Release Notes for Cisco SD-WAN Release 19.2.x
 Note |
The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on standards documentation, or language that is used by a referenced third-party product. |
These release notes accompany the Cisco SD-WAN Release 19.2.x, which provides Cisco SD-WAN capabilities for Cisco vEdge devices—including Cisco vSmart Controllers, Cisco vBond Orchestrators and Cisco vManage as applicable to Cisco vEdge devices.
For release information about Cisco IOS XE SD-WAN devices, refer to Release Notes for Cisco IOS XE SD-WAN Release 16.12.x.
What's New for Cisco SD-WAN Release 19.2.x
This section applies to Cisco vEdge devices.
Cisco is constantly enhancing the SD-WAN solution with every release and we try and keep the content in line with the latest enhancements. The following table lists new and modified features we documented in the Configuration, Command Reference, and Hardware Installation guides. For information on additional features and fixes that were committed to the SD-WAN solution, see the Resolved and Open Bugs section in the Release Notes.
|
Feature |
Description |
|---|---|
|
Getting Started |
|
|
API Cross-Site Request Forgery Prevention |
This feature adds protection against Cross-Site Request Forgery (CSRF) that occurs when using Cisco SD-WAN REST APIs. This protection is provided by including a CSRF token with API requests. You can put requests on an allowed list so that they do not require protection if needed. See Cross-Site Request Forgery Prevention. |
|
Systems and Interfaces |
|
|
Secure Shell Authentication Using RSA Keys |
This feature helps configure RSA keys by securing communication between a client and a Cisco SD-WAN server. See SSH Authentication using vManage on Cisco XE SD-WAN Devices. See Configure SSH Authentication. |
|
Policies |
|
|
Packet Duplication for Noisy Channels |
This feature helps mitigate packet loss over noisy channels, thereby maintaining high application QoE for voice and video. See Configure and Monitor Packet Duplication. |
|
Control Traffic Flow Using Class of Service Values |
This feature lets you control the flow of traffic into and out of a Cisco device's interface based on the conditions defined in the quality of service (QoS) map. A priority field and a layer 2 class of service (CoS) were added for configuring the re-write rule. See Configure Localized Data Policy for IPv4 Using Cisco vManage. |
|
Security |
|
|
Secure Communication Using Pairwise IPsec Keys |
This feature allows you to create and install private pairwise IPsec session keys for secure communication between an IPsec device and its peers. For related information, see IPSec Pairwise Keys Overview. |
|
Configure IKE-Enabled IPsec Tunnels |
The pre-shared key needs to be at least 16 bytes in length. The IPsec tunnel establishment fails if the key size is less than 16 characters when the router is upgraded to version 19.2. See Configure IKE-Enabled IPsec Tunnels. |
|
Network Optimization and High Availability |
|
|
Disaster Recovery for vManage |
This feature helps you configure Cisco vManage in an active or standby mode to counteract hardware or software failures that may occur due to unforeseen circumstances. See Configure Disaster Recovery. |
|
Share VNF Devices Across Service Chains |
This feature lets you share Virtual Network Function (VNF) devices across service chains to improve resource utilisation and reduce resource fragmentation. See Share VNF Devices Across Service Chains. |
|
Monitor Service Chain Health |
This feature lets you configure periodic checks on the service chain data path and reports the overall status. To enable service chain health monitoring, NFVIS version 3.12.1 or later should be installed on all CSP devices in a cluster. See Monitor Service Chain Health. |
|
Manage PNF Devices in Service Chains |
This feature lets you add Physical Network Function (PNF) devices to a network, in addition to the Virtual Network function (VNF) devices. These PNF devices can be added to service chains and shared across service chains, service groups, and a cluster. Inclusion of PNF devices in the service chain can overcome the performance and scaling issues caused by using only VNF devices in a service chain. See Manage PNF Devices in Service Chains. |
Important Notes, Known Behavior, and Workaround
When you complete a Cisco SD-WAN software downgrade procedure on a device, the device goes into the configuration mode that it was in when you last upgraded the Cisco SD-WAN software on the device. If the device is in a different configuration mode when you start the downgrade than it was when you last upgraded, the device and Cisco vManage show different configuration modes after the downgrade completes. To put the configuration modes back in sync, reattach the device to a device template. After you reattach the device, both the device and Cisco vManage show that the device is in the vManage configuration mode.
Cisco vManage Upgrade Paths
| Starting Cisco vManage Version | Destination Version | ||
|---|---|---|---|
|
19.2.x |
|||
|
18.x/19.2.x |
Direct Upgrade |
||
|
20.1.x |
Not Supported |
||
|
20.3.x |
Not Supported |
||
|
20.4.x |
Not Supported |
||
Supported Devices
For device compatibility information, see Cisco SD-WAN Device Compatibility.
Controller Compatibility Matrix and Server Recommendations
For compatibility information and server recommendations, see Cisco SD-WAN Controller Compatibility Matrix and Server Recommendations.
Resolved and Open Bugs
About the Cisco Bug Search Tool
Use the Cisco Bug Search Tool to access open and resolved bugs for a release.
The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.
You can filter the search results by last modified date, bug status (open, resolved), severity, rating, and support cases.
Resolved and Open Bugs
All resolved and open bugs for this release are available in the Cisco Bug Search Tool.
Resolved and Open Bugs for Cisco SD-WAN Release 19.2.4
|
Bug ID |
Description |
|---|---|
|
vEdge FTMD crash when using FQDN as tunnel-destination |
|
|
fp-core watchdog failure on vEdge 5k running 18.4.1 (fp-um) |
|
|
don't add certificate errors into configure DB |
|
|
vManage fails to login if Encryption algorithm is set to SHA-256 for ADFS |
|
|
vManage stores stale session and renders to j_security_check or last cached url |
|
|
%IPSEC-3-REPLAY_ERROR: + BFD down and drops IN_CD_COPROC_ANTI_REPLAY_FAIL |
|
|
19.2 vSmart omp keeps crashing when edge device is higher version than vSmart |
|
|
vedge cloud 18.4.3/19.2.1 on top of NFVIS(3.12.3 RC4) stop fowarding traffic when CU flap interface. |
|
|
vManage re-arrange rules issue |
|
|
Slash symbol cannot be used in a variable value of any device specific parameter scope in templates |
|
|
vManage: real time omp advertised routes in vmanage showing received routes as well. |
|
|
Misleading logout event |
|
|
Cloud onRamp for IaaS on AWS: default route to null0 blackholes traffic sent to Internet |
|
|
route leaking between VPN with natpool in one VPN is not working. |
|
|
Regression: vEdge2000 cannot exceed more than 65K NAT sessions over GRE or IKE IPSec tunnel |
|
|
vManage Feature hostname / location template should support special characters |
|
|
Vedge receives a packet to remove SPIs for duplicate IKEv2 SAs but it removes all the SPIs instead. |
|
|
Cannot ssh into vsmart, vbond with GCM ciphers |
|
|
BFD sessions flap after multiple control connection flaps to the vSmart. |
|
|
"show ip route vpn " output not showing specific routes for omp routes |
|
|
vManage misleading error regarding multitenancy in singe tenant environment cluster |
|
|
CSR signed certificate fails when vManage configured with timezone America/Sao_Paulo with Cisco PKI |
|
|
Cisco SD-WAN Denial of Service Vulnerabilities |
|
|
A tenant logged into vManage using tenantadmin fails to attach a device to a template (feature/cli) |
|
|
vEdge 100m lose IP for a Cellular interface |
|
|
''ftmd' crash on vEdge when cellular interface is present and "show interface" is executed |
|
|
ISR1100-4GLTE not showing when SIM is Locked |
|
|
traffic flows are not load-balanced fairly across all available cores when using GRE tunnel in vedge |
|
|
vSmart seeing crashes with high policy-queue. |
|
|
DC1 vmanage template attachment disappear after a switchover |
|
|
Make 30 notifications / min restriction for webhook alarm notification configurable |
|
|
Template update :Request time out:Client timed out waiting for request taking longer than 90 secs |
|
|
Uploaded WAN-Edge list rejected, chassis tag missing |
|
|
SSO SAMLResponse redirect points to loginError.html unexpectedly |
|
|
Critical customer with 19.2.2, 4 vManage cluster is running into Full GC allocation failure |
|
|
Downgrade of vmanage should be blocked as a part of activate also along with install workflows. |
|
|
vbond information is lost during replication after multiple failovers |
|
|
error message "Server error Unknown error" while accessing tloc and tunnel in WAN status |
|
|
SNMP Query for Interface Description OID breaks if description is longer than 32 characters. |
|
|
Disable support for weak encryption ciphers on vManage and vSmart. |
|
|
MSP: wildfly: kafka is not yet functional |
|
|
SNMP v3 walk is failing in vsmart and vedges |
|
|
OMPD crash with control-policy export vpn |
|
|
tunnel interface is admin up and oper down but local properties show admin and oper as down |
|
|
vManage spends 60+ seconds to parse the device template with 500+ variables |
|
|
100M shaper will introduce inaccurate throughput with traffic oversubscribed on ISR1100-4G |
|
|
Cisco PKI Root Certificates not installed in recent images |
|
|
vManage: Only allow 1yr option since 2/3yr options are deprecated |
|
|
Vmanage 20.1.12 when selecting "Mark as optional" under radius will fail with an error |
|
|
vEdge crashed with error "Software initiated - Daemon 'ompd' failed. Core files found" |
|
|
vEdge control connections goes down after CSR generation |
|
|
Device is unreachble, interfaces are showing as up |
|
|
CoR probes working for O365 but failing for every other SaaS application |
|
|
vManage revokes devices enterprise cert after hitting "Send to Controllers" |
|
|
vEdge5000: control connection stuck in "Challenge" phase - Failed to create IdentityReqBlob |
|
|
vegde is dropping bfd packets from cedge. |
|
|
Large number of sequences in localized policy causing fpmd crash. |
|
|
On the NSO of the vManage, the address of the vSmarts was set as 0.0.0.0 |
|
|
MSP: user is logged out of GUI eventhough client session timeout is disabled |
|
|
vEdge crashes with dbgd failed message when running speed test |
|
|
LLQ policer disappears when changed policy configuration |
|
|
Unable to see stats on vAnalytics in 18.4.5 |
|
|
vEdge cannot resolve vBond. No packets going out of loopback interface. |
|
|
Multiples vEdges crashing with "Software initiated - Daemon 'ftmd' failed" |
|
|
Pointing to a wrong URL for changing the default config. DB username and password |
|
|
ConfigDB credentials are exposed in cleartext |
|
|
WebHooks fails in vManage when more than one is configured |
|
|
Frequent Exceptions "Unable to process request = /clusterManagement/tenancy/mode from client X" |
|
|
No date and time info in the syslog payload |
|
|
Web traffic is not properly recognized by DPI |
|
|
The request nms configuration-db configure command needs protection and documentation |
|
|
SSO auth errors, exception: Error determining metadata contracts |
|
|
Messaging server crash information saved in ramdrive |
|
|
vedge_azurecloud_cloud_18_4_0 console logs are getting filled with HTTP logs |
|
|
vSmart OMPD crash on policy application |
|
|
ConfigDB not updating username/password |
|
|
vmanage triggered alert "Could not store alarm:" resulting alarm trigger at provider. |
|
|
vAnalytics launch lands on a "about:blank" page on 19.2.3 image version |
|
|
DCA engine may not be able to reach vManage |
|
|
SNMP community not accepting exclamation ! in string |
|
|
UI timeout before Centralized Policybackend operation is completed |
|
|
dbgd crash observed on the vEdge router while running a speed test. |
|
|
/opt/data/backup permission denied |
|
|
UI timeout needs to be changed to 180 seconds for policy and security view generation |
|
|
ISR1100-6G vEdge reboot after Centralized policy push |
|
|
Workaround is needed for Operator user to be able to view device configurations post VManage 19.2.3 |
|
|
Vedge reversing the src and dst MAC instead of using its own src-mac. |
|
|
Buffer pool leak seen on ISR1100-6G |
|
|
vEdge DPI for MS Teams does not work well |
|
|
Unable to login through SSO with vManage on 19.2.31 |
|
|
drconsul service start in cluster while arbitrator is not in use |
|
|
Enhance syslog format for SDWAN to align with RFC standard |
|
|
vManage reverts a CLI template to its original version incorrectly. |
|
|
Add host-name or personality in the admin-tech filename |
|
|
Ater doing a manual DR, the "make primary" button did not show in new standby |
|
|
Cisco SD-WAN Command Injection Vulnerabilities |
|
|
Cisco SD-WAN Command Injection Vulnerabilities |
|
|
Cisco SD-WAN Command Injection Vulnerabilities |
|
|
Cisco SD-WAN Command Injection Vulnerabilities |
|
|
Cisco SD-WAN Command Injection Vulnerabilities |
|
|
Cisco SD-WAN Command Injection Vulnerabilities |
|
Bug ID |
Description |
|---|---|
|
Disaster recovery feature failing with error apoc.periodic.iterate |
|
|
Fail to upload images to software repository post Cisco vManage upgrade to Cisco SD-WAN Release 19.2.4 |
Resolved and Open Bugs for Cisco SD-WAN Release 19.2.31
|
Bug ID |
Description |
|---|---|
|
%IPSEC-3-REPLAY_ERROR: + BFD down and drops IN_CD_COPROC_ANTI_REPLAY_FAIL |
|
|
vedge cloud 18.4.3/19.2.1 on top of NFVIS(3.12.3 RC4) stop fowarding traffic when CU flap interface. |
|
|
Cloud onRamp for IaaS on AWS: default route to null0 blackholes traffic sent to Internet |
|
|
''ftmd' crash on vEdge when cellular interface is present and "show interface" is executed |
|
|
Critical customer with 19.2.2, 4 vManage cluster is running into Full GC allocation failure |
|
|
SNMP Query for Interface Description OID breaks if description is longer than 32 characters. |
|
|
OMPD crash with control-policy export vpn |
|
|
Device's are not booting up after a power outage |
|
|
vEdge control connections goes down after CSR generation |
|
|
vManage revokes devices enterprise cert after hitting "Send to Controllers" |
|
|
fpmd crashes on vEdge1k, 2k with 19.2.1, 18.4.302 |
|
|
On the NSO of the vManage, the address of the vSmarts was set as 0.0.0.0 |
|
|
vEdge crashes with dbgd failed message when running speed test |
|
|
vManage GUI down due to GC Allocation Failure on 19.2.3 |
|
|
Multiples vEdges crashing with "Software initiated - Daemon 'ftmd' failed" |
|
|
Unable to edit the device template if security policy is attached |
|
|
UI timeout before Centralized Policybackend operation is completed |
|
|
UI timeout needs to be changed to 180 seconds for policy and security view generation |
|
|
don't add certificate errors into configure DB |
|
|
Vedge-5000:Auto IP feature support for feature parity. |
|
|
SNMP v3 walk is failing in vsmart and vedges |
|
|
Unable to see stats on vAnalytics in 18.4.5 |
|
|
DCA unable to reach vManage |
|
|
dbgd crash observed on the vEdge router while running a speed test. |
|
|
Regression: vEdge2000 cannot exceed more than 65K NAT sessions over GRE or IKE IPSec tunnel |
|
|
100M shaper will introduce inaccurate throughput with traffic oversubscribed on ISR1100-4G |
|
|
fp-core watchdog failure on vEdge 5k running 18.4.1 (fp-um) |
|
|
vEdge(x86) IPSec+QoS Performance Optimization |
|
|
SSO SAMLResponse redirect points to loginError.html unexpectedly |
|
|
Cisco SD-WAN vManage cluster kills session after idle-timeout expires even when traffic is present |
|
|
Buffer pool leak seen on ISR1100-6G |
|
|
Cisco SD-WAN vManage Software XML External Entity Vulnerability |
|
|
Cisco SD-WAN vManage Software XML External Entity Vulnerability |
|
|
Cisco SD-WAN vManage Software Path Traversal Vulnerability |
Open Bugs for Cisco SD-WAN Release 19.2.31
|
Bug ID |
Description |
|---|---|
|
Unable to login through SSO with vManage on 19.2.31 |
|
|
Disaster Recovery: Secondary vmanage cluster shows 200,000 vmanages instead of 3 on main dashboard |
|
|
ConfigDB not updating username/password |
Resolved and Open Bugs for Cisco SD-WAN Release 19.2.3
Resolved Bugs for Cisco SD-WAN Release 19.2.3
|
Bug ID |
Description |
|---|---|
|
vE5K performance drops significantly using loopback TLOC without 'bind' configuration |
|
|
fp-core watchdog falure on vEdge 5k running 18.4.1 tcpd crash |
|
|
vManage is showing certificate expiry alarms under the 'Certificates' pane on the dashboard |
|
|
Error in sending device list for Push vSmart List to vBond |
|
|
DPI statistics database configuration memory increase |
|
|
vedge frequently establishing control connections to the vBond even though it is in equilibrium |
|
|
Cloud on Ramp not pushing configuration to vEdge-Cloud when adding Sites |
|
|
vEdge WLAN iPhone Wireless Clients dropping connection after 1-3 mins |
|
|
IPsec tunnel stuck in IKE_INIATE with vEdge not initiating IKE packets. |
|
|
Data collection is slow on vManage after enabling vAnalytics |
|
|
API should validate value of platformFamily + Enforce sw version ZTP configures isr1100 for x86 img |
|
|
Enforce Software Version : Device already has image error |
|
|
vEdge VRRP fail to receive unicast traffic over i40evf |
|
|
regression: can't configure dhcp default route in vManage 19.3.0 |
|
|
Can not create vManage user to access disaster recovery other than admin user |
|
|
vmanage gui not accessible as /opt/data is 100% full. App server down |
|
|
Dbgd daemon crashed with signal 6 after running vEdge packet capture |
|
|
Traffic simulation is not working properly on 19.2.1 |
|
|
vEdge 2k with 17.2.8 see high CPU because of process vconfd_script_vmanage_list_stats.sh |
|
|
Not getting omp label on the edge devices which is causing traffic to take another link. |
|
|
Vedge ipsec tunnel stops passing traffic during high load and rekey |
|
|
Vmanage reloads with reason: Daemon 'cfgmgr' failed |
|
|
vedge SRIOV networks are unreachable after remote interface flap |
|
|
vBond DNS resolution may fail in ECMP environment |
|
|
ZBFW + IRB show severe packet loss |
|
|
Performance is very low with subinterfaces on vEdge5k |
|
|
Route export not working as desired during failover testing |
|
|
Nat over IPsec not working with ZBFW |
|
|
vedge-cloud with SRIOV interfaces unable to receive IP packets more than 1496 bytes |
|
|
Route export not working as expected during failover testing |
|
|
TS/SS: Fail to push template and create admin log from UI. Failed to publish the task on message bus |
|
|
vEdge SDWAN IPsec tunnel flapping due IKE packet drops |
|
|
Shaping rate in x86 platform not working properly for TCP traffic |
|
|
Inconsistency between "show app dpi flows" output and Current flows count in show app dpi summary |
|
|
SNMP not working on tunnel interface and to loopback interface in vpn 0. |
|
|
RDP Session resets with 802.1x running with default reauth and inactivity values |
|
|
vedge frequently establishing control connections to the vBond even though it is in equilibrium |
|
|
vEdge Cloud: vEdge on Azure may go into a bootloop state after an upgrade from 18.x.x to 19.2.2 |
|
|
Dhcp helper option not available in static mode in feature template for vedge and xe-sdwan |
|
|
isr1100 unable to communicate with vbond due to Board ID Signature Verify Failure |
|
|
vmanage dr standby cluster not replicating feature templates even config-db replication is success |
|
|
Vedge doesn't initiate an IKE negotiation, it sends a CREATE_CHILD_SA instead |
|
|
VManage alarms Control TLOC Down and BFD TLOC Down are not raised on the GUI all the time |
|
|
Show system status shows CPU allocation is 3 when deployed with 2 |
|
|
Traffic stop sending across WAN when WAN link got unplugged and packet duplication is on :ISR1100-4G |
|
|
ISR1100-4G, ISR1100-6G Fixed speed 100/10 full duplex config are not supported on RJ45 ports. |
|
|
SDWAN 20.3 - 'ftmd' crash on vEdge100WM while activating/deactivating policy from vSmart. |
|
|
Insecure Product Design exposes sensitive information to non-admin user. |
|
|
Cisco SD-WAN vManage Cypher Query Language Injection Vulnerability |
|
|
Cisco SD-WAN vManage Cypher Query Language Injection Vulnerability |
|
|
Cisco SD-WAN vManage Information Disclosure Vulnerability |
|
|
Cisco SD-WAN vManage SQL Injection Vulnerabilities |
Open Bugs for Cisco SD-WAN Release 19.2.3
|
Bug ID |
Description |
|---|---|
|
Upload of a corrupted serial file can lead to DOS situation |
|
|
vEdge/vBond: default route is not installed in RIB even ARP is learnt and default GW is reachable |
|
|
SDWAN 19.2.1: IPv6 vBond not reachable/UP from vManage when DNS name |
|
|
edge device is not coming UP in vManage GUI, control connection is UP |
|
|
vManage periodic cfgmgr crash |
|
|
vManage generates 'Failed to create input variables' error after feature template edit |
|
|
controller affinity making high CPU to 95% when we have 74k routes |
|
|
BFD sessions flap after multiple control connection flaps to the vSmart. |
|
|
CSR signed certificate fails when vManage configured with timezone America/Sao_Paulo with Cisco PKI |
|
|
Disaster Recovery: Secondary vmanage cluster shows 200,000 vmanages instead of 3 on main dashboard |
|
|
Cluster vManage running 18.4.3 - Messaging server went into waiting state with error corrupt index. |
|
|
failover fails with a nullpointerexception with one vbond down |
|
|
Software initiated - FP core watchdog fail after upgrade to 19.2.2 on vEdge1K |
|
|
Arbitrator NullPointerException@getLocalDataCenterMemberDetails & up GUI status of isolated DC1/DC2 |
|
|
SSO broken on 19.2.2 |
|
|
A critical customer with 19.2.2, 4 vManage cluster is running into Full GC allocation failure |
|
|
vedge 100 reboots due to vademon crash |
|
|
IKE IPSec: Generate an error message, if strongSwan can't execute rekey CLI |
|
|
" VPN Interface Ethernet PPPoE" template with QoS causing QoS appyied on Dialer's Physical Interface |
|
|
vManage spends 60+ seconds to parse the device template with 500+ variables |
|
|
19.2.2 template push failing for 16.10.2 Cisco IOS XE SD-WAN devices |
|
|
QOS-vEdge2K : not getting desired throughput when sending traffic more than shaping-rate |
|
|
Configuration-db hitting out-of-memory condition in particular scenario with certificates |
|
|
The vManage with 19.2.2 code ran into full GC allocation failure, need RCA and possible fix date |
|
| CSCvs70534 |
vEdge(x86) IPSec+QoS Performance Optimization |
|
vEdge crashes with dbgd failed message when running speed test |
|
|
vE5k after upgrade to 19.2.3 isn't form control connections; doesn't able to resolve vBond URL |
|
|
Multiples vEdges crashing with "Software initiated - Daemon 'ftmd' failed" |
|
|
On the NSO of the Cisco vManage, the address of the vSmarts was set as 0.0.0.0 |
|
|
Cisco vManage GUI down due to GC Allocation Failure on 19.2.3 |
|
|
Unable to edit vbond config via CLI , when control connection breaks from vmanage. |
|
|
Seeing more hVNETs than maximum allowed |
|
|
Changing Config-DB ID/Password from default to non-default on a cluster of more than 3 members |
Resolved and Open Bugs for Cisco SD-WAN Release 19.2.2
Resolved Bugs for Cisco SD-WAN Release 19.2.2
|
Bug ID |
Description |
|---|---|
|
Certificate Expired Alarm for future date |
|
|
Cloud vEdge crash on bfdmgr_update_sla_mapping |
|
|
OMP Feature Template - advertise ipv6 for vEdge leads to Config Preview Fail |
|
|
vEdge 1000 - FP crash with Zone Based Firewall and IRB config |
|
|
The config on VBond rolls back when the configs are pushed through VManage CLI template |
|
|
vManage cluster GUI SSO fails during the 2nd login attempt using old cookies |
|
|
vEdge2K Crashed with resolvd failed |
|
|
Upgrade from 18.4.1 to 19.2 breaks ip connectivity on TenGe interface in service-side vpn |
|
|
Hardware edge cert (non-SUDI) issues with CSR containing "/" in CN using Enterprise CA |
|
|
Multiple fp-um crashes seen on vEdge cloud on 18.3.5 |
|
|
vdaemon crashes after change csr vbond ip |
|
|
vManage should not push "media-type rj45" when user configures speed or duplex |
|
|
Template update pushing wrong interface with UTD NAT statement on Dialer interface |
|
|
vEdge 5k on the 18.4.302 code stops forwarding packets over the 10 Gig interfaces |
|
|
When setting up disaster recovery, multiple nodes in cluster are in bootstrap mode |
|
|
VManage UI Unresponsive or very slow in 18.3.8; Full GC (Allocation Failure) |
|
|
BGP neighbor commands are missing after upgrade from 19.2.0 to 19.2.099 |
|
|
idle-timeout is improperly mapped on Cisco XE SD-WAN devices |
|
|
ftmd core observed with forwardingv4v6 regression runs on 19.3 |
|
|
Disaster Recovery: vbond registering with secondary vmanage cluster after recovering from failure |
|
|
API call with CSRF token returning wrong content type in header (as JSON when actually plain text) |
|
|
SD-WAN router may delete newly created SA in a specific case |
|
|
template push fails for ipv6 BGP nbr w/ AF enabled on upgrade scenario from 19.2.098 |
|
|
vedge-cloud with NAT/cflowd, forwarding performance is degraded by 50% |
|
|
vManage the user ip display the local link ip address in AUDIT LOG |
|
|
vManage templates are NOT available on the Secondary cluster. |
|
|
UL drops observed with packet size greater than 1396 while LTE perf test on ISR1100-4G/6G |
|
|
vEdge - Inbound NAT inside IPsec tunnel not working |
|
|
OMP feature template - Not able to select Advertise ipv6 |
|
|
request csr upload fails with lost connection |
|
|
vManage is pushing additional slash '\' with the banner line breaker |
|
|
idle-timeout is improperly mapped on XE-SDWAN |
|
|
16.12.3 ZBFW:Control conn flap error shows up during template push |
|
|
Disaster Recovery: Automatic failure not done when a vbond is down |
|
|
Unable to push template on 19.2 vManage and 16.12 device |
|
|
vManage config preview is timing out on large config. |
|
|
TS/SS: Fail to push template and create admin log from UI. Failed to publish the task on message bus |
|
|
AWS C5 instances of vmanage has very slow response and crashes with "hung_task" |
Open Bugs for Cisco SD-WAN Release 19.2.2
|
Bug ID |
Description |
|---|---|
|
DPI statistics database configuration memory increase |
|
|
vedge frequently establishing control connections to the vBond even though it is in equilibrium |
|
|
vManage/vSmart system status(CPU/Memory) stuck at Zero percent |
|
|
vmanage site list built through GUI not respecting syntax |
|
|
Latitude/Longitude inconsistent value in vManage UI 19.2 |
|
|
vEdge VRRP fail to receive unit cast traffic over i40evf |
|
|
vManage real time is not pulling more than 4k entries |
|
|
The DR replication is not working when the secondary cluster takes over as primary cluster |
|
|
Can not create vManage user to access disaster recovery other than admin user |
|
|
Deleting vManage Disaster Recovery should not remove the software image from the software repository |
|
|
Alarms/events are NOT replicated to the secondary vManage cluster |
|
|
[Azure] vmanage rebooted on 19.3 with Software initiated - Kernel Panic |
|
|
vmanage gui not accessible as /opt/data is 100% full. App server down |
|
|
Vmanage goes OOM after upgrade to 19.2.1 java.lang.OutOfMemoryError: Java heap space |
|
|
SDWAN 19.2.1: IPv6 vBond not reachable/UP from vManage when DNS name |
|
|
19.2.1 template push failing for 16.10.2 Cisco XE SD-WAN devices |
|
|
vedge-cloud with 19.2.1, 10GE interface on x520 adapter does not work after link is flapped |
|
|
Cloud multi-tenant EMS images not visible on repository after migration from 18.3.x to 19.2.1 |
|
|
vManage reloads with reason: Daemon 'cfgmgr' failed |
|
|
OMP advertises aggregate route with components from RIB even if "no advertise <protocol>" configured |
|
|
Top applications UI : Y axis (usage) not shown properly |
|
|
Shaping rate in ISR1100-4G not working properly for TCP traffic |
|
|
vEdge Cloud: vEdge on Azure may go into a bootloop state after an upgrade from 18.4.302 to 19.2.2 |
|
|
Vedge 1k running 19.2.1 constantly reboots with the reason "USB controller disabled or enabled" |
Resolved and Open Bugs for Cisco SD-WAN Release 19.2.1
Resolved Bugs for Cisco SD-WAN Release 19.2.1
|
Bug ID |
Description |
|---|---|
|
callin keyword issues for feature template for dialer interfaces |
|
|
Device is crashing constantly when TCP optimization is enabled. |
|
|
The config on VBond rolls back when the configs are pushed through VManage CLI template |
|
|
vManage cluster GUI SSO fails during the 2nd login attempt using old cookies |
|
|
VPN0 interface won't come up on vbond KVM instance on RHEL7.5 |
|
|
vManage config preview is timing out when we have a large policy with more than 750 sequences |
|
|
vManage 19.2.099 shows Invalid value if GPS Lat/Long is float |
|
|
vEdge 5k on the 18.4.302 code stops forwarding packets over the 10 Gig interfaces |
|
|
vEdge iPerf speed test -r option is not working as expected |
|
|
BGP neighbor commands are missing after upgrade from 19.2.0 to 19.2.099 |
|
|
DNS configurations are not pushed to the XE-SDWAN device properly |
|
|
vEdge FTMD crash |
|
|
- /var/crash/kernel_panic is empty - show reboot history says "Software initiated - Kernel Panic" |
|
|
vEdge 2000 - ZBFW counters stuck after stress tests |
|
|
vEdge5K does not forward all fragments on service side |
|
|
Guest OS type for vNIC Adapter Type to Deploy Controllers in VMWARE |
|
|
vEdge100b appears to be leaking memory in sysmgrd |
|
|
vrrp virtual ip not able to ping from host on ESXI vedge x86 with E1000, vmxnet3 interface I/O |
Open Bugs for Cisco SD-WAN Release 19.2.1
|
Caveat ID Number |
Description |
|---|---|
|
ISR1100-6G, vedge-5000 Copper SFP OIR is not working. |
|
|
Device is crashing constantly when TCP optimization is enabled. |
|
|
Stale vManage certs present on the vManage after we factory reset it and install a new cert |
|
|
vedge frequently establishing control connections to the vBond even though it is in equilibrium |
|
|
Status: Success should only be posted after the task has run to completion. |
|
|
VPN0 interface won't come up on vbond KVM instance on RHEL7.5 |
|
|
VRRP issue on vEdge 5k for 10G physical interface on 18.4.302 and 19.2.097. |
|
|
vEdge iPerf speed test -r option is not working as expected |
|
|
Data collection is slow on vManage after enabling vAnalytics on 19.2.097 |
|
|
Latitude/Longitude inconsistent value in vManage UI 19.2 |
|
|
ISR1100-4G, ISR1100-6G Fixed speed 100/10 full duplex config are not supported on RJ45 ports. |
|
|
vEdge VRRP fail to receive unit cast traffic over i40evf |
|
|
template push fails for ipv6 BGP nbr w/ AF enabled on upgrade scenario |
|
|
19.2.1 template push failing for 16.10.2 Cisco XE SD-WAN devices |
Resolved Bugs for Cisco SD-WAN Release 19.2.099
|
Bug ID |
Description |
|---|---|
|
Failed to attach template to Cisco XE SDWAN Rtr if qos-map name changed after policy-map is attached |
|
|
Cellular IP is getting reset when primary transport interface Gi0/0/0 is shutdown. |
|
|
interface cant be moved from vrf 0 to service vrf when it has ip address |
|
|
flow data is not populated into /tmp/xml/fnf |
|
|
Cellular interface doesn't get an IP address when brought up through the pnp workflow |
|
|
19.2.0 regression: Can not configure NTP on SD-WAN and specify source interface in VPN |
|
|
fman-fp keeps on crashing after attach app-route policy with app-family |
|
|
xe-sdwan omp aggregate-only does not suppress component routes sometimes |
|
|
CPP crash with Packet Duplication enabled on path failover with XE SDWAN router |
|
|
microloops because of redistribution OMP<>OSPF external with DN-bit are happening on IOS-XE SD-WAN |
|
|
callin keyword issues for feature template for dialer interfaces |
|
|
confd died on upgrading from 18.3.X to 18.4 on 100b |
|
|
snmp-server trap-source configuration is not generated for Cisco XE SD-WAN Router by vManage |
|
|
'tcp adjust-mss' mapping fails for XE SDWAN router on service-side IPSec template |
|
|
duplex mode shows half duplex while setting "no autonegotiate" |
|
|
Enhancement for Vmanage Config Diff feature to work correctly on xe-sdwan CLI Templates. |
|
|
remove tloc-list or export-to from control policy removes tloc-list or export-to from other sequence |
|
|
vedge directed-broadcast should forward as 255.255.255.255 to match xe-sdwan and cisco behavior |
|
|
ikev2 dpd retransmit always 1s and fails after one retry with "giving up after 1 retransmits" |
|
|
With disaster recovery paused vmanage does not allow controllers to be upgraded from GUI |
|
|
Getsockopt errors on vmanage console after upgrading vmanage cluster to 19.2.0 |
|
|
vAnalytics - Launch vanalytics not working in vmanage UI |
|
|
Static NAT Optional Setting does not persist |
|
|
API Try it out option on the Swagger UI(/apidocs) is stuck on 19.2 vmanage |
|
|
omp routes redistributed into ospf are advertised back into omp causing a routing loop |
|
|
vEdge is using ip addresses outside of the natpool range |
|
|
vEdge performs NAT translation to public source port 0 or overlaps ports when all ports exhausted |
|
|
Vmanage pushes incorrect config for xe-sdwan DNS under management vrf (vpn 512) |
|
|
Cisco XE SD-WAN device configures IPv6 BGP neighbor under both IPv4 and IPv6 address-family |
|
|
Unable to push CLI template from the vManage when the NTP source interface is configured. |
|
|
CLI template based BGP configuration does not work with update-source interface |
|
|
IPSEC tunnel source IP is not updated when WAN IP changes. |
|
|
Fix handling of leading 0's in Cisco XE SD-WAN device certificate serial numbers |
|
|
Zscaler tunnel failure when NAT selects public port 0 |
Resolved Bugs for Cisco SD-WAN Release 19.2.097
|
Bug ID |
Description |
|---|---|
|
Large number of out-of-order packets seen with vEdge5k and vEdge-Cloud |
|
|
core fp-um crash on vEdgecloud running 18.3.5. fp_hw_x86_pkt_remove_header |
|
|
vEdge1000 crashed even after applying the 18.4.101 ES image |
Resolved and Open Bugs for Cisco SD-WAN Release 19.2.0
Resolved Bugs for Cisco SD-WAN Release 19.2.0
|
Bug ID |
Description |
|---|---|
|
config commit operation fails on ISRv on 5406 with error ext2_lookup:deleted inode referenced |
|
|
source-interface mapping is missing in vmanage for tacacs and radius server group. |
|
|
Unable to load Device->Template page |
|
|
vManage export CSV file of feature templates(not CLI templates) with 2+ devices reordering values |
|
|
SVM: server config file is empty |
|
|
vEdge5000: control connection stuck in "Challenge" phase with TPM lockup |
|
|
"ip address negotiated" configuration is not being pushed from a vManage running the 19.1.0 code |
|
|
vManage: VPN Interface Ethernet template is not accepting 10ge as interface name |
|
|
SVM: NMS app-server fails to start |
|
|
Email notification - host name shows as N/A for all alerts, but alarm has the hostname. |
|
|
Edit vmanage from local host to ip before cluster addition failing |
|
|
snmp traps on vedge not egressing out of the snmp source interface configured |
|
|
continuous nat-pool exhausted failure leads to map-db leak |
|
|
NAT translation is not happening for return traffic |
|
|
ftmd process crash on vEdge router |
|
|
Cisco SD-WAN vManage Software Path Traversal Vulnerability |
|
|
Cisco SD-WAN vManage SQL Injection Vulnerabilities |
|
|
Cisco SD-WAN Information Disclosure Vulnerability |
|
|
Cisco SD-WAN vManage Software Path Traversal Vulnerability |
|
|
Cisco SD-WAN vManage SQL Injection Vulnerabilities |
|
|
Cisco SD-WAN vManage SQL Injection Vulnerabilities |
|
|
Cisco SD-WAN vManage SQL Injection Vulnerabilities |
Open Bugs for Cisco SD-WAN Release 19.2.0
|
Bug ID |
Description |
|---|---|
|
Large number of out-of-order packets seen with vEdge5k and vEdge-Cloud |
|
|
Setting "Collect admin-tech on reboot" to On in System Feature template does not work for Cisco XE SD-WAN devices |
|
|
TAIL-F: Passwords more than 32 characters in length fail when doing push from vManage (CSCvo93386) |
|
|
DR: drconsul process failed to start on one vmanage in secondary cluster |
|
|
Traffic does not resume after we change speed on SFP Interfaces. |
|
|
line vty config getting changed to transport input none after loading from ciscosdwan.cfg |
|
|
after device reboot from vmanage, vsmart boots up to shell prompt |
|
|
Cisco XE SD-WAN ISR system-report files under bootflash/core need to picked up in admin-tech-from-vmanage |
|
|
Prefix lists from aci not updated due to template lock |
|
|
Enterprise Certs lost when upgraded from 18.4.302 to 19.2.099 |
|
|
No date and time info in the syslog payload |
Feedback