Guest

Cisco 5700 Series Wireless LAN Controllers

Release Notes for Cisco 5700 Series Wireless LAN Controller, Cisco IOS XE Release 3.6.XE

  • Viewing Options

  • PDF (288.4 KB)
  • Feedback

Table of Contents

Release Notes for Cisco 5700 Series Wireless LAN Controller, Cisco IOS XE Release 3.6.XE

Contents

Introduction

What’s New in Cisco IOS XE Release 3.6.1E

What’s New in Cisco IOS XE Release 3.6.0E

Supported Hardware

Catalyst 3850 Switch Models

Network Modules

Catalyst 3650 Switch Models

Optics Modules

Cisco Wireless LAN Controller Models

Access Points and Mobility Services Engine

Compatibility Matrix

Wireless Web UI Software Requirements

Software Version

Upgrading the Controller Software

Important Upgrade Note

Features

Interoperability with Other Client Devices

Important Notes

Limitations and Restrictions

Caveats

Cisco Bug Search Tool

Open Caveats

Resolved Caveats in Cisco IOS XE Release 3.6.1E

Resolved Caveats in Cisco IOS XE Release 3.6.0E

Troubleshooting

Related Documentation

Obtaining Documentation and Submitting a Service Request

Release Notes for Cisco 5700 Series Wireless LAN Controller, Cisco IOS XE Release 3.6.XE

First Published: June 27, 2014

Last Updated: November 19, 2014

OL-32726-01

This release note gives an overview of the features for the Cisco IOS XE 3.6E software on the Cisco 5700 Series WLC.

Introduction

The Cisco 5700 Series Wireless LAN Controller (Cisco 5700 Series WLC) is designed for 802.11ac performance with maximum services, scalability, and high resiliency for mission-critical wireless networks. With an enhanced software programmable ASIC, the controller delivers wire-speed performance with services such as Advanced QoS, Flexible NetFlow Version 9, and downloadable ACLs enabled in a wireless network. The controller works with other controllers and access points to provide network managers with a robust wireless LAN solution. The Cisco WLC 5700 provides:

  • Network traffic visibility through Flexible NetFlow Version 9
  • Radio frequency (RF) visibility and protection
  • Support for features such as CleanAir, ClientLink 2.0, and VideoStream

The Cisco IOS XE software represents the continuing evolution of the preeminent Cisco IOS operating system. The Cisco IOS XE architecture and well-defined set of APIs extend the Cisco IOS software to improve portability across platforms and extensibility outside the Cisco IOS environment. The Cisco IOS XE software retains the same look and feel of the Cisco IOS software, while providing enhanced future-proofing and improved functionality.

For more information about the Cisco IOS XE software, see http://www.cisco.com/en/US/prod/collateral/iosswrel/ps9442/ps11192/ps11194/QA_C67-622903.html

What’s New in Cisco IOS XE Release 3.6.1E

What’s New in Cisco IOS XE Release 3.6.0E

 

What’s New
Description

Use this URL for the Cisco IOS XE Release 3E Documentation Roadmap: http://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-xe-3e/tsd-products-support-series-home.html

Provides quick and easy access to all relevant documentation for specific platforms. Look for Quick Links to Platform Documentation on the respective platform documentation pages.

Integrated Documentation Guides

Provides platform and software documentation for these technologies:

  • IP Multicast Routing Configuration Guide

Open Plug-N-Play Agent

(LAN-Lite, LAN-Base, IP-Lite, IP-Base, IP Services / IP Enterprise Services)

Switch-based agent support for zero touch automated device installation solution called NG-PNP.

Cisco TrustSec Critical Authentication

(LAN-Base, IP-Lite, IP-Base, IP Services / IP Enterprise Services)

Ensures that the Network Device Admission Control (NDAC)-authenticated 802.1X links between Cisco TrustSec devices are in open state even when the Authentication, Authorization, and Accounting (AAA) server is not reachable.

Enabling Bidirectional SXP Support

(LAN-Base, IP-Lite, IP-Base, IP Services / IP Enterprise Services)

Enhances the functionality of Cisco TrustSec with SXP version 4 by adding support for Security Group Tag (SGT) Exchange Protocol (SXP) bindings that can be propagated in both directions between a speaker and a listener over a single connection.

Enablement of Security Group ACL at Interface Level

(LAN-Base, IP-Lite, IP-Base, IP Services /Ent. Serv.)

Controls and manages the Cisco TrustSec access control on a network device based on an attribute-based access control list. When a security group access control list (SGACL) is enabled globally, the SGACL is enabled on all interfaces in the network by default; use the Enablement of Security Group ACL at Interface Level feature to disable the SGACL on a Layer 3 interface.

Role-Based CLI Inclusive Views

(LAN-Base, IP-Lite, IP-Base, IP Services / IP Enterprise Services)

Enables a standard CLI view including all commands by default.

Custom Web Authentication Result Display Enhancement

Displays the authentication results on the main HTML page. There is no pop-up window to display the authentication results.

Custom Web Authentication Download Bundle

Ensures that one or more custom HTML pages can be downloaded and configured from a single tar file bundle.

The images and the custom pages containing the images are also part of the same downloadable tar file bundle.

Virtual IP Support for Images in Custom Web Authentication

Supports image file names without prefixes and removes the requirement of users having to specify the wireless management interface IP to indicate the source of image in the HTML code.

Service Discovery Gateway: mDNS enhancements

Enables multicast Domain Name System (mDNS) to operate across layer 3 boundaries.

HTTP Gleaning

(IP-Base, IP Services/Ent. Serv.)

Allows the device-sensor to extract the HTTP packet Type-Length-Value (TLV) to derive useful information about the end device type.

Banner Page and Inactivity timeout for HTTP/S connections

Allows you to create a banner page and set an inactivity timeout for HTTP or HTTP Secure (HTTPS) connections. The banner page allows you to log on to the server when the session is invalid or expired.

Secure CDP

(LAN-Lite, LAN-Base, IP-Lite, IP-Base, IP Services/ IP Enterprise Services)

Allows you to select the type, length, value (TLV) fields that are sent on a particular interface to filter information sent through Cisco Discovery Protocol packets.

Web Authentication Redirection to Original URL

(LAN-Base, IP-Lite, IP-Base, IP Services/Ent. Serv.)

Enables networks to redirect guest users to the URL they had originally requested. This feature is enabled by default and requires no configuration.

Auto configuration

(LAN-Lite, LAN-Base, IP-Lite, IP-Base,  IP Services/ IP Enterprise Services)

Determines the level of network access provided to an endpoint based  on the type of the endpoint device. This feature also permits hardbinding between the end device and the interface. Autoconfig falls under the umbrella of Smart Operations solution.

Interface templates

(LAN-Lite, LAN-Base, IP-Lite, IP-Base,  IP Services/ IP Enterprise Services)

Provides a mechanism to configure multiple commands at the same time and  associate it with a target such as an interface. An interface template is a container of  configurations or policies that can be applied to specific ports.

NMSP

Enables strong ciphers (SHA2) for NMSP connections.

Embedded Event Manager (EEM) 4.0

Provides unique customization capabilities and event driven automation within Cisco products.

CleanAir Express for 1600 APs

Supports CleanAir Express on the Cisco 1600 Series Access Points. For more information about CleanAir Express, see http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/cleanair-technology/aag_c22-594304.pdf

New AP Platform Support

Support is added to the following APs in this release:

  • AP2700I, AP2700E
  • AP1532I, AP1532E

Note The Cisco Aironet 1530 Series APs are supported operating only in Local mode; these APs in mesh mode are not supported.

  • AP702W, AP702I

FQDN ACLs

Access control lists (ACLs) when configured using fully qualified domain name (FQDN) enables ACLs to be applied based on the destination domain name. The destination domain name is then resolved to an IP address, which is provided to the client as a part of DNS response. Guest users can log in using web authentication with parameter map that consists of FQDN ACL name. You can apply access list to a specific domain. RADIUS server has to send AAA attribute fqdn-acl-name to the controller. The operating system checks for the pass through domain list, its mapping, and permits the FQDN. FQDN ACL allows clients to access only configured domains without authentication. The FQDN ACL is supported only for IPv4 wireless session.

Local Policies

Local policies can profile devices based on HTTP and DHCP to identify the end devices on the network. Users can configure device-based policies and enforce the policies per user or per device policy on the network. Local policies allow profiling of mobile devices and basic onboarding of the profiled devices to a specific VLAN. They also assign ACL and QoS or configure session timeouts

Auto MAC Learning of Valid Client via MSE

You can validate the rogue clients by utilizing the resources available in the Cisco Mobility Services Engine (MSE). Using MSE, you can dynamically list the clients joining to the controller. The list of clients joined to the controller is stored in the MSE as a centralized location, where the controller communicates with MSE and validates the client before reporting if the rogue client is a valid one or not. MSE maintains the MAC addresses of clients joined to the controller. The communication between the controller and MSE is an on-demand service as the controller requests this service from MSE.

QoS Upstream

Marking and policing actions for ingress SSID and client policies are applied at the access point. The SSID and client ingress policies that you configure in the controller are pushed to the AP. The AP performs policing and marking actions for each packet. However, the controller selects the QoS policies. Marking and policing of egress SSID and client policies are applied at the controller. QoS statistics are collated for client and SSID targets in ingress direction. Statistics are supported only for ingress policies with a maximum of five classes on wireless targets. For very large policies, statistics for ingress policies are not visible at the controller. The frequency of the statistics depends on the number of clients associated with the access point.

Implement Control part of AVC (Tie-in to QOS)

Application Visibility and Control (AVC) classifies applications using deep packet inspection techniques with the Network-Based Application Recognition (NBAR2) engine, and provides application-level visibility and control (QoS) in wireless networks. After the applications are recognized, the AVC feature enables you to either drop, mark, or police the data traffic. AVC is configured by defining a class map in a QoS client policy to match a protocol. AVC QoS actions are applied with AVC filters in both upstream and downstream directions. The QoS actions supported for upstream flow are drop, mark, and police, and for downstream flow are mark and police. AVC QoS is applicable only when the application is classified correctly and matched with the class map filter in the policy map.

Note This feature is applicable only to wireless clients.

Optical Feature Interface support

Supports new hardware for DWDM SFP+ and 10G ZR SFP+ modules. For a list of all supported SFP+ modules, see http://www.cisco.com/c/en/us/td/docs/interfaces_modules/transceiver_modules/compatibility/matrix/OL_6974.html

Flexible Netflow Enhancement

 

Support for NetFlow Data Export Format Version 10 (IPFIX). For more information, see the Cisco Flexible NetFlow Configuration Guide .

802.11r Mixed Mode Support

You do not have to create a separate WLAN for 802.11r support. You can specify the non-802.11r clients to associate with an SSID that is enabled with 802.11r.

Supported Hardware

Catalyst 3850 Switch Models

 

Table 1 Catalyst 3850 Switch Models

Switch Model
Cisco IOS Image
Description

WS-C3850-24T-L

LAN Base

Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)

WS-C3850-48T-L

LAN Base

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)

WS-C3850-24P-L

LAN Base

Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)

WS-C3850-48P-L

LAN Base

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)

WS-C3850-48F-L

LAN Base

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply 1 RU, LAN Base feature set (StackPower cables must be purchased separately)

WS-C3850-24T-S

IP Base

Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Base feature set

WS-C3850-48T-S

IP Base

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Base feature set

WS-C3850-24P-S

IP Base

Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Base feature set

WS-C3850-48P-S

IP Base

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Base feature set

WS-C3850-48F-S

IP Base

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply 1 RU, IP Base feature set

WS-C3850-24T-E

IP Services

Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Services feature set

WS-C3850-24PW-S

IP Base

Cisco Catalyst 3850 24-port PoE IP Base with 5-access point license

WS-C3850-48PW-S

IP Base

Cisco Catalyst 3850 48-port PoE IP Base with 5-access point license

Catalyst 3850-12S-S

IP Base

12 SFP module slots, 1 network module slot, 350-W power supply

Catalyst 3850-24S-S

IP Base

24 SFP module slots, 1 network module slot, 350-W power supply

WS-C3850-48T-E

IP Services

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet ports, with 350-WAC power supply 1 RU, IP Services feature set

WS-C3850-24P-E

IP Services

Cisco Catalyst 3850 Stackable 24 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Services feature set

WS-C3850-48P-E

IP Services

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 715-WAC power supply 1 RU, IP Services feature set

WS-C3850-48F-E

IP Services

Cisco Catalyst 3850 Stackable 48 10/100/1000 Ethernet PoE+ ports, with 1100-WAC power supply 1 RU, IP Services feature set

WS-3850-24U-E

IP Services

Cisco Catalyst 3850 Stackable 24 10/100/1000 Cisco UPOE ports,1 network module slot, 1100-W power supply

WS-3850-48U-E

IP Services

Cisco Catalyst 3850 Stackable 48 10/100/1000 Cisco UPOE ports,1 network module slot, 1100-W power supply

Catalyst 3850-12S-E

IP Services

12 SFP module slots, 1 network module slot, 350-W power supply

Catalyst 3850-24S-E

IP Services

24 SFP module slots, 1 network module slot, 350-W power supply

Network Modules

Table 2 lists the three optional uplink network modules with 1-Gigabit and 10-Gigabit slots. You should only operate the switch with either a network module or a blank module installed.

 

Table 2 Supported Network Modules

Network Module
Description

C3850-NM-4-1G

Four 1-Gigabit small form-factor pleadable (SFP) module slots. Any combination of standard SFP modules are supported. SFP+ modules are not supported.

C3850-NM-2-10G

Four SFP module slots:

  • Two slots (left side) support only 1-Gigabit SFP modules and two slots (right side) support either 1-Gigabit SFP or 10-Gigabit SFP+ modules.

Supported combinations of SFP and SFP+ modules:

  • Slots 1, 2, 3, and 4 populated with 1-Gigabit SFP modules.
  • Slots 1 and 2 populated with 1-Gigabit SFP modules and Slot 3 and 4 populated with 10-Gigabit SFP+ module.

C3850-NM-4-10G

Four 10-Gigabit slots or four 1-Gigabit slots.

Note The module is supported only on the 48-port models.

C3850-NM-BLANK

No uplink ports.

Catalyst 3650 Switch Models

 

Table 3 Catalyst 3650 Switch Models

Switch Model
Cisco IOS Image
Description

Catalyst 3650-24TS-L

LAN Base

Stackable 24 10/100/1000 Ethernet downlink ports, four 1-Gigabit SFP (small form-factor pluggable) uplink ports, 250-W power supply

Catalyst 3650-48TS-L

LAN Base

Stackable 48 10/100/1000 Ethernet downlink ports, four 1-Gigabit SFP uplink ports, 250-W power supply

Catalyst 3650-24PS-L

LAN Base

Stackable 24 10/100/1000 PoE+1 downlink ports, four 1-Gigabit SFP uplink ports, 640-W power supply

Catalyst 3650-48PS-L

LAN Base

Stackable 48 10/100/1000 PoE+ downlink ports, four 1-Gigabit SFP uplink ports, 640-W power supply

Catalyst 3650-48FS-L

LAN Base

Stackable 48 10/100/1000 Full PoE downlink ports, four 1-Gigabit SFP uplink ports, 1025-W power supply

Catalyst 3650-24TD-L

LAN Base

Stackable 24 10/100/1000 Ethernet downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-48TD-L

LAN Base

Stackable 48 10/100/1000 Ethernet downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-24PD-L

LAN Base

Stackable 24 10/100/1000 PoE+ downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48PD-L

LAN Base

Stackable 48 10/100/1000 PoE+ downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48FD-L

LAN Base

Stackable 48 10/100/1000 Full PoE downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 1025-W power supply

Catalyst 3650-48FQ-L

LAN Base

Stackable 48 10/100/1000 Full PoE downlink ports, four 10-Gigabit SFP+ uplink ports, 1025-W power supply

Catalyst 3650-48PQ-L

LAN Base

Stackable 48 10/100/1000 PoE+ downlink ports, four 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48TQ-L

LAN Base

Stackable 48 10/100/1000 Ethernet downlink ports, four 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-24TS-S

IP Base

Stackable 24 10/100/1000 Ethernet downlink ports, four 1-Gigabit SFP uplink ports, 250-W power supply

Catalyst 3650-48TS-S

IP Base

Stackable 48 10/100/1000 Ethernet downlink ports, four 1-Gigabit SFP uplink ports, 250-W power supply

Catalyst 3650-24PS-S

IP Base

Stackable 24 10/100/1000 PoE+ downlink ports, four 1-Gigabit SFP uplink ports, 640-W power supply

Catalyst 3650-48PS-S

IP Base

Stackable 48 10/100/1000 PoE+ downlink ports, four 1-Gigabit SFP uplink ports, 640-W power supply

Catalyst 3650-48FS-S

IP Base

Stackable 48 10/100/1000 Full PoE downlink ports, four 1-Gigabit SFP uplink ports, 1025-W power supply

Catalyst 3650-24TD-S

IP Base

Stackable 24 10/100/1000 Ethernet downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-48TD-S

IP Base

Stackable 48 10/100/1000 Ethernet downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-24PD-S

IP Base

Stackable 24 10/100/1000 PoE+ downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48PD-S

IP Base

Stackable 48 10/100/1000 PoE+ downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48FD-S

IP Base

Stackable 48 10/100/1000 Full PoE downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 1025-W power supply

Catalyst 3650-48FQ-S

IP Base

Stackable 48 10/100/1000 Full PoE downlink ports, four 10-Gigabit SFP+ uplink ports, 1025-W power supply

Catalyst 3650-48PQ-S

IP Base

Stackable 48 10/100/1000 PoE+ downlink ports, four 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48TQ-S

IP Base

Stackable 48 10/100/1000 Ethernet downlink ports, four 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-24TS-E

IP Services

Stackable 24 10/100/1000 Ethernet downlink ports, four 1-Gigabit SFP uplink ports, 250-W power supply

Catalyst 3650-48TS-E

IP Services

Stackable 48 10/100/1000 Ethernet downlink ports, four 1-Gigabit SFP uplink ports, 250-W power supply

Catalyst 3650-24PS-E

IP Services

Stackable 24 10/100/1000 PoE+ downlink ports, four 1-Gigabit SFP uplink ports, 640-W power supply

Catalyst 3650-48PS-E

IP Services

Stackable 48 10/100/1000 PoE+ downlink ports, four 1-Gigabit SFP uplink ports, 640-W power supply

Catalyst 3650-48FS-E

IP Services

Stackable 48 10/100/1000 Full PoE downlink ports, four 1-Gigabit SFP uplink ports, 1025-W power supply

Catalyst 3650-24TD-E

IP Services

Stackable 24 10/100/1000 Ethernet downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-48TD-E

IP Services

Stackable 48 10/100/1000 Ethernet downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 250-W power supply

Catalyst 3650-24PD-E

IP Services

Stackable 24 10/100/1000 PoE+ downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48PD-E

IP Services

Stackable 48 10/100/1000 PoE+ downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48FD-E

IP Services

Stackable 48 10/100/1000 Full PoE downlink ports, two 1-Gigabit SFP and two 10-Gigabit SFP+ uplink ports, 1025-W power supply

Catalyst 3650-48FQ-E

IP Services

Stackable 48 10/100/1000 Full PoE downlink ports, four 10-Gigabit SFP+ uplink ports, 1025-W power supply

Catalyst 3650-48PQ-E

IP Services

Stackable 48 10/100/1000 PoE+ downlink ports, four 10-Gigabit SFP+ uplink ports, 640-W power supply

Catalyst 3650-48TQ-E

IP Services

Stackable 48 10/100/1000 Ethernet downlink ports, four 10-Gigabit SFP+ uplink ports, 250-W power supply

1.PoE+ = Power over Ethernet plus (provides up to 30 W per port).

Optics Modules

Catalyst switches support a wide range of optics. Because the list of supported optics is updated on a regular basis, consult the tables at this URL for the latest (SFP) compatibility information:

http://www.cisco.com/en/US/products/hw/modules/ps5455/products_device_support_tables_list.html

Cisco Wireless LAN Controller Models

 

Table 4 Cisco WLC 5700 Models

Part Number
Description

AIR-CT5760-25-K9

Cisco 5760 Wireless Controller for up to 25 Cisco access points

AIR-CT5760-50-K9

Cisco 5760 Wireless Controller for up to 50 Cisco access points

AIR-CT5760-100-K9

Cisco 5760 Wireless Controller for up to 100 Cisco access points

AIR-CT5760-250-K9

Cisco 5760 Wireless Controller for up to 250 Cisco access points

AIR-CT5760-500-K9

Cisco 5760 Wireless Controller for up to 500 Cisco access points

AIR-CT5760-1K-K9

Cisco 5760 Wireless Controller for up to 1000 Cisco access points

AIR-CT5760-HA-K9

Cisco 5760 Series Wireless Controller for High Availability

Access Points and Mobility Services Engine

Table 5 lists the supported products of the Cisco 5700 Series WLC.

 

Table 5 Cisco 5700 Series WLC Supported Products

Product
Platform Supported

Access Point

Cisco Aironet 700, 700W, 1040, 1140, 1260, 1530, 1600, 1700, 2600, 2700, 3500, 3600, 3700

Mobility Services Engine

3355, Virtual Appliance

Table 6 lists the specific supported Cisco access points.

 

Table 6 Supported Access Points

Access Points

Cisco Aironet 700 Series

AIR-CAP702W-x-K9

AIR-CAP702I-x-K9

AIR-CAP702I-xK910

Cisco Aironet 700W Series

AIR-CAP702Wx-K9

AIR-CAP702W-xK910

Cisco Aironet 1040 Series

AIR-AP1041N

AIR-AP1042N

AIR-LAP1041N

AIR-LAP1042N

Cisco Aironet 1140 Series

AIR-AP1141N

AIR-AP1142N

AIR-LAP1141N

AIR-LAP1142N

Cisco Aironet 1260 Series

AIR-LAP1261N

AIR-LAP1262N

AIR-AP1261N

AIR-AP1262N

Cisco Aironet 1530 Series

AIR-CAP1532I-x-K9

AIR-CAP1532E-x-K9

Cisco Aironet 1600 Series

AIR-CAP1602E

AIR-CAP1602I

Cisco Aironet 1700 Series

AIR-CAP1702I-x-K9

AIR-CAP1702I-xK910

Cisco Aironet 2600 Series

AIR-CAP2602E

AIR-CAP2602I

Cisco Aironet 2700 Series

AIR-CAP2702I-x-K9

AIR-CAP2702E-x-K9

Cisco Aironet 3500 Series

AIR-CAP3501E

AIR-CAP3501I

AIR-CAP3501P

AIR-CAP3502E

AIR-CAP3502I

AIR-CAP3502P

Cisco Aironet 3600 Series

AIR-CAP3602E

AIR-CAP3602I

Cisco Aironet 3700 Series

AIR-CAP3702I

AIR-CAP3702E

AIR-CAP3702P

Compatibility Matrix

Table 7 lists the software compatibility matrix.

 

Table 7 Software Compatibility Matrix

Cisco 5700 WLC
Catalyst 3850
Catalyst 3650
Cisco 5508 WLC or WiSM2
MSE
ISE
ACS
Cisco PI

03.06.01E
03.06.00E

03.06.01E
03.06.00E

03.06.01E
03.06.00E

8.0

7.6

8.02

1.2

5.2

5.3

2.1.2 or 2.1.1 if MSE is also deployed3

2.1.0 if MSE is not deployed

03.03.03SE

03.03.02SE

03.03.01SE

03.03.00SE

03.03.03SE

03.03.02SE

03.03.01SE

03.03.00SE

03.03.03SE

03.03.02SE

03.03.01SE

03.03.00SE

7.64

7.55

7.5

1.2

5.2

5.3

2.0

2.Because of SHA-2 certificate implementation, MSE 7.6 is not compatible with Cisco IOS XE Release 3.6E. Therefore, we recommend that you upgrade to MSE 8.0.

3.If MSE is deployed on your network, we recommend that you upgrade to Cisco Prime Infrastructure 2.1.2.

4.Cisco WLC Release 7.6 is not compatible with Cisco Prime Infrastructure 2.0.

5.Prime Infrastructure 2.0 enables you to manage Cisco WLC 7.5.102.0 with the features of Cisco WLC 7.4.110.0 and earlier releases. Prime Infrastructure 2.0 does not support any features of Cisco WLC 7.5.102.0 including the new AP platforms.

For more information on the compatibility of wireless software components across releases, see the Cisco Wireless Solutions Software Compatibility Matrix .

Wireless Web UI Software Requirements

  • Operating Systems

Windows 7

Windows 8

Mac OS X 10.8

  • Browsers

Google Chrome—Version 35

Microsoft Internet Explorer—Versions 10 or 11

Mozilla Firefox—Version 30

Safari—Version 6.1

Software Version

Table 8 shows the mapping of the Cisco IOS XE version number and the Cisco IOS version number.

Table 8 Cisco IOS XE to Cisco IOS Version Number Mapping

Cisco IOS XE Version
Cisco IOSd Version
Cisco Wireless Control Module Version
Access Point Version

03.06.01E

15.2(2)E1

10.2.111.0

15.3(3)JN3

03.06.00E

15.2(2)E

10.2.102.0

15.3(3)JN

03.03.03SE

15.0(1)EZ3

10.1.130.0

15.2(4)JB5h

03.03.02SE

15.0(1)EZ2

10.1.121.0

15.2(4)JB3h

03.03.01SE

15.0(1)EZ1

10.1.110.0

15.2(4)JB2

03.03.00SE

15.0(1)EZ

10.1.100.0

15.2(4)JN

Upgrading the Controller Software

To upgrade the Cisco IOS XE software, use the software install privileged EXEC command to install the packages from a new software bundle file. You can install the software bundle from the local storage media or it can be installed over the network using TFTP or FTP.

The software instal l command expands the package files from the specified source bundle file and copies them to the local flash: storage device. When the source bundle is specified as a tftp: or ftp: URL, the bundle file is first downloaded into the switch's memory (RAM); the bundle file is not copied to local storage media.

After the package files are expanded and copied to flash: the running provisioning file (flash:packages.conf) is updated to reflect the newly installed packages, and the controller displays a reload prompt.

MC#software install file tftp://10.10.10.2/system1/ct5760-ipservicesk9.SPA.03.03.00.SE.150-1.EZ.bin
Preparing install operation ...
[1]: Downloading file tftp://10.10.10.2/system1/ct5760-ipservicesk9.SPA.03.03.00.SE.150-1.EZ.bin to active switch 1
[1]: Finished downloading file tftp://172.19.26.230/kart/ct5760-ipservicesk9.SPA.03.03.00.SE.150-1.EZ.bin to active switch 1
[1]: Starting install operation
[1]: Expanding bundle ct5760-ipservicesk9.SPA.03.03.00.SE.150-1.EZ.bin
[1]: Copying package files
[1]: Package files copied
[1]: Finished expanding bundle ct5760-ipservicesk9.SPA.03.03.00.SE.150-1.EZ.bin
[1]: Verifying and copying expanded package files to flash:
[1]: Verified and copied expanded package files to flash:
[1]: Starting compatibility checks
[1]: Finished compatibility checks
[1]: Starting application pre-installation processing
[1]: Finished application pre-installation processing
[1]: Old files list:
Removed ct5760-base.SPA.03.02.03.SE.pkg
Removed ct5760-drivers.SPA.03.02.03.SE.pkg
Removed ct5760-infra.SPA.03.02.03.SE.pkg
Removed ct5760-iosd-ipservicesk9.SPA.150-1.EX3.pkg
Removed ct5760-platform.SPA.03.02.03.SE.pkg
Removed ct5760-wcm.SPA.10.0.120.0.pkg
[1]: New files list:
Added ct5760-base.SPA.03.03.00SE.pkg
Added ct5760-drivers.SPA.03.03.00SE.pkg
Added ct5760-infra.SPA.03.03.00SE.pkg
Added ct5760-iosd-ipservicesk9.SPA.150-1.EZ.pkg
Added ct5760-platform.SPA.03.03.00SE.pkg
Added ct5760-wcm.SPA.10.1.100.0.pkg
[1]: Creating pending provisioning file
[1]: Finished installing software. New software will load on reboot.
[1]: Committing provisioning file
 
[1]: Do you want to proceed with reload? [yes/no]:
 

Table 9 Software Images

Image
File Name

Cisco 5760 WIRELESS CONTROLLER SW Release 3.3

ct5760-ipservicesk9ldpe.SPA.03.06.00.E.152-2.E.bin

Cisco 5760 WIRELESS CONTROLLER SW Release 3.3 without DTLS

ct5760-ipservicesk9ldpe.SPA.03.06.00.E.152-2.E.bin

Important Upgrade Note

After you upgrade to Cisco IOS XE Release 3.6E, the WebAuth success page behavior is different from the behavior seen in Cisco IOS XE Release 3.3.X SE. After a successful authentication on the WebAuth login page, the original requested URL opens in a pop-up window and not on the parent page. Therefore, we recommend that you upgrade the Web Authentication bundle so that the bundle is in the format that is used by the AireOS Wireless LAN Controllers.

To download a sample Web Authentication bundle, follow these steps:


Step 1 Browse to http://software.cisco.com/download/navigator.html .

Step 2 Navigate to Products > Wireless > Wireless LAN Controller > Standalone Controller > Cisco 5700 Series Wireless LAN Controllers > Cisco 5760 Wireless LAN Controller.

Step 3 Click Wireless Lan Controller Web Authentication Bundle .

Step 4 Choose Release 3.6.0 and click Download .

Step 5 After the download, follow the instructions provided in the Read Me file that is attached in the bundle.


 


Note In a High Availability scenario, if you download the Web Authentication bundle to the active controller, the bundle cannot be synchronized with the standby controller. Therefore, we recommend that you also manually download the Web Authentication bundle to the standby controller.


Features

The Cisco 5700 Series WLC is the first Cisco IOS-based controller built with smart ASIC for next generation unified wireless architectures. The Cisco 5700 Series WLC can be deployed both as a Mobility Controller (MC) in Converged Access solutions and as a Centralized Controller.

For more information about the features, see the product data sheet at this URL:

http://www.cisco.com/c/en/us/products/wireless/5700-series-wireless-lan-controllers/datasheet-listing.html

Interoperability with Other Client Devices

This section describes the interoperability of this version of the controller software release with other client devices.

Table 10 lists the client types on which the tests were conducted. The clients included laptops, handheld devices, phones, and printers.

 

Table 10 Client Types

Client Type and Name
Version
Laptop

Intel 4965

11.5.1.15 or 12.4.4.5, v13.4

Intel 5100/6300

v14.3.0.6

Intel 6205

v15.10.5.1

Intel 6235

V15.10.5.1

Intel 6300

v15.10.4.2

Intel 7260(11AC)

17.0.0.34, Windows 8.1

Dell 1395/1397

XP/Vista: 5.60.18.8 Win7: 5.30.21.0

Dell 1505/1510/Broadcom 4321MCAG/4322HM

5.60.18.8

Dell 1515 (Atheros)

8.0.0.239

Dell 1520/Broadcom 43224HMS

5.60.48.18

Dell 1530 (Broadcom BCM4359)

v5.100.235.12

Cisco CB21

v1.3.0.532

Atheros HB95

7.7.0.358

MacBook Pro (Broadcom)

5.10.91.26

Broadcom 4360(11AC)

6.30.163.2005

Macbook Air (11AC)

10.9.3

Macbook Air

10.9.3
Handheld Devices

Apple iPad

iOS 5.0.1

Apple iPad2

iOS 6.0.1

Apple iPad3

8.0.2(12A405)

Apple iPad Air

8.0.2(12A405)

Apple iPad Mini

8.0.2(12A405)

Samsung Galaxy Tab

Android 3.2

Intermec CK70

Windows Mobile 6.5 / 2.01.06.0355

Intermec CN50

Windows Mobile 6.1 / 2.01.06.0333

Symbol MC5590

Windows Mobile 6.5 / 3.00.0.0.051R

Symbol MC75

Windows Mobile 6.5 / 3.00.2.0.006R

Phones and Printers

Cisco 7921G

1.4.2.LOADS

Cisco 7925G

1.4.2.LOADS

Ascom i75

1.8.0

Spectralink 8030

119.081/131.030/132.030

Vocera B1000A

4.1.0.2817

Vocera B2000

4.0.0.345

Apple iPhone 4

iOS 6.0.1

Apple iPhone 4S

8.0.2(12A405)

Apple iPhone 5s

8.0.2(12A405)

Apple iPhone 5c

8.0.2(12A405)

Apple iPhone 6

8.0.2(12A405)

Ascom i62

2.5.7

HTC Sensation

Android 2.3.3

Samsung Galaxy S II

Android 2.3.3

SpectraLink 8450

3.0.2.6098/5.0.0.8774

Samsung Galaxy Nexus

Android 4.0.2

Samsung Galaxy S4 (GT-I9500)

4.4.2

Samsung Galaxy Note (SM-900)

4.4.2

Important Notes

  • With Cisco Prime Infrastructure 2.1.1, the refresh config and inventory collection tasks from the controller might take anywhere from 20 minutes to 40 minutes. For more information, see CSCum62747 on the Bug Search Tool.
  • Although visible in the CLI, the following commands are not supported:

collect flow username

authorize-lsc-ap (CSCui93659)

  • The following features are not supported in Cisco IOS XE Release 3.6E:

Outdoor Access Points

Mesh, FlexConnect, and OfficeExtend access point deployment

Limitations and Restrictions

  • Restrictions for Cisco TrustSec:

Cisco TrustSec can be configured only on physical interfaces, not on logical interfaces.

Cisco TrustSec for IPv6 is not supported.

Dynamic binding of IP-SGT is not supported for hosts on Layer 3 physical routed interfaces because the IP Device Tracking feature for Layer 3 physical interfaces is not supported.

Cisco TrustSec cannot be configured on a pure bridging domain with IPSG feature enabled. You must either enable IP routing or disable the IPSG feature in the bridging domain.

Cisco TrustSec on the controller supports up to 255 security group destination tags for enforcing security group ACLs.

Caveats

Cisco Bug Search Tool

The Bug Search Tool (BST), which is the online successor to Bug Toolkit, is designed to improve the effectiveness in network risk management and device troubleshooting. The BST allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.

To view the details of a caveat listed in this document:

1. Access the BST (use your Cisco user ID and password) at https://tools.cisco.com/bugsearch/ .

2. Enter the bug ID in the Search For: field.

Open Caveats

Use the BST to view the details of a caveat listed in this section. For more information about the BST, see the “Cisco Bug Search Tool” section.

 

Bug ID
Headline

CSCul96802

Max User Session not working with NGWC

CSCuo07525

Crash in TAM when policy applied on client and then on SSID

CSCup92808

No CWA redirect for client in case it roamed in webauth-reqd state

CSCuq59661

QoS policy on SSID not installed when policy removed and re-applied

CSCur24281

With DHCP relay enabled, WLC5760 still sends DHCP broadcast

CSCur24788

CWA flow break if accounting enabled in GA scenario

CSCur25323

Manually triggering CoA upon roaming is not successful

CSCur30539

IDMGR-3-INVALID_ID: bad ID in id_get (Out of IDs!) (id: 0x0)-

CSCur41848

Subnet broadcast and Multicast is not working

CSCur44010

WLC5760 HA IOSd crash in crypto_lib_keypair_delete

CSCur48634

HA fails due to Bulk synchronization failure with encrypted password

CSCur61190

FED crash observed after SSO in 5760

Resolved Caveats in Cisco IOS XE Release 3.6.1E

Use the BST to view the details of a caveat listed in this section. For more information about the BST, see the “Cisco Bug Search Tool” section.

 

Bug ID
Headline

CSCur50946

APs manufactured in August/September/October 2014 unable to join an IOS-XE controller

CSCuh14797

Client not authenticating due to wrong mobility peer detail in anchor

CSCul44417

Support Local MAC filter entries on a per WLAN basis for NGWC

CSCuo63950

WCM crash on customer production network Tx power auto CLI

CSCuo67946

Client statistics are not updated after roaming

CSCuo75037

High AP Priority Flaps Continuously

CSCuo77295

Secondary WLC5760 crashed during reverting back from Primary

CSCuo78990

WCM Crash @ eip_wcm_RRM_LRAD_DATA_t_neighbor

CSCuo79134

5760 MC client stops updating PMK from other MC if mobility name is changed

CSCuo86406

–D regulatory domain not supported with India (IN) country code in NGWC

CSCuo87797

Voice call going into best effort in upstream traffic

CSCup29935

RRM ceases to function completely if standard switch added as MA

CSCup43034

WCM crash running 03.03.03 __be_qos_tam_db_fe_install_pm_on_target

CSCup59493

NGWC: W56 Static TxPower level changes to Max after AP reboot

CSCup60078

7921/7925 phone not able to place call after failover

CSCup62150

Client QoS policy is not applied for inter-controller roamed client

CSCup63909

Roaming fails when Anchored phone roams back from foreign

CSCup73590

WCM crash in Mobility code:maHandleLocalClientDelete / mmMaUdsSend

CSCup79131

WLC5760 HA: WCM crash wcdb_spi_client_state_change

CSCuq12503

Web GUI does not work on 3850

CSCuq30940

SNMP changes for supporting Cisco AP1570E/I and Cisco AP1700E/I in PI

CSCuq48106

DHCP req sent while switching SSIDs mapped to different VLAN groups fail

CSCuq52024

NGWC changes for Aux port feature in Cisco AP1700.

CSCuq58700

“Wlan PSK profile applied to NGWC with invalid argument “clear””

CSCuq80970

AP setting page Apply button is not working

CSCuq86355

Failed to create multicast tunnel with standby WLC5760

CSCuq98331

Web UI: User’s page keeps loading on GUI

CSCur17400

Packet drop observed in AP while traffic is having DSCP value

CSCur40052

IOS-XE Plain text admin credentials saved to file

CSCur35879

Parameter-map cannot be deleted after “wlan” int is shut

CSCup76410

IOSd crash on 5760 running 3.6SE at get_logo_location

Resolved Caveats in Cisco IOS XE Release 3.6.0E

Use the BST to view the details of a caveat listed in this section. For more information about the BST, see the “Cisco Bug Search Tool” section.

 

Bug ID
Headline

CSCui69119

IPDT: rejected channel conf and standby failed to boot up

CSCun68485

Router ACL (RACL) on SVI in output direction applied to bridged traffic

CSCun78227

Incorrect temperature thresholds reported via SNMP

CSCun97765

Unable to disable IPDT

Troubleshooting

For the most up-to-date, detailed troubleshooting information, see the Cisco TAC website at this URL:

http://www.cisco.com/en/US/support/index.html

Choose Product Support > Wireless. Then choose your product and click Troubleshoot and Alerts to find information for the problem that you are experiencing.

Related Documentation

  • Cisco IOS XE 3E Release documentation at this URL:

http://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-xe-3e/tsd-products-support-series-home.html

  • Cisco 5700 controller documentation at this URL:

http://www.cisco.com/en/US/products/ps12598/tsd_products_support_series_home.html

  • Cisco Validated Designs documents at this URL:

http://www.cisco.com/go/designzone

  • Error Message Decoder at this URL:

https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation , which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html

Subscribe to the What’s New in Cisco Product Documentation , which lists all new and revised Cisco Technical documentation, as an RSS feed and deliver content directly to your desktop using a read application. The RSS feeds are a free service.


 

© 2014 Cisco Systems, Inc. All rights reserved.