatedly with controller traceback. |
|
|
Cisco Catalyst 9800-40 Wireless Controller's mobility tunnels go down after upgrading via In-Service Software Upgrade (ISSU). |
|
|
Cisco Aironet 1562 as Mesh AP (MAP) recognizes Cisco Catalyst 9124 Root AP (RAP) as a parent and completes authentication, but fails in the CAPWAP join because Mesh Adjacency messages are undetected by the RAP. |
|
|
Cisco Wave 2 APs in FlexConnect do not decrypt traffic after Opportunistic Key Caching (OKC) fast roaming is enabled. |
|
|
Cisco Catalyst 9105 AP encounters high utilization and performance issues due to high mDNS traffic. |
|
|
Controller running the IOS XE software encounters an unexpected reset while trying to validate the MAC address with the EWLC_APP_INFRA_ID_MAGIC. |
|
|
Cisco Catalyst 9800-80 Wireless Controller encounters Wireless Network Control daemon (WNCd) issues when accessing Crimson Database. |
|
|
Clients require IP DHCP smart-relay support for controller. |
|
|
Memory leak under the Smand process. |
|
|
Mesh AP reflects back client unicast traffic on the wired port. |
Resolved Issues for Cisco IOS XE 17.14.1
|
Identifier |
Headline |
|---|---|
|
Cisco Catalyst 9800-40 Wireless Controller encounters false jammer alerts. |
|
|
Cisco Aironet 2800 and Cisco Catalyst 9120 APs as supplicants do not initiate the Extensible Authentication Protocol (EAP) process until a static IP address is assigned. |
|
|
Cisco Catalyst 9120 AP Radio1 becomes unresponsive. |
|
|
Controller does not forward broadcast Address Resolution Protocol (ARP) request to the wireless client. |
|
|
Cisco Catalyst 9130AXI APs unexpectedly become unresponsive due to radio failure. |
|
|
Pairwise Master Key Identification (PMKID) mismatch between FlexConnect central authentication Wave 2 AP and controller for 802.11X-SHA256 on roaming clients. |
|
|
Cisco Catalyst 9120 AP dual 5 GHz allow clients to connect to slot 0 as High Efficiency (HE) clients when 802.11ax is disabled in all WLANs and to slot 1 with the same WLANs HE disabled. |
|
|
Cisco Catalyst 9105 AP becomes unresponsive during longevity test because of Single Client Bridge (SCB) mismatch. |
|
|
Cisco Embedded Wireless Controller sends bursts of Virtual Router Redundancy Protocol (VRRP) traffic, causing the switch port to be down due to the storm-control action configuration on the switch port side. |
|
|
Cisco Catalyst 9130APs encounter kernel unresponsiveness after upgrading to 17.6.6. |
|
|
Cisco Catalyst 91xx AP does not process the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) server Hello. |
|
|
IP Theft observed due to the zone ID being 0x00000000. |
|
|
Controller accepts the reserved IPv6 multicast address to be configured as a mobility multicast IPv6 address. |
|
|
Controller client traffic fails in N+1 mode when AP sends CLIENT_DEL_STOP_REASSOC. |
|
|
Cisco Wave 2 APs allowing SKC roam cause client deletion with the reason as INVALID_PMKID. |
|
|
Cisco Aironet 1815 AP encounters kernel unresponsiveness. |
|
|
Controller encounters a 4-way handshake failure and a missing M3 packet. |
|
|
Cisco Catalyst 9105AXW APs detect bad block monitoring and repair. |
|
|
FlexConnect client is unable to perform Secure Agile Exchange (SAE) authentication due to the controller rejecting assoc-req with a Pairwise Master Key Identification (PMKID) mismatch. |
|
|
Cisco Catalyst 9130 and 9136 APs do not honor power saving mode. |
|
|
Cisco Catalyst 9120 AP encounters kernel unresponsiveness due to not syncing: assert:"0" failed: file "wlc_fifo.c:960". |
|
|
Cisco Wave 2 APs hyperlocation is broken if aWIPS is enabled. |
|
|
Controller becomes unresponsive within Radio Resource Management (RRM) service due to ReloadReason=Critical process rrm fault on rp_0_0 (rc=134). |
|
|
802.11ax APs running IoT application do not reset the BLE interface after 100 attempts. |
|
|
Controller's GUI does not allow modifying QoS policies without having the "QoS Service Set Identifier (SSID) policy" automatically set on the policy profile. |
|
|
Wired clients behind the Cisco Catalyst 9105 AP RLAN face limited connectivity and can't pass any traffic. |
|
|
Cisco Aironet 1852 AP reloads unexpectedly due to radio failure. |
|
|
Cisco Aironet 2800, 3800, 4800, 1560 APs and Cisco Catalyst IW6300 AP do not send QoS data frames downstream. |
|
|
Cisco Catalyst 9105, 9115, and 9120 AP WGB Antenna-a encounters a malfunction if the configuration is ab-antenna. |
|
|
Cisco Wave 2 APs improve the PMTU Discovery mechanism to be able to honor the ICMP unreachable MTU value and recalculate the AP PMTU. |
|
|
Cisco Catalyst IW916x APs and Cisco Catalyst 9105, 9130, and 9136 APs become unresponsive with the reason LED_APP or sxpd. |
|
|
Controller local password policy does not take effect on GUI login as expected. |
|
|
Controller does not send the broadcast Gratuitous Address Resolution Protocol (gARP) on behalf of the client on inter-controller roaming events. |
|
|
Controller queues CAPWAP messages for longer than x seconds with client throttling turned on. |
|
|
PDU type in the transmit (Tx) packet for iBeacon in dual mode needs to be changed to adv_non_connectable_ind. |
|
|
Cisco Catalyst 9120 AP becomes unresponsive leading to a Capwapd Crash during Scale Longevity. |
|
|
Cisco Wave 2 APs stop the PMTU Discovery mechanism after reaching the maximum hardcoded value. |
|
|
Cisco Catalyst 9120 AP encounters kernel unresponsiveness. |
|
|
Watchdog Reset (wcpd) Transmit (Tx) retry number is not MAC Service Data Unit (MSDU)-based. |
|
|
FlexConnect local switching APs per client rate limit do not work. |
|
|
Cisco Catalyst 9120 APs disconnect due to Port Status Monitor (PSM) microcode watchdog CS00012333933. |
|
|
APs managed by the controller display the "No radios in the selected band" message in the Cisco Catalyst Center heat map. |
|
|
APs fail to onboard new client associations with ‘No buffer space available’ messages. |
|
|
Controller is missing Simple Network Management Protocol (SNMP) Object ID (OID) for AP Location Tag. |
|
|
Controller unexpectedly becomes unresponsive with ReloadReason "Critical process wncd fault on rp_0_0". |
|
|
Cisco Catalyst 9120 AP encounters kernel unresponsiveness - not syncing: assert:"done" failed: file "phy_ac_radio.c:6141. |
|
|
Cisco Aironet 2800 AP encounters FIQ/NMI reset due to PC at wl_get_staid_info. |
|
|
Cisco Catalyst 9130 APs stop forwarding router advertisements for FlexConnect Local Switching/Local Authentication after 4-6 hours of uptime. |
|
|
Cisco Catalyst 9120 AP sends Ready to Send (RTS) with 6 Mbps when this rate is configured as unsupported (CS00012284859). |
|
|
Controller encounters an unexpected reboot while collecting wireless client stats with the Embedded Event Manager (EEM) script. |
|
|
Audit session ID changes and client loses network access after inter- Wireless Network Control Daemon (WNCD) roam. |
|
|
Cisco Catalyst 9115AXI-S AP association request dropped on the Cisco Catalyst 9800-80 Wireless Controller. |
|
|
Cisco Catalyst 9120 AP sends authorization response failures for specific MAC addresses due to "suppressed by MAC filter". |
|
|
Cisco Catalyst 9800-40 Wireless Controller becomes unresponsive on Critical process Radio Resource Management (RRM) fault on rp_0_0. |
|
|
Single Band Broadcom (BCM) WGB Radio 0 Transmit (Tx) power decreased by nearly 20 dBm while configuring antenna number. |
|
|
Cisco Catalyst 9130 AP does not send DHCP Offer and Acknowledgement (ACK) Over the Air (OTA) through the radio interface to the client. |
|
|
Cisco Catalyst 9124AX AP experiences image upgrade failure. |
|
|
Cisco Aironet 2800 AP on Taiwan domain is unable to send Wi-Fi signals on channels 52, 120, 124 and 128. |
|
|
Controller GUI shows incorrect number of clients connected to the AP. |
|
|
Cisco Catalyst 9105, 9115, 9120 APs experience radio misconfiguration after AP reloads in admin state down. |
|
|
Cisco Aironet 1830, 1850 APs report false high channel utilization, which causes performance isues on 5 GHz band. |
|
|
Cisco Catalyst 9130 AP moves Universal PoE spare pair to turn off over CDP. |
|
|
Cisco Aironet 3800 AP radio firmware becomes nonoperational with reset code 2. |
|
|
mDNS gateway does not respond correctly when Location Specefic Services filter is enabled in the 5-GHz band on FlexConnect AP. |
|
|
Cisco Catalyst 9105AXW AP experiences large count of bad physical eraseblocks. |
|
|
Controller becomes nonoperational on WNCd process during database termination. |
|
|
Encrypted wireless mesh pre-shared key changes when "password encryption aes" is in use. |
|
|
Layer 3 multicast packets are sent on native VLAN when VLAN ID 1 is selected on policy profile with AAA override. |
|
|
Cisco Aironet 2800 FlexConnect APs are unable to process EAP-TLS fragmented packets if delay is more than 50ms. |
|
|
Cisco Catalyst 9120 AP experiences kernel panic with PC at wlc_bmac_suspend_mac_and_wait+0x3c/0x488 [wl] CS00012321648. |
|
|
Radio 0 WGB configuration is not backed up correctly when doing a TFTP backup of the configuration. |
|
|
Cisco Aironet 1832 AP running on release IOS XE Cupertino 17.9.2 experiences kernel panic. |
|
|
Controller allows client reconnection after client deletion and Change of Authorization (CoA) termination. |
|
|
Controller does not send 802.11r mobility payload on mobility group name change to FlexConnect AP causing MDID mismatch. |
|
|
Cisco Catalyst 9120 AP detects its BSSID as malicious after channel resets. |
|
|
Per client rate limit with FlexConnect AP is not functioning. |
|
|
Cisco Catalyst 9115, 9120AX APs do not allow channel 165 for -Z domain. |
|
|
Slot 2 is down for GB country after performing factory reset. |
|
|
APs are unable to join when CBAR is configured on controller. |
|
|
Personal Identity Verification (PIV) authentication requires an additional backslash in the redirection URL to work successfully. |
|
|
Apple clients are unable to connect to FlexConnect AP when WPA3 is enabled. |
|
|
Controller does not send IPv4 GARPs or IPv6 NA for wireless clients in RUN state after a switchover. |
|
|
Cisco Catalyst 9105, 9115, and 9120 APs set the maximum transmit power level to -128 dBm in Country IE. |
|
|
Cisco Wave 2 APs in FlexConnect mode do not allow clients to connect and sends association-response failure after changing country code. |
|
|
Cisco Wave 2 APs become nonoperational repeatedly in throughput testing. |
|
|
Cisco Aironet 3800 AP becomes nonoperational due to kernel panic with PC at skb_unlink+0x40/0x54. |
|
|
Cisco Catalyst 9130 experiences inconsistent transmission power levels advertised in the country information of beacon frame causing client-side issues. |
|
|
Cisco Catalyst 9115 AP becomes nonoperational due to kernel panic with PC/LR is at drop_pagecache_sb+0x78/0x110. |
|
|
AP does not allow to apply URL filter after invalid configuration. |
|
|
VLAN change on the AP port results in unsuccessful update of IPv6 routes on Wave 2 AP. |
|
|
Controller shares accounting information for PSK local authentication WLANs. |
|
|
Controller reloads due to critical process WNCd fault. |
|
|
Memory leak occurs when no RADIUS server is reachable. |
|
|
Cisco Catalyst 9115AX AP does not forward a part of the CAPWAP data packets to the uplink direction. |
|
|
MAC address of wired clients are being learned from the Cisco Catalyst 9124 MAP. |
|
|
Controller receives false notifications for reaching maximum client limit. |
|
|
APs in the 5-GHz band remains in down state for -A domain access points in Guatemala. |
|
|
Cisco Catalyst 9130 APs stop forwarding router advertisements after 4-6 hours of operation. |
|
|
Pop-ups are not displayed correctly in dark mode in the controller. |
|
|
Controller is unable to load lobby admin page. |
|
|
Access point unexpectedly reloads due to kernel panic with mDNS enabled. |
|
|
Cisco Catalyst 9115 OEAP experiences kernel unresponsiveness. |
|
|
Cisco Aironet 3800 AP reloads unexpectedly due to FIQ/NMI reset. |
|
|
Controller experiences WNCd abnormalities when processing the AP supported channels. |
|
|
Controller becomes nonoperational with WNCd core while processing CAPWAP data. |
|
|
Cisco Catalyst 9120 and 9115 APs unexpectedly disjoin from the controller and do not establish DTLS again. |
|
|
Cisco Catalyst 9105AXW APs do not recover after upgrade. |
|
|
Cisco Catalyst 9120 AP experiences kernel panic due to wlc_key_set_data in 17.9.4 CS00012316343. |
|
|
Cisco Wave 2 APs do not plumb keys after session timeout reauthentication. |
|
|
New SSID arp0v0 is broadcast only after a Cisco IOS-XE Cupertino 17.9.3 wireless upgrade. |
|
|
Cisco Aironet 2800, 3800, 4800, 1560, IW6300 APs may not detect radar on the required levels after CAC time. |
|
|
Apple devices are not deleted after sending EAP messages. |
|
|
Controller might become nonoperational within IOSd during an update to SPAN source ports. |
|
|
Controller displays public cloud 17.9.3 error while configuring basic wireless setup. |
|
|
Cisco Catalyst 9130 AP does not honor U-APSD trigger frame resulting in RTP stream disruption. |
|
|
Cisco Catalyst 9105, 9115, 9120 APs experience kernel panic with PC at _raw_spin_unlock CS00012303664. |
|
|
VLAN Group Support for DHCP and Static IP Clients feature does not work on FlexConnect Central Switching mode. |
|
|
Monitoring PHY Health check on Broadcom APs |
|
|
Change of Authorization (CoA) server key appears blank on the controller GUI. |
|
|
Cisco Catalyst 9130 AP generates excessive CleanAir syslogs. |
|
|
Cisco Catalyst 9115 AP in local mode becomes nonoperatioanl due to kernel panic. |
|
|
Controller becomes nonoperational when provisioning multiple APs. |
|
|
Policy tag description disappears after deleting WLAN location entries. |
|
|
Inconsistent transmission power levels advertised in Country information of beacon frame causes client-side issue. |
|
|
Cisco Catalyst 9130 APs do not start CAPWAP due to interface reset while waiting for IP address from DHCP. |
|
|
Cisco Aironet 1815 APs report high channel utilization in the 5-Ghz band. |
|
|
Controller unexpectedly reboots when handling NMSP TLS connection. |
|
|
Controller experiences unexpected resets with the following message: Log message: %PMAN-3-PROCHOLDDOWN: R0/7: wncd: The process wncd has been helddown (rc 134) |
|
|
Cisco Aironet 1815 AP leaks RLAN VLAN traffic with looped port. |
|
|
APs in same controller classify each other as rogue and sends "AP Impersonation" alert. |
|
|
Controller becomes nonoperational while performing ISSU upgrade. |
|
|
Cisco Wave 2 APs should check CAPWAP payload sanity before deleting it. |
|
|
Cisco Catalyst 9300LM switch is not compatible with Cisco Aironet 1815 AP when it is connected on a port with Cisco Unified IP Phone 7945G. |
|
|
Cisco Catalyst 9130 AP on IOS XE Amsterdam 17.3.6 fails to join with error to set FT data in BSSID after site-tag is changed on controller. |
|
|
Cisco Catalyst 9120 AP experiences radio unresponsiveness during longevity run test on IOS XE 17.13. |
|
|
Cisco Catalyst 9120 AP and Cisco Aironet 2800 AP reboot repeatedly due to Systemd critical process unresponsiveness when joining controller that runs on IOS XE Amsterdam 17.9.3. |
|
|
Wireless Driver is unable to decrypt ICAP packets in Cisco Catalyst 9130 AP. |
|
|
Cisco Catalyst 9120AXE AP remains at u-boot and with multiple failure messages. |
|
|
Controller returns with error while uploading backup file with FTP on GUI. |
|
|
Controller becomes nonoperational after receiving analytics from AP. |
Troubleshooting
For the most up-to-date, detailed troubleshooting information, visit the Cisco TAC website at:
https://www.cisco.com/en/US/support/index.html
Go to Product Support and select your product from the list, or enter the name of your product. Look under Troubleshoot and Alerts to find information about the problem that you are experiencing.
Related Documentation
Information about Cisco IOS XE is available at:
https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-xe/index.html
All the support documentation for Cisco Catalyst 9100 Access Points are available at: https://www.cisco.com/c/en/us/support/wireless/catalyst-9100ax-access-points/tsd-products-support-series-home.html
Cisco Validated Designs documents are available at:
https://www.cisco.com/go/designzone
Cisco Embedded Wireless Controller on Catalyst Access Points
For support information, see the following documents:
-
Cisco Embedded Wireless Controller on Catalyst Access Points Software Configuration Guide
-
Cisco Embedded Wireless Controller on Catalyst Access Points Command Reference Guide
Installation guides for Catalyst Access Points are available at:
For all Cisco Wireless Controller software-related documentation, see:
Wireless Products Comparison
-
Use this tool to compare the specifications of Cisco wireless APs and controllers:
https://www.cisco.com/c/en/us/products/wireless/wireless-lan-controller/product-comparison.html
-
Product Approval Status:
-
Wireless LAN Compliance Lookup:
https://www.cisco.com/c/dam/assets/prod/wireless/wireless-compliance-tool/index.html
Cisco Access Points–Statement of Volatility
The STATEMENT OF VOLATILITY is an engineering document that provides information about the device, the location of its memory components, and the methods for clearing device memory. Refer to the data security policies and practices of your organization and take the necessary steps required to protect your devices or network environment.
The Cisco Aironet and Catalyst AP Statement of Volatility (SoV) documents are available on Cisco Trust Portal at https://trustportal.cisco.com/c/r/ctp/trust-portal.html#/.
You can search by the AP model to view the SoV document.
Cisco Connected Mobile Experiences
Cisco Catalyst Center
Communications, Services, and Additional Information
-
To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.
-
To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.
-
To submit a service request, visit Cisco Support.
-
To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco Marketplace.
-
To obtain general networking, training, and certification titles, visit Cisco Press.
-
To find warranty information for a specific product or product family, access Cisco Warranty Finder.
Cisco Bug Search Tool
Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.
Feedback