Introduction
This is the fourth maintenance release for Cisco Prime Infrastructure 3.10.
You can install Cisco Prime Infrastructure 3.10.4 on Cisco Prime Infrastructure 3.10.2 System Patch or Cisco Prime Infrastructure 3.10.3. Prime Infrastructure PI_3_10_4-1.0.24.ubf is approximately 935 MB.
You must install the Cisco Prime Infrastructure 3.10.4 Mandatory System Patch (PI_3_10_4_SystemPatch-1.0.12.ubf - approximately 1.97 GB) after 3.10.4 installation. This includes Oracle April 2023 critical patch update. To install the system patch, see Installing the System Patch from Local Storage .
The downloading time depends on the available network connection in the enterprise environment. Ensure that you have adequate bandwidth and are not running into high latency issues.
System Requirements
For more details on the system requirements, see Understand System Requirements section in the Cisco Prime Infrastructure 3.10 Quick Start Guide.
Installation Guidelines
The following sections explain how to install the maintenance release.
Before You Begin Installing the Maintenance Release
You can install Prime Infrastructure 3.10.4 on top of Cisco Prime Infrastructure 3.10.2 System Patch or Cisco Prime Infrastructure 3.10.3 from Software Download page.
Since the maintenance release is not removable, it is important to have a way to revert your system to the original version in case hardware or software problems cause the maintenance release installation to fail.
To ensure you can do this, take a backup of your system before downloading and installing this UBF maintenance release.
If the backup is a Prime Infrastructure 3.10.3 backup, restore the backup on Prime Infrastructure 3.10.3 server before applying the 3.10.4 release.
Similarly, if you are running Prime Infrastructure 3.10.3 in a Virtual Machine (VM) and your organization permits taking VM snapshots, stop Prime Infrastructure and use the VMware client to take a VM snapshot before applying this maintenance release. Store the snapshot in an external storage repository, and restore from the snapshot if the maintenance release installation is unsuccessful. For more details, see Restore an Application Backup in the Cisco Prime Infrastructure 3.10 Administrator Guide.
To revert to Prime Infrastructure 3.10.4 installation (with PI 3.10.x, PI 3.9.x, PI 3.8.x, or PI 3.7.x backup), follow these steps:
-
Reinstall Prime Infrastructure 3.10 from an OVA or ISO distribution
-
Upgrade to Cisco Prime Infrastructure 3.10.2 using tar bundle and install PI 3.10.2 system patch once after upgrade is completed. For more information, see Cisco Prime Infrastructure 3.10.2 Release Notes
-
Install Cisco Prime Infrastructure 3.10.4
-
Install Cisco Prime Infrastructure 3.10.4 System Patch
-
If you have a prior 3.10.x, 3.9.x, PI 3.8.x, PI 3.7.x backup - Restore this backup
If you are installing this release as part of a High Availability (HA) implementation, see Installing the Maintenance Release in High Availability Mode in the Cisco Prime Infrastructure 3.10 Administrator Guide .
Installing the Release from Local Storage
 Caution |
If you have a High Availability (HA) environment, remove the HA setup before proceeding to install this release. For more details, see Installing the Maintenance Release in High Availability Mode . |
Make sure that you have completed the recommended preparation steps given in Before You Begin Installing the Maintenance Release .
To install Cisco Prime Infrastructure 3.10.4 from the local storage, follow these steps:
 Note |
You can only install Cisco Prime Infrastructure 3.10.4 by manual download from Cisco.com and upload and install through Cisco Prime Infrastructure UI. |
Procedure
|
Step 1 |
Download the Prime Infrastructure PI_3_10_4-1.0.24.ubf from Home > Products > Cloud and Systems Management > Routing and Switching Management > Network Management Solutions > Prime Infrastructure > Prime Infrastructure 3.10 > Prime Infrastructure Patches - 3.10.4 and save the file in your local system. |
||
|
Step 2 |
Log in to Prime Infrastructure 3.10.2 System Patch or Prime Infrastructure 3.10.3 server. |
||
|
Step 3 |
Choose Administration > Licenses and Software Updates > Software Update. |
||
|
Step 4 |
Click Upload and browse to the location where you have saved the maintenance release file. Click OK to upload the file. |
||
|
Step 5 |
In the Status of Updates pane, click the Files tab and check whether PI_3_10_4-1.0.24.ubf is listed under FileName column. |
||
|
Step 6 |
In the Critical Fixes pane, click Install.
|
||
|
Step 7 |
Click Yes in the pop-up dialogue box to install Cisco Prime Infrastructure 3.10.4. It may take approximately 1 hour for the installation process to complete. |
||
|
Step 8 |
You can verify the release installation from Prime Infrastructure Login under Critical Fixes by clicking View Installed Updates and also by logging into the server and choosing Administration > Software Update. You should see a listing for the release in the Updates tab, with Installed in the Status column. |
Installing the Maintenance Release in High Availability Mode
Download PI_3_10_4-1.0.24.ubf from Home > Products > Cloud and Systems Management > Routing and Switching Management > Network Management Solutions > Prime Infrastructure > Prime Infrastructure 3.10 > Prime Infrastructure Patches - 3.10.4 and save the file in your local system.
To install the downloaded PI_3_10_4-1.0.24.ubf in High Availability mode follow the below prerequisites:
-
Make sure that you have completed the recommended preparation steps given in Before You Begin Installing MR.
Note |
Prime Infrastructure 3.10.4 can be applied only in primary and secondary standalone servers. The server will restart automatically once the installation is complete. The restart typically takes more than 45 minutes. You cannot apply Prime Infrastructure 3.10.4 when HA is enabled. |
-
If you are installing Cisco Prime Infrastructure 3.10.4 on High Availability (HA) paired servers, you will get an error message.
For more details, see Remove HA Via the GUI in the Cisco Prime Infrastructure 3.10 Administrator Guide.
-
Continue the patching once HA removed completely. For more details, see the How to Patch New HA Servers section in the Cisco Prime Infrastructure 3.10 Administrator Guide .
Troubleshooting Maintenance Release Installs in High Availability Implementations
If you are unable to apply this maintenance release in a High Availability (HA) implementation, check whether your network bandwidth, throughput and latency meets the network requirements recommended in Network Throughput Restrictions on HA section in the Cisco Prime Infrastructure 3.10 Administrator Guide. In a few cases, continued or intermittent throughput problems can cause a complete failure. If you believe this has occurred, contact Cisco TAC for support.
If you are unable to verify that this maintenance release has been successfully installed on a Prime Infrastructure server, or one or both of the servers fails to restart properly after installing the maintenance release, you may need to re-image the server as explained in Before You Begin Installing the Maintenance Release before continuing.
In all cases, you can use the backup-logs command on one or both servers to get information on the source of the failure. For more information, see the backup-logs section in the Cisco Prime Infrastructure 3.10 Command Reference Guide .
Installing the System Patch from Local Storage
-
You can only install Cisco Prime Infrastructure PI_3_10_4_SystemPatch-1.0.12.ubf by manual download from Cisco.com and upload and install through Cisco Prime Infrastructure UI.
-
Cisco Prime Infrastructure PI_3_10_4_SystemPatch-1.0.12.ubf can be applied only in primary and secondary standalone servers. The server will restart automatically once the installation is complete. The restart typically takes 45 to 60 minutes.
To install Cisco Prime Infrastructure PI_3_10_4_SystemPatch-1.0.12.ubf from the local storage, follow these steps:
Procedure
|
Step 1 |
Download the Prime Infrastructure from PI_3_10_4_SystemPatch-1.0.12.ubf Home > Products > Cloud and Systems Management > Routing and Switching Management > Network Management Solutions > Prime Infrastructure > Prime Infrastructure 3.10 > Prime Infrastructure Patches - 3.10.4 and save the file in your local system. |
||
|
Step 2 |
Log in to Prime Infrastructure 3.10.4 server. |
||
|
Step 3 |
Choose Administration > Licenses and Software Updates > Software Update. |
||
|
Step 4 |
Click Upload and browse to the location where you have saved the system patch file. Click OK to upload the file. |
||
|
Step 5 |
In the Status of Updates pane, click the Files tab and check whether PI_3_10_4_SystemPatch-1.0.12.ubf is listed under FileName column. |
||
|
Step 6 |
In the Critical Fixes pane, click Install. |
||
|
Step 7 |
Click Yes in the pop-up dialogue box to install Cisco Prime Infrastructure PI_3_10_4_SystemPatch-1.0.12.ubf. It may take approximately 1 hour for the installation process to complete.
|
||
|
Step 8 |
You can verify the release installation from Prime Infrastructure Login under Critical Fixes by clicking View Installed Updates and also by logging into the server and choosing Administration > Software Update. You should see a listing for the release in the Updates tab, with Installed in the Status column. |
New Features and Enhancements
This section provides a brief description of new features and enhancements in Cisco Prime Infrastructure 3.10.4
Wireless
In this release, configuring the antenna selection for Radio Interface from Configuration > Network > Network Devices > Device Type > Unified AP > xxx_AP Name and Configuration > Templates > Lightweight Access Points > xxx_AP Name is not supported by the APs such as C9124AXI, C9124AXD, C9124AXE, C9136I ,C9162I ,C9164I , and C9166I. Use the CLI Template to configure the antenna selection through radio profile page and map it to the RF tag.
Telemetry support is provided through Service Port IP address for the following Cisco 9800 Wireless Controller device categories:
-
Cisco Catalyst 9800-40 Wireless Controller
-
Cisco Catalyst 9800-80 Wireless Controller
-
Cisco Catalyst 9800-L-C Wireless Controller
-
Cisco Catalyst 9800-L-F Wireless Controller
Important Notes
-
Cisco announced the End-of-Life and End-of-Sale for all versions of Prime Infrastructure. Please use the PDMT to migrate data to Cisco DNA Center or use Cisco Networking Bot for self-help migration. For more information reach out to the migration team at primetodnacmigration@external.cisco.com.
-
The EOL/EOS message always appears on the Login Page of Prime Infrastructure.
-
The EOL/EOS message appears in a pop-up notification window every time the user login to the Prime Infrastructure. However, after restart of the Prime Infrastructure services, the pop-up message will not be notified in the future.
-
For all the versions of Prime Infrastructure, Prime XWT Widgets are not compatible with the latest versions of Chrome and Edge browsers. This impacts the prime xwt actions such as add, update, delete, duplicate, and so on.
-
Edge:
-
114.0.1823.51
-
114.0.1823.43
-
-
Chrome:
-
114.0.5735.133
-
-
-
It is recommended to use Firefox or lower versions of Chrome and Edge browsers to carry out the Prime XWT widget actions in the Prime Infrastructure.
-
When you restore to Cisco Prime Infrastructure 3.10.4 from earlier versions 3.7.x, 3.8.x, 3.9.x, 3.10.x backup, you will be notified with the following warnings in the restore console window:
These warning messages are displayed due to the recent upgrade of JRE in Prime Infrastructure 3.10.2. For more information, see JDK-8172404.Warning: <verisigntsaca> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update. <airespace-root> uses a 1536-bit RSA key which is considered a security risk. This key size will be disabled in a future update. <verisignclass1ca> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update. <verisignclass1g2ca> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update. <verisignclass2g2ca> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update. <verisignclass3ca> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update. <verisignclass3g2ca> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update. <verisigntsaca> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update. Warning: <airespace-root> uses a 1536-bit RSA key which is considered a security risk. This key size will be disabled in a future update.
Open Caveats
The following table lists the open caveats in Prime Infrastructure Release 3.10.4.
Click the identifier to view the impact and workaround for the caveat. This information is displayed in the Bug Search Tool. You can track the status of the open caveats using the Bug Search Tool.
|
Identifier |
Description |
|---|---|
|
\"Bulk AP\" export/import fails when building/floor name contains double-byte characters or comma (,) |
|
|
Air Quality vs Time report displays an error when two protocols are selected |
|
|
Inspect Voice Readiness may not work for floors with high AP counts |
|
|
Cisco Prime Infrastructure 3.10.3 Operation Center may intermittently break reachability with instances |
|
|
Heat map shows as tiny image for AP 9130AXI-E in Prime Infrastructure 3.10.2 |
|
|
CGS2520 Switch software image distribution job gives false negative result |
|
|
Cisco Prime Infrastructure 3.10.3 - Catalyst 9200 Devices collection failure |
|
|
Alarm table is getting corrupted (ORA-600 error) during upgrade to Prime Infrastructure 3.10 |
|
|
Unable to export Unified AP from Dashboard > Overview > Unified AP status returns page error: 404 |
|
|
CSCvs32965 - defect not fixed in the latest version of Prime Infrastructure |
Resolved Caveats
The following caveats were resolved in Prime Infrastructure Release 3.10.4.
Click the identifier to view the impact and workaround for the caveat. This information is displayed in the Bug Search Tool. You can track the status of the open caveats using the Bug Search Tool.
|
Identifier |
Description |
|---|---|
|
C9800 anchor mobility traps not mapped in Cisco Prime Infrastructure 3.8.1 |
|
|
Prime Infrastructure should alert when 9800 Controller is managed by more than one PI instance |
|
|
3.10.1-9800 Telemetry coral connection failure issue appears even though device managed in Prime Infrastructure |
|
|
Compliance producing random/periodic false positives |
|
| Telemetry should pick Prime Infrastructure's NATted IP address | |
|
Telemetry support in Prime Infrastructure via Service Port/GigabitEthernet 0 for Cisco Catalyst 9800 controllers |
|
|
/opt/oracle/base/fast_recovery_area/WCS filling /opt in Prime Infrastructure 3.10 in HA |
|
|
VLAN detailed report failed for selected groups Prime 3.10 |
|
|
C9800 with WGB support needs to be implement in Prime |
|
|
Prime Infrastructure 3.10 showing access point in network topology maps |
|
|
Rx Neighbors are not listed for radios in AP 360 view on maps GUI page - Site Maps-New |
|
|
Prime Infrastructure 3.10.2: Unable to list switchport details \"no data available\" |
|
|
SNMP Reachability Status dashlet device listing issue |
|
|
Edit of Lightweight AP Templates can not save without selecting Radio Role for XOR 5/6GHz |
|
|
Apache Shiro Authentication Bypass multiple vulnerabilities |
|
|
Authentication Type displays as unknown for clients with WPA3 authentication |
|
|
Prime Infrastructure 3.10.2: WLC 9800 fails inventory collection |
|
|
Cisco Prime Infrastructure Command Injection Vulnerability |
|
|
RPM Vulnerabilities- krb5 ,grub2,xorg-x11-server |
|
|
\"Autonomous AP is unreachable\" is detected when admin status of AP is \"Maintenance\" |
|
|
Cisco Prime Infrastructure 3.10.2 channel shows as 0 in 5 gHz filter for AP models 9120, 9130 |
|
|
Prime Infrastructure 3.10 sometimes fails to generate a clear severity alarm after AP is UP |
|
|
Apache Tomcat 9.0.40 < 9.0.69 |
|
|
Oracle Database Server (Oct 2022 CPU) |
|
|
Apache 2.4.x < 2.4.55 Multiple Vulnerabilities |
|
|
libXpm (RHSA-2023:0377) |
|
|
Prime Infrastructrue 3.10.3 version, sorting of the floors is different |
|
|
Multiple vulnerabilities in Prime Infrastructure 3.10.2 |
|
|
RHEL 7 : bind (RHSA-2023:0402),RHEL 7 : kernel (RHSA-2023:0399) |
|
|
Oracle Database Server for Unix (Jan 2023 CPU) |
|
|
Prime Infrastructure 3.10.3 - Device reboots during Image Distribution |
|
|
Heatmaps are not shown correctly for AP C9124AXE which uses AIR-ANT2547VG-NS antenna |
|
|
Unified AP count is wrong from Prime Infrastructure Operations Center |
|
|
Coral services not running when we backport to Coral 16 from Coral 17 in Prime 3.10.3 |
|
|
Need to document NATed scenario in prime 3.10.4 admin/config guide |
|
|
CLI template user defined variable value is not updated when command is pushed onto device |
|
|
RHEL 7 : tigervnc and xorg-x11-server (RHSA-2023:0675) |
|
|
Prime 3.10.4 - Stale entry present on c9800 after deletion of device from prime |
|
|
Algo jar update for AP C9124AXE which uses AIR-ANT2547VG-NS antenna |
|
|
Prime Infrastructure 3.10.3 PSIRT and EOX compliance RBML bundle update |
|
|
(Prime Infra) Multiple SSO CGI Vulnerability |
|
|
Wired client traffic spike due to new session on each major poll |
|
|
Oracle Java SE Multiple Vulnerabilities (January 2023 CPU) |
|
|
AP UpTime is not being fetched as expected by Prime Infrastructure 3.10.1 |
|
|
CVE-2022-4304 - OpenSSL Vulnerability |
|
|
PI 3.10.3 throws a cosmetic popup \"see logs for further details\" when users logout of the GUI |
|
|
Apache 2.4.x < 2.4.56 Multiple Vulnerabilities |
|
|
RHEL 7 : kernel (RHSA-2023:1091),RHEL 7 : sudo (RHSA-2023:0291) |
|
|
Import of map archive from PI 3.7 to 3.10 fails to load floor map due to missing XML file |
|
|
RHEL 7 : nss (RHSA-2023:1332),RHEL 7 : openssl (RHSA-2023:1335) |
|
|
Prime Infrastructure ACL quick filtering not filtering individual ACEs |
|
|
User jobs automatically deleted by PI every 7 days even though configured for 365 |
|
|
ROGUEAPDETECTINGDETAIL table was removed from the DMM_PRUNINGSERVICEDATA table |
|
|
Apache POI < 3.17 Multiple DoS Vulnerabilities |
|
|
Cisco Wireless Solutions Software Compatibility Matrix update for Prime Infrastructure 3.10.3 |
|
|
Operations Center may not show the expected APs count under Unified AP |
|
|
RHEL 7 : tigervnc and xorg-x11-server (RHSA-2023:1594) |
|
|
Apache POI old files found in some locations |
|
|
Oracle Java SE Multiple Vulnerabilities (April 2023 CPU),Oracle Database Server (Apr 2023 CPU) |
|
|
Alarm Reports shows Condition field empty when included in results |
|
|
RHEL 7 : kernel (RHSA-2023:1987) |
|
|
Prime Infrastructure 3.10 - Device names in inventory appear with unprintable characters & switch info not retrievable |
|
|
AP Radio Downtime Summary reports values NA for 9120 series APs |
|
|
Unable to see the client count and interface utilization graphs on the Operations Center Web GUI |
|
|
Prime Infrastructure updates 6 gHz band specific channel numbers to default channel 1 |
|
|
Critical CVE in component commons-beanutils. Upgrade to latest version |
|
|
Critical CVE in component glibc. Upgrade to latest version |
|
|
Critical CVE in component openssl. Upgrade to latest version |
Submitting Feedback
Your feedback will help us improve the quality of our product. You must configure the email server and then enable data collection to configure the feedback tool. To send your feedback, follow these steps:
Procedure
|
Step 1 |
If you have configured your mail server, go to Step 4. |
|
Step 2 |
Choose Administration > > . |
|
Step 3 |
In the Mail Server Configuration page, enter the mail server details, then click Save to save the configuration settings. |
|
Step 4 |
Choose Administration > > . |
|
Step 5 |
In the Help Us Improve Cisco Products page, select Yes, collect data periodically, then click Save. |
|
Step 6 |
Click the Settings icon, then select . |
|
Step 7 |
Enter your feedback, then click OK. |
Related Documentation
You can access additional Cisco Prime Infrastructure documentation at:
http://www.cisco.com/en/US/products/ps12239/tsd_products_support_series_home.html
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html .
Subscribe to What’s New in Cisco Product Documentation , which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Feedback