First Published: September 19, 2022

Last Updated: December 12, 2022

About the Release Notes

This release notes document describes what is new or changed in this release, instructions to upgrade to this release, and provides information about the open and resolved caveats for this release. Unless otherwise noted, in this document, Cisco Wireless Controllers are referred to as controllers, and Cisco lightweight access points are referred to as access points or APs.

Supported Cisco Wireless Controller Platforms

The following controller platforms are supported in this release:

  • Cisco 3504 Wireless Controller

  • Cisco 5520 Wireless Controller

  • Cisco 8540 Wireless Controller

  • Cisco Virtual Wireless Controller (vWLC) on the following platforms:

    • VMware vSphere Hypervisor (ESXi) Version 5.x and 6.x

    • Hyper-V on Microsoft Server 2012 and later versions (support introduced in Release 8.4)

    • Kernel-based virtual machine (KVM) (support introduced in Release 8.1). After KVM is deployed, we recommend that you do not downgrade to a Cisco Wireless release that is earlier than Release 8.1).

  • Cisco Wireless Controllers for High Availability for Cisco 3504 Wireless Controller, Cisco 5520 Wireless Controller, and Cisco 8540 Wireless Controller

  • Cisco Mobility Express


Note
In a network that includes Cisco Catalyst Center (formerly Cisco DNA Center) and Cisco AireOS controller, and the controller fails provisioning with Error NA serv CA certificate file transfer failed error, as a workaround, we recommend you reboot the affected AireOS controller.

Supported Cisco Access Point Platforms

The following Cisco AP platforms are supported in this release:

  • Cisco Catalyst 9105 Access Points

    • C9105AXI: VID 04 and earlier

    • C9105AXW: VID 04 and earlier

  • Cisco Catalyst 9130 Access Points

    • C9130AXE: VID 03 and earlier

    • C9130AXI: VID 03 and earlier

  • Cisco Catalyst 9120 Access Points

    • C9120AXI: VID 07 and earlier

    • C9120AXE: VID 07 and earlier

    • C9120AXP: All VIDs

  • Cisco Catalyst 9117 Access Points

  • Cisco Catalyst 9115 Access Points

  • Cisco Aironet 700 Series Access Points

  • Cisco Aironet 700W Series Access Points

  • Cisco AP803 Integrated Access Point

  • Integrated Access Point on Cisco 1100, 1101, and 1109 Integrated Services Routers

  • Cisco Aironet 1700 Series Access Points

  • Cisco Aironet 1800 Series Access Points

  • Cisco Aironet 1810 Series OfficeExtend Access Points

  • Cisco Aironet 1810W Series Access Points

  • Cisco Aironet 1815 Series Access Points

  • Cisco Aironet 1830 Series Access Points

  • Cisco Aironet 1840 Series Access Points

  • Cisco Aironet 1850 Series Access Points

  • Cisco Aironet 2700 Series Access Points

  • Cisco Aironet 2800 Series Access Points

  • Cisco Aironet 3700 Series Access Points

  • Cisco Aironet 3800 Series Access Points

  • Cisco Aironet 4800 Series Access Points

  • Cisco ASA 5506W-AP702

  • Cisco Aironet 1530 Series Access Points

  • Cisco Aironet 1540 Series Access Points

  • Cisco Aironet 1560 Series Access Points

  • Cisco Aironet 1570 Series Access Points

  • Cisco Industrial Wireless 3700 Series Access Points

  • Cisco Catalyst IW6300 Heavy Duty Series Access Points

  • Cisco 6300 Series Embedded Services Access Points

Cisco AP803 is an integrated access point module on the Cisco 800 Series Integrated Services Routers (ISRs). For more information about the stock-keeping units (SKUs) for the AP803 Cisco ISRs, see:

http://www.cisco.com/c/en/us/products/routers/800-series-routers/brochure-listing.html.

For more information about the integrated access point on Cisco 1100 ISR, see the product data sheet:

https://www.cisco.com/c/en/us/products/collateral/routers/1000-series-integrated-services-routers-isr/datasheet-c78-739512.html.

For information about the Cisco Wireless software releases that support specific Cisco access point modules, see the "Software Release Support for Specific Access Point Modules" section in the Cisco Wireless Solutions Software Compatibility Matrix document.

What's New in Release 8.10.181.0

There are no new features that are introduced in this release. For more information about updates in this release, see the Caveats section in this document.


Note

For a complete list of all the documentation published for Cisco Wireless Release 8.10, see the Documentation Roadmap at: https://www.cisco.com/c/en/us/td/docs/wireless/doc-roadmap/doc-roadmap-release-810.html

Prerequisite to Upgrading to Release 8.10.181.0

To avoid stability issues with Cisco Wave 2 APs (due to CSCwd37092 on Release 8.10.181.0, we recommend that you upgrade to the public release 8.10.182.0.

Software Release Types and Recommendations

Table 1. Release Types
Release Type Description Benefit

Maintenance Deployment (MD)

Software releases that provide bug-fix support and ongoing software maintenance. These releases are categorized as Maintenance Deployment (MD).

These releases are long-living releases with ongoing software maintenance.

Provides you with a software release that offers stability and long support duration with periodic maintenance releases (MRs).

Early Deployment (ED)

Software releases that provide new features and new hardware platform support in addition to bug fixes. These releases are categorized as Early Deployment (ED).

These releases are short-lived releases.

Allows you to deploy the latest features and new hardware platforms or modules.

For detailed release recommendations, see the Guidelines for Cisco Wireless Software Release Migration Bulletin at:

http://www.cisco.com/c/en/us/products/collateral/wireless/8500-series-wireless-controllers/bulletin-c25-730741.html.

Table 2. Upgrade Path to Cisco Wireless Release 8.10.183.0
Current Software Release Upgrade Path to Release 8.10.183.0

8.5.x

You can upgrade directly to Release 8.10.183.0.

8.6.x

You can upgrade directly to Release 8.10.183.0.

8.7.x

You can upgrade directly to Release 8.10.183.0.

8.8.x

You can upgrade directly to Release 8.10.183.0.

8.9.x

You can upgrade directly to Release 8.10.183.0.

8.10.x

You can upgrade directly to Release 8.10.183.0.

Upgrading a Cisco Wireless Release

This section describes the guidelines and limitations that you must be aware of when you are upgrading the Cisco Wireless release and the procedure to upgrade.

Guidelines and Limitations

  • An existing WLAN with ? in its name continues to be supported with this upgrade. However, you cannot include ? in the name when creating a new WLAN.

  • If an AP locks out the console due to default management user credentials, you must configure the controller AP global credential with non-default username and password to get access to the AP console.

  • WPA3 upgrade and downgrade guidelines:

    • If you want to upgrade from Release 8.5 to 8.10 and have WPA1 configured with none of the WPA1 AKM valid for Release 8.10, the WPA1 configuration is disabled after the upgrade.

    • If you downgrade from Release 8.10 to Release 8.5, if any AKM for SAE is configured, the AKM validation fails after the downgrade. The security is set to WPA2 and AKM to 802.1X. However, PMF configuration is retained, which results in an error.

    • FT set to enabled state and PMF set to Required state is allowed in Release 8.10 because PMF and FT configurations are decoupled. However, in Release 8.5, this configuration invalid. Therefore, upon downgrading to Release 8.5, the WLAN might be disabled.

  • Software downgrade guidelines for Release 8.10:

    • If you plan to downgrade the Cisco controller from Release 8.10 software, we recommend you to downgrade to Release 8.5.151.0 or later release to prevent the controller configuration files from being corrupted.

    • If you have configured new country codes in Release 8.10 and if you plan to downgrade to an earlier release, then we recommend that you remove the new country code configurations prior to the downgrade. For more information, see CSCvq91895.

  • Before downgrading or upgrading the Cisco Controller to another release check for APs or AP modes support. Ensure that only supported APs are connected and also the APs are moved to supported modes on the release that the controller is upgraded or downgraded to.

  • Legacy clients that require RC4 or 3DES encryption type are not supported in Local EAP authentication.

  • If you downgrade to Release 8.0.140.0 or 8.0.15x.0, and later upgrade to a later release and and also have the multiple country code feature configured, then the configuration file could get corrupted. When you try to upgrade to a later release, special characters are added in the country list causing issues when loading the configuation. For more information, see CSCve41740.


    Note
    Upgrade and downgrade between other releases does not result in this issue.

  • After downloading the new software to the Cisco APs, it is possible that a Cisco AP may get stuck in an upgrading image state. In such a scenario, it might be necessary to forcefully reboot the controller to download a new controller software image or to reboot the controller after the download of the new controller software image. You can forcefully reboot the controller by entering the reset system forced command.

  • It is not possible to download some of the older configurations from the controller because of the Multicast and IP address validations. See the "Restrictions on Configuring Multicast Mode" section in the Cisco Wireless Controller Configuration Guide for detailed information about platform support for global multicast and multicast mode.

  • When a client sends an HTTP request, the controller intercepts it for redirection to the login page. If the HTTP GET request that is intercepted by the controller is longer than 2000 bytes, the controller drops the packet. Track the Caveat ID CSCuy81133 for a possible enhancement to address this restriction.

  • When downgrading from one release to an earlier release, you might lose the configuration from your current release. The workaround is to reload the previous controller configuration files that are saved in the backup server, or to reconfigure the controller.

  • When you upgrade a controller to an intermediate release, wait until all the APs that are associated with the controller are upgraded to the intermediate release before you install the latest controller software. In large networks, it can take some time to download the software on each AP.

  • You can upgrade to a new release of the controller software or downgrade to an earlier release even if FIPS is enabled.

  • When you upgrade to the latest software release, the software on the APs associated with the controller is also automatically upgraded. When an AP is loading software, each of its LEDs blinks in succession.

  • Controllers support standard SNMP MIB files. MIBs can be downloaded from the software download page on Cisco.com.

  • The controller software that is factory-installed on your controller and is automatically downloaded to the APs after a release upgrade and whenever an AP joins a controller. We recommend that you install the latest software version available for maximum operational benefit.

  • Ensure that you have a TFTP, HTTP, FTP, or SFTP server available for the software upgrade. Follow these guidelines when setting up a server:

    • Ensure that your TFTP server supports files that are larger than the size of controller software image. Some TFTP servers that support files of this size are tftpd32 and the TFTP server within Cisco Prime Infrastructure. If you attempt to download the controller software image and your TFTP server does not support files of this size, the following error message appears:

      TFTP failure while storing in flash

    • If you are upgrading through the distribution system network port, the TFTP or FTP server can be on the same subnet or a different subnet because the distribution system port is routable.

  • The controller Bootloader stores a copy of the active primary image and the backup image. If the primary image becomes corrupted, you can use the Bootloader to boot with the backup image.

    With the backup image stored before rebooting, from the Boot Options menu, choose Option 2: Run Backup Image to boot from the backup image. Then, upgrade with a known working image and reboot controller.

  • You can control the addresses that are sent in the Control and Provisioning of Wireless Access Points (CAPWAP) discovery responses when NAT is enabled on the Management Interface, using the following command:

    config network ap-discovery nat-ip-only {enable | disable}

    The following are the details of the command:

    enable —Enables use of NAT IP only in a discovery response. This is the default. Use this command if all the APs are outside the NAT gateway.

    disable —Enables use of both NAT IP and non-NAT IP in a discovery response. Use this command if APs are on the inside and outside the NAT gateway, for example, Local Mode and OfficeExtend APs are on the same controller.


    Note
    To avoid stranding of APs, you must disable the AP link latency (if enabled) before you use the disable option in the config network ap-discovery nat-ip-only command. To disable AP link latency, use the config ap link-latency disable all command.

  • Do not power down the controller or any AP during the upgrade process. If you do this, the software image might get corrupted. Upgrading the controller with a large number of APs can take as long as 30 minutes, depending on the size of your network. However, with the increased number of concurrent AP upgrades supported, the upgrade time should be significantly reduced. The APs must remain powered, and controller must not be reset during this time.

  • After you perform the following functions on the controller, reboot it for the changes to take effect:

    • Enable or disable LAG.

    • Enable a feature that is dependent on certificates (such as HTTPS and web authentication).

    • Add a new license or modify an existing license.


      Note
      Reboot is not required if you are using Right-to-Use licenses.

    • Increase the priority of a license.

    • Enable HA.

    • Install the SSL certificate.

    • Configure the database size.

    • Install the vendor-device certificate.

    • Download the CA certificate.

    • Upload the configuration file.

    • Install the Web Authentication certificate.

    • Make changes to the management interface or the virtual interface.

Upgrading Cisco Wireless Software (GUI)

Procedure

Step 1

Upload your controller configuration files to a server to back up the configuration files.

Note

 

We highly recommend that you back up your controller configuration files prior to upgrading the controller software.

Step 2

Follow these steps to obtain controller software:

  1. Browse to the Software Download portal at: https://software.cisco.com/download/home.

  2. Search for the controller model.

  3. Click Wireless LAN Controller Software.

  4. The software releases are labeled as described here to help you determine which release to download. Click a controller software release number:

    • Early Deployment (ED)—These software releases provide new features and new hardware platform support as well as bug fixes.

    • Maintenance Deployment (MD)—These software releases provide bug fixes and ongoing software maintenance.

    • Deferred (DF)—These software releases have been deferred. We recommend that you migrate to an upgraded release.

  5. Click the filename <filename.aes>.

  6. Click Download.

  7. Read the Cisco End User Software License Agreement and click Agree.

  8. Save the file to your hard drive.

  9. Repeat steps a through h to download the remaining file.

Step 3

Copy the controller software file <filename.aes> to the default directory on your TFTP, FTP, SFTP, or USB server.

Step 4

(Optional) Disable the controller 802.11 networks.

Note

 

For busy networks, controllers on high utilization, and small controller platforms, we recommend that you disable the 802.11 networks as a precautionary measure.

Step 5

Choose Commands > Download File to open the Download File to Controller page.

Step 6

From the File Type drop-down list, choose Code.

Step 7

From the Transfer Mode drop-down list, choose TFTP, FTP, SFTP, HTTP, or USB.

Step 8

Enter the corresponding server details as prompted.

Note

 

Server details are not required if you choose HTTP as the transfer mode.

Step 9

Click Download to download the software to the controller.

A message indicating the status of the download is displayed.

Note

 

Ensure that you choose the File Type as Code for both the images.

Step 10

After the download is complete, click Reboot.

Step 11

If you are prompted to save your changes, click Save and Reboot.

Step 12

Click OK to confirm your decision to reboot the controller.

Step 13

If you have disabled the 802.11 networks, reenable them.

Step 14

(Optional) To verify that the controller software is installed on your controller, on the controller GUI, click Monitor and view the Software Version field under Controller Summary.

CIMC Utility Upgrade for 5520 and 8540 Controllers

The AIR-CT5520-K9 and AIR-CT8540-K9 controller models are based on Cisco UCS server C series, C220 and C240 M4 respectively. These controller models have CIMC utility that can edit or monitor low-level physical parts such as power, memory, disks, fan, temperature, and provide remote console access to the controllers.

We recommend that you upgrade the CIMC utility to a version that has been certified to be used with these controllers. Controllers that have older versions of CIMC installed are susceptible to rebooting without being able to access FlexFlash, with the result that the manufacturing certificates are unavailable, and thus SSH and HTTPS connections will fail, and access points will be unable to join. See: CSCvo33873. The recommended versions addresses the vulnerability tracked in CSCvo01180 caveat.

The certified CIMC images are available at the following locations:

Table 3. CIMC Utility Software Image Information
Controller Current CIMC Version Recommended CIMC Version Link to Download the CIMC Utility Software Image

Cisco 5520 Wireless Controller

Cisco 8540 Wireless Controller

2.x

3.0(4r)

https://software.cisco.com/download/home/286281345/type/283850974/release/3.0(4r)

Note

 
We recommend you to upgrade the firmware from 2.0(13i) to 3.0(4r) using TFTP, SCP protocols only.

Cisco 5520 Wireless Controller

Cisco 8540 Wireless Controller

3.0(4d)

3.0(4r)

https://software.cisco.com/download/home/286281345/type/283850974/release/3.0(4r)

Cisco 5520 Wireless Controller

Cisco 8540 Wireless Controller

4.0(1a)

4.0(2n)

https://software.cisco.com/download/home/286281345/type/283850974/release/4.0(2n)
Table 4. Firmware Upgrade Path to 4.x version
Current Firmware Version Upgrade Path to 4.x version

2.x

You must upgrade to a 3.x version and then upgrade to the recommended 4.x version.

3.x

You can upgrade directly to the recommended 4.x version.
Table 5. Resolved Caveats for Release 4.0(2f)
Caveat ID Description

CSCvn80088

NI-HUU fails to handle the special characters in the password of CIFS remote share
Table 6. Resolved Caveats for Release 3.0(4l)
Caveat ID Description

CSCvp41543

SSH weak KeyExchange algorithm [diffie-hellman-group14-sha1] has to be removed

Interoperability with Other Clients

This section describes the interoperability of controller software with other client devices.

The following table describes the configuration that is used for testing the client devices.

Table 7. Test Bed Configuration for Interoperability
Hardware or Software Parameter Hardware or Software Configuration Type

Release

8.10.x

Cisco Wireless Controller

Cisco 3504 Wireless Controller

Access Points

Cisco 9130, 9120 and 3800 APs

Radio

802.11ax (2.4 GHz or 5 GHz), 802.11ac, 802.11a, 802.11g, 802.11n (2.4 GHz or 5 GHz)

Security

Open, WPA3-SAE/OWE ( WPA3 Supported Clients), WPA2+WPA3 ( Mixed Mode) PSK (WPA2-AES), 802.1X (WPA2-AES)(EAP-PEAP)

RADIUS

Cisco ISE 2.5

Types of tests

Association, Traffic ( TCP/UDP/ICMP) and Roaming between APs

The following table lists the client types on which the tests were conducted. Client types included laptops, handheld devices, phones, and printers.

Table 8. Client Types
Client Type and Name Driver / Software Version

Wi-Fi 6 Devices (Mobile Phone and Laptop)
Apple iPhone 11 iOS 14.1

Apple iPhone SE 2020

 iOS 14.1
Dell Intel AX1650w Windows 10 ( 21.90.2.1)
DELL LATITUDE 5491 (Intel AX200) Windows 10 Pro (21.40.2)
Samsung S20 Android 10
Samsung S10 (SM-G973U1) Android 9.0 (One UI 1.1)
Samsung S10e (SM-G970U1) Android 9.0 (One UI 1.1)
Samsung Galaxy S10+ Android 9.0

Samsung Galaxy Fold 2

 Android 10

Samsung Galaxy Flip Z

 Android 10

Samsung Note 20

 Android 10

Laptops
Acer Aspire E 15 E5-573-3870 (Qualcomm Atheros QCA9377) Windows 10 Pro (12.0.0.832)
Apple Macbook Air 11 inch OS Sierra 10.12.6
Apple Macbook Air 13 inch OS Catalina 10.15.4
Apple Macbook Air 13 inch OS High Sierra 10.13.4
Macbook Pro Retina OS Mojave 10.14.3
Macbook Pro Retina 13 inch early 2015 OS Mojave 10.14.3

Dell Inspiron 2020 Chromebook

Chrome OS 75.0.3770.129

Google Pixelbook Go

Chrome OS 84.0.4147.136

HP chromebook 11a

Chrome OS 76.0.3809.136

Samsung Chromebook 4+

Chrome OS 77.0.3865.105
DELL Latitude 3480  (Qualcomm DELL wireless 1820) Win 10 Pro (12.0.0.242)
DELL Inspiron 15-7569 (Intel Dual Band Wireless-AC 3165) Windows 10 Home (18.32.0.5)
DELL Latitude E5540 (Intel Dual Band Wireless AC7260) Windows 7 Professional (21.10.1)
DELL XPS 12 v9250 (Intel Dual Band Wireless AC 8260 ) Windows 10 (19.50.1.6)
DELL Latitude 5491 (Intel AX200) Windows 10 Pro (21.40.2)
DELL XPS Latitude12 9250 (Intel Dual Band Wireless AC 8260) Windows 10 Home (21.40.0)

Lenovo Yoga C630 Snapdragon 850 (Qualcomm AC 2x2 Svc)

Windows 10(1.0.10440.0)
Lenovo Thinkpad Yoga 460 (Intel Dual Band Wireless-AC 9260) Windows 10 Pro ( 21.40.0)

Note

 
For clients using Intel wireless cards, we recommend you to update to the latest Intel wireless drivers if advertised SSIDs are not visible.

Tablets
Apple iPad Pro iOS 13.5
Apple iPad Air2 MGLW2LL/A iOS 12.4.1
Apple iPad Mini 4 9.0.1 MK872LL/A iOS 11.4.1
Apple iPad Mini 2 ME279LL/A iOS 12.0
Microsoft Surface Pro 3 – 11ac Qualcomm Atheros QCA61x4A
Microsoft Surface Pro 3 – 11ax Intel AX201 chipset. Driver v21.40.1.3
Microsoft Surface Pro 7 – 11ax Intel Wi-Fi chip (HarrisonPeak AX201) (11ax, WPA3)
Microsoft Surface Pro X – 11ac & WPA3 WCN3998 Wi-Fi Chip (11ac, WPA3)

Mobile Phones
Apple iPhone 5 iOS 12.4.1
Apple iPhone 6s iOS 13.5
Apple iPhone 8 iOS 13.5
Apple iPhone X MQA52LL/A iOS 13.5
Apple iPhone 11 iOS 14.1
Apple iPhone SE MLY12LL/A iOS 11.3
ASCOM SH1 Myco2 Build 2.1
ASCOM SH1 Myco2 Build 4.5
ASCOM Myco 3 v1.2.3 Android 8.1
Drager Delta VG9.0.2
Drager M300.3 VG2.4
Drager M300.4 VG2.4
Drager M540 DG6.0.2 (1.2.6)
Google Pixel 2 Android 10
Google Pixel 3 Android 11

Google Pixel 3a

Android 11
Google Pixel 4 Android 11
Huawei Mate 20 pro Android 9.0
Huawei P20 Pro Android 9.0

Huawei P40

Android 10
LG v40 ThinQ Android 9.0

One Plus 8

Android 10

Oppo Find X2

Android 10

Redmi K20 Pro

Android 10
Samsung Galaxy S7 Andriod 6.0.1
Samsung Galaxy S7 SM - G930F Android 8.0
Samsung Galaxy S8 Android 8.0
Samsung Galaxy S9+ - G965U1 Android 9.0
Samsung Galaxy SM - G950U Android 7.0

Sony Experia 1 ii

Android 10
Sony Experia xz3 Android 9.0

Xiaomi Mi10

Android 10
Spectralink 8744 Android 5.1.1
Spectralink Versity Phones 9540 Android 8.1
Vocera Badges B3000n 4.3.2.5
Vocera Smart Badges V5000 5.0.4.30
Zebra MC40 Android 5.0
Zebra MC40N0 Android Ver: 4.1.1
Zebra MC92N0 Android Ver:  4.4.4
Zebra TC51 Android 7.1.2
Zebra TC52 Android 8.1.0
Zebra TC55 Android 8.1.0
Zebra TC57 Android 8.1.0
Zebra TC70 Android 6.1
Zebra TC75 Android 6.1.1
Printers
Zebra QLn320 Printer LINK OS 6.3
Zebra ZT230 Printer LINK OS 6.3
Zebra ZQ310 Printer LINK OS 6.3
Zebra ZD410 Printer LINK OS 6.3
Zebra ZT410 Printer LINK OS 6.3
Zebra ZQ610 Printer LINK OS 6.3
Zebra ZQ620 Printer LINK OS 6.3

Wireless Module

Intel 11ax 200

 Driver v21.40.1.3, v21.20.1.1

Intel AC 9260

 Driver v21.40.0

Intel Dual Band Wireless AC 8260

Driver v19.50.1.6

Key Features Not Supported in Controller Platforms

This section lists the features that are not supported on various controller platforms:


Note

In a converged access environment that has controllers running AireOS code, High Availability Client SSO and native IPv6 are not supported.

Key Features Not Supported in Cisco 3504 Wireless Controller

  • Cisco WLAN Express Setup Over-the-Air Provisioning

  • Mobility controller functionality in converged access mode

  • VPN Termination (such as IPsec and L2TP)

Key Features Not Supported in Cisco 5520 and 8540 Wireless Controllers

  • Internal DHCP Server

  • Mobility controller functionality in converged access mode

  • VPN termination (such as IPsec and L2TP)

  • Fragmented pings on any interface

Key Features Not Supported in Cisco Virtual Wireless Controller

  • Cisco Umbrella

  • Software-defined access

  • Domain-based ACLs

  • Internal DHCP server

  • Cisco TrustSec

  • Access points in local mode

  • Mobility or Guest Anchor role

  • Wired Guest

  • Multicast


    Note

    FlexConnect locally switched multicast traffic is bridged transparently for both wired and wireless on the same VLAN. FlexConnect APs do not limit traffic based on IGMP or MLD snooping.

  • FlexConnect central switching in large-scale deployments


    Note

    • FlexConnect central switching is supported in only small-scale deployments, wherein the total traffic on controller ports is not more than 500 Mbps.

    • FlexConnect local switching is supported.

  • Central switching on Microsoft Hyper-V deployments

  • AP and Client SSO in High Availability

  • PMIPv6

  • Datagram Transport Layer Security (DTLS)

  • EoGRE (Supported only in local switching mode)

  • Workgroup bridges

  • Client downstream rate limiting for central switching

  • SHA2 certificates

  • Controller integration with Lync SDN API

  • Cisco OfficeExtend Access Points

Key Features Not Supported in Access Point Platforms

This section lists the key features that are not supported on various Cisco Aironet AP platforms. For detailed information about feature support on Cisco Aironet Wave 2 and 802.11ax APs, see:

https://www.cisco.com/c/en/us/td/docs/wireless/access_point/feature-matrix/ap-feature-matrix.html

Key Features Not Supported in Cisco Aironet 1800i, 1810 OEAP, 1810W, 1815, 1830, 1850, 2800, 3800, and 4800 Series APs

Table 9. Key Features Not Supported in Cisco Aironet 1800i, 1810 OEAP, 1810W, 1815, 1830, 1850, 2800, 3800, and 4800 Series APs

Operational Modes

  • Autonomous Bridge and Workgroup Bridge (WGB) mode

    Note

     

    WGB is supported in Cisco Aironet 2800, 3800 Series APs.

  • Mesh mode

    Note

     

    Mesh mode is supported in Cisco Aironet 1815i, 1815m, 1830, 1850, 2800, 3800, and 4800 Series APs in Release 8.10.x.

  • LAG behind NAT or PAT environment

Protocols

  • Full Cisco Compatible Extensions (CCX) support

  • Rogue Location Discovery Protocol (RLDP)

  • Telnet

Security

  • CKIP, CMIC, and LEAP with Dynamic WEP

  • Static WEP for CKIP

  • WPA2 + TKIP

    Note

     
    WPA +TKIP and TKIP + AES protocols are supported.

Quality of Service

Cisco Air Time Fairness (ATF)

Note

 

ATF is supported in Cisco Aironet 2800, 3800, and 4800 Series APs in Release 8.10.

FlexConnect Features

  • PPPoE

  • Multicast to Unicast (MC2UC)

    Note

     

    VideoStream is supported

  • Traffic Specification (TSpec)

    • Cisco Compatible eXtensions (CCX)

    • Call Admission Control (CAC)

  • VSA/Realm Match Authentication

  • SIP snooping with FlexConnect in local switching mode

Note

For Cisco Aironet 1850 Series AP technical specifications with details on currently supported features, see the Cisco Aironet 1850 Series Access Points Data Sheet.

Key Features Not Supported in Cisco Aironet 1800i, 1810 OEAP, and 1810W Series APs

Table 10. Key Features Not Supported in Cisco Aironet 1800i, 1810 OEAP, and 1810W Series APs

Operational Modes

Mobility Express

FlexConnect Features

Local AP authentication

Location Services

Data RSSI (Fast Locate)

Key Features Not Supported in Cisco Aironet 1830, 1850, and 1815 Series APs

Table 11. Key Features Not Supported in Cisco Aironet 1830, 1850, and 1815 Series APs

Operational Modes

Mobility Express is not supported in Cisco 1815t APs.

FlexConnect Features

Local AP Authentication

Location Services

Data RSSI (Fast Locate)

Key Features Not Supported in Mesh Networks

  • Load-based call admission control (CAC). Mesh networks support only bandwidth-based CAC or static CAC

  • High availability (Fast heartbeat and primary discovery join timer)

  • AP acting as supplicant with EAP-FASTv1 and 802.1X authentication

  • AP join priority (Mesh APs have a fixed priority)

  • Location-based services

Key Features Not Supported in Cisco Aironet 1540 Mesh APs

  • Dynamic Mesh backhaul data rate.


    Note

    We recommend that you keep the Bridge data rate of the AP as auto.

  • Background scanning

  • Noise-tolerant fast convergence

Key Features Not Supported on Cisco Aironet 1560 APs

  • MAC Authentication FlexConnect Local Authentication

  • Noise-tolerant fast convergence

  • Static WEP

Key Features Not Supported on Cisco Catalyst IW6300 Heavy Duty Series AP and 6300 Series Embedded Services AP

  • MAC Authentication FlexConnect Local Authentication

  • Noise-tolerant fast convergence

  • Static WEP

Unfixed and Fixed Issues in Release 8.10.190.0

Open Caveats for Release 8.10.183.0

Table 12. Open Caveats
Identifier Headline

CSCvw28085

OEAP flooding syslog messages: "parse_tx_bcn: Bcn payload is NULL"

CSCvw70260

Cisco Aironet 1572EAC Access Point does not respond to the Canadian EIRP regulation

CSCvy93234

High Channel Utilization issue is seen in AP device 360 but not in ICAP RF Stats Channel Utilization

CSCvz59428

Unclear reason for Radio reset due to role change sent from Controller to DNA Center

CSCvz90902

Cisco 9130 AP: Probe suppression for Macro Micro cell client steering not working

CSCwa04589

Cisco 9120AXP-E: AP max transmit power is low on Radio 1 -E domain

CSCwa25735

AP1832 does not forward packets to radio (SF 05778975/05852147/06092559)

CSCwa30098

AP9136 disconnects the clients during GTK rekeying interval (SF05549686)

CSCwa68709

Cisco 9115 AP reports DFS on channels incorrectly: "blocked list due to be cleared"

CSCwa73818

Cisco 9130AX AP radio firmware crash: ar_wal_peer.c:8149 Assertion !WAL_IS_TID_QOS_DATA[SF 05684825]

CSCwa76206

Kernel panic : PC is at mv_pp3_dev_open+0xbfc/0x1014 on 17.3.5EFT

CSCwa76218

Kernel panic : PC is at pci_common_init_dev+0xa4/0x2c0 on 17.3.5EFT

CSCwb23886

Cisco 1810W: RLAN DHCP issues with certain client models

CSCwb41815

AP not copy DHCP ACK packets to WLC after enable "cts manual" on switch in 8.10

CSCwb45619

Cisco AP reloads unexpectedly due to soft lockup - PC is at _raw_spin_unlock_irqrestore+0x10

CSCwb45628

Cisco 9120 AP reloads unexpectedly on RHL with PC is at __rhb_send_cmd_shm+0xf8

CSCwb74334

Unable to set QoS OID - 1.3.6.1.4.1.9.9.512.1.1.3.1.1 using CPI and snmpset command

CSCwb79809

Upstream video traffic drops on Cisco 9124 AP

CSCwb80959

Cisco 8540 Controller is dropping ARP packets upstream

CSCwc02477

Cisco 9130 AP does not transmit EAP Identity Request [SF 05884552]

CSCwc06996

Cisco 1852 AP: Reboot request event radio recovery failed; brain: safe_read_select failed

CSCwc12918

Cisco controller reloads unexpectedly in SNMPTask due to Reaper Reset

CSCwc28757

Cisco 3800 AP Radio reloads unexpectedly on Slot 0 ap-17.9.0.135

CSCwc29375

Cisco 2800 AP detects it own BSSID as Rogue - No NDP MSG in debug

CSCwc32182

AP 1852 Radio Firmware Crash (SF 06029787/06121536)

CSCwc38912

LWA Client is immediately deleted when joining Flex WLAN after Site/Policy Tag change

CSCwc42728

Cisco AP reloads unexpectedly due to WCPD process

CSCwc49464

Cisco 9115 and 9120 stuck in boot loop due to signature verification failure

CSCwc49841

WLC not sending OpenRoaming measurement information to DNAS Connector

CSCwc49970

Cisco Aironet 2800, 3800, 4800 Channel 165 not allowed

CSCwc56767

Cisco 5520 Controller reloads unexpectedly when executing the command "show tech"

CSCwc59814

Disable Burst Beacon by default for 11ac Wave2 QCA APs

CSCwc61347

Cisco 9136I AP Kernel crash on ap-17.9.1.7

CSCwc64201

Cisco 9105 as WGB fails to forward packets OTA producing gaps in the communication

CSCwc67150

DCA triggering multiple channel changes on 2.4G in clean env

CSCwc70979

Cisco 9130 kernel panic due to DFS detection (PC is at 0xffffffbffd31da70)

CSCwc72194

AP9120: Radio Core Dump: wl0: wlc_check_assert_type HAMMERING; CS00012258561

CSCwc73462

For FlexConnect groups config,backslash \ in the end of the radius servers shared secret not allowed

CSCwc73671

Cisco Wave 2 AP sending too many client deauth frames with code 0x0007

CSCwc73906

Wired LAN incorrect anchor export map

CSCwc75732

Firmware Radio crash on Cisco 4800 Access point on 17.3.5b code

CSCwc81467

RHL reset observed in 9120

Resolved Caveats for 8.10.183.0, 8.10.182.0, 8.10.181.0

Table 13. Resolved Caveats for Release 8.10.183.0
Identifier Headline

CSCwd80290

IOS AP image validation certificate Failed/Expired; causing AP join issues
Table 14. Resolved Caveats for Release 8.10.182.0
Identifier Headline

CSCvx32806

Cisco 2800, 3800 series APs stuck in bootloop due to image checksum verification failed

CSCwc78435

Cisco Catalyst 9130 sending incorrect channel list on out of band DFS event causing client connectivity issues

CSCwd11897

Power parameter for AP803 under the radio interface shows ambiguous

CSCwd37092

Cisco 2800,3800,4800,1562,6300 series AP:Slow TCP downloads, failing EAP-TLS in release 8.10.181.0/17.3.6
Table 15. Resolved Caveats for Release 8.10.181.0
Identifier Headline

CSCvv11509

Command "debug dot11 client rate" shows legacy Tx/Rx data rates for 11ax clients

CSCvv20610

WGB does not support PSK with 63 characters

CSCvv30453

Cisco 1800APs: add FW checksum and auto refresh to avoid FW assert radio crash by bitflip

CSCvw10013

Cisco Aironet 1852 AP radio hangs causing packets drops

CSCvx48053

Access point beacons incorrect rates; clients cannot associate

CSCvy50461

Sometimes, after WGB reloads, WGB wired traffic never gets restored

CSCvy50461

WGB wired traffic sometimes never gets restored after WGB reloads

CSCvy59547

GUI displays incorrect tagged VLAN data

CSCvz15425

Cisco Aironet 1815w AP experiences kernel panic when upgraded to the latest 8.5.176.0

CSCvz35716

Cisco 3802 AP: ME Controller reloads unexpectedly with OOM due to: process naconnector

CSCvz41113

AP will reload unexpectedly if shutdown uplink switchport or wl0/1/8

CSCvz59191

APs do not send NDP packets on slot 1

CSCvz66623

EAP-TLS is failing for the wired clients behind MAP. MVL Case #00259413

CSCvz95502

WGB Wired Clients MAC Flapping Between The Actual Port And the WGB Switch Port

CSCvz96924

Cisco 9130 Access Point does not send M1 over the Air

CSCwa05828

AP does not respond to controller's Discovery Response: Error connecting TLS context

CSCwa08478

AP4800 core-radio0FW [cmd timeout] wifi0: 0x9201=GetRadioStatus after 4 days up running

CSCwa19345

Cisco 9115AX AP: assert:"SCB_DEL_IN_PROGRESS(scb)" failed: "wlc_assoc.c:11911" wl: Bad Address

CSCwa26370

grpc_server Process crash seen and Core generated due to panic: send on closed channel

CSCwa26814

3800 AP not passing ARP requests on central WLAN when configured on Custom Flex Group

CSCwa31596

Cisco 9130AX AP: high channel utilization and client lags with 9 or more clients using MS TEAMS

CSCwa33537

Cisco 9117AX AP radio reloads unexpectedly due to partial command issues (SF 05580128)

CSCwa36216

C9120AXI sends weaker beacons than AP2802I CS00012215351/CS00012224614

CSCwa42620

9130 - AP dropping packets On-Air for Phoenix WinNonlin Application (SF 05979576)

CSCwa47154

Controller Details Are Not Refreshed in Umbrella After a failover

CSCwa48648

Wireless devices getting Invalid FT IE when using FT over the DS to roam

CSCwa49086

Cisco 3802 FQI/NMI reset: LocateAddr & extStaDb_GetStaInfo

CSCwa49112

Cisco 3802 FQI/NMI reset: loop_delay & wlRecv

CSCwa49124

Cisco 3802 kernel panic - _ZN19ProbeRequestTracker13simple_actionEP6Packet

CSCwa49135

Cisco 3802 kernel panic - sys_sigreturn & recalc_sigpending

CSCwa53592

Cisco 9120AX APs show as Flexible Radio Assignment (FRA) not capable on 17.3.4c release

CSCwa53727

Cisco 9117AX AP reloads unexpectedly at cmnos_thread.c:3493

CSCwa54943

Cisco Wave 2 APs with RLAN port connecting to device running LLDP would reboot due to Out of Memory

CSCwa57078

The flap between DHCP and static IP address when Ethernet VLAN tagging on access point is enabled

CSCwa59673

Cisco 3802 FQI/NMI reset at rb_next+0xc

CSCwa61087

Cisco 1562 AP acting as WGB is unable to pass multicast traffic to passive client behind it

CSCwa61885

Cisco controller reloads unexpectedly due to timer leak on apfMsConnTask

CSCwa65318

Cisco 9130 AP: Tx power for Microcell created by the AP for slot2

CSCwa68439

3800 AP sends a burst of deauth frames after each session timeout for each AP in PSK WLAN

CSCwa70278

Cisco Wave 2 APs: MAP is failed to form 5 hop stable mesh tree

CSCwa73535

1830/1850 AP (EGYPT) won't advertise HT/VHT IE in beacons/probes without custom channel width change

CSCwa73820

Cisco 4800 AP would not negotiate full power via LLDP

CSCwa75901

Cisco 9117 Beacon stuck-reloads unexpectedly due to radio failure (radio recovery failed)

CSCwa76008

The value of "Channel Center Segment 0" in " VHT Operation Info"

CSCwa77205

AP1832/1852/1815 : Kernel Panic @wlan_handle_napi

CSCwa77633

Cisco 1832 AP reloads unexpectedly due to kernel panic

CSCwa79564

Cisco 2800,3800 APs on 8.10.162: Power Type displayed is incorrect when static power is set to 15.4W

CSCwa81190

Null pointer de-reference in wlc_wnm_is_wnmsleeping

CSCwa82660

AP2800/AP3800 with CAC configured only updating QBSS_AAC sent by WLC after radio reset

CSCwa85088

Wired client behind Cisco WGB is not taking DHCP IP address

CSCwa86015

C9120 Kernel panic crash - PC is at __kmalloc+0x5c/0x140

CSCwa86610

Cisco 2802 and 3802: Kernel panic crash running 8.10.151.0 image

CSCwa88621

C9120AXI - capwapd.service failed

CSCwa90871

9120AP:wcpd.service failed SW crashed on Process wcpd on 9120AP running 17.7.1.11

CSCwa95705

Cisco 2802 AP reloads unexpectedly due to FIQ/NMI reset

CSCwa96198

CWA clients with Run state cannot go online even though it is run state

CSCwa96429

Cisco Wave 2 AP disconnects from the WLC after cts switchport config

CSCwa97033

Cisco 9120 AP: Kernel crash seen while bringing up the slot1 radio

CSCwb02488

9120 Kernel Crash PC is at number.isra & LR is at vsnprintf

CSCwb05556

AP does not send multicast data till it snoops IGMPv2

CSCwb05569

AP 9130 is randomly not transmitting beacons (SF 05737407)

CSCwb07125

APs own MAC is detected as rogue on slot1/slot3 intermittently with empty SSID

CSCwb08755

Cisco 9130, 9120 AP in FlexConnect mode is not sending SA query

CSCwb08956

2800 APs changing the TID for eapol packets from 6 to 0 after changing rf profile in 9800

CSCwb09248

High latency and drops when associated to Cisco 9130 AP

CSCwb11711

Cisco 9120, 9130 APs in FlexConnect mode, send Assoc reject after the 1st successful connection

CSCwb11854

Low Throughput with WLC8540 and AP1852

CSCwb16632

AireOS SMART Licensing registration/renewal due to SSL certificate problem

CSCwb19448

Cisco 9117 running 8.10mr6 reloads unexpectedly due to kernel panic in cisco_wlan_crypto_decap

CSCwb19680

Incorrect kernel assertion in checking invalid timer objects

CSCwb19993

After a software upgrade, the Cisco Wave 2 AP might lose its configuration.

CSCwb23976

Cisco 9117 reloads unexpectedly due to Kernel panic dp_print_host_stats with fix for CSCwa52449

CSCwb28006

AP3800 plumbing client to VLAN 1 instead of native VLAN 0 causing ARP drops OUTER_UCAST_VLAN_BLOCK

CSCwb30993

Kernel panic crashes on Cisco 9117AXI-E

CSCwb32121

Cisco 1832 reloads due to radio failure - Beacon Stuck- reset radio for recovery

CSCwb34215

AP assert:"0" failed: file "wlc_pcb.c:384" (CS00012237864)

CSCwb34231

Cisco 9115 AP: Power Saving Client State on radio

CSCwb36531

AP 9130 not able to process fragmented EAP frames from client when doing EAP-TLS

CSCwb37452

Anchor Passthrough webauth presents PEM timeout after hitting RUN

CSCwb45599

Cisco AP reloads unexpectedly with ppr_create_prealloc+0xbc

CSCwb51769

8.10.171.0 showing Junk character with command Show ap join stats summary all

CSCwb53348

Cisco 9130 APs generating radio coredumps

CSCwb62329

Cisco 9120 not sending A-MPDUs for WPA1 AES clients in WPA1 and WPA2 mixed mode

CSCwb68720

AP sending ARP packet without VXLAN encapsulation

CSCwb69256

AireOS system reloads unexpectedly due to Task Name emWeb Due to NTP

CSCwb70757

Cisco 9130 AP reloads unexpectedly due kernel panic

CSCwb71679

Cisco 4800 Series AP on 8.10.171.0 crash due to FIQ/NMI reset

CSCwb73294

C9105 AP has low throughput on 2.4GHz with AX clients with adjacent channel interference

CSCwb76882

Rogue: Cisco Catalyst 9130 AP detects its own BSSID as Rogue in 5-Ghz channel

CSCwb76935

Cisco 1815-T OEAP Kernel Panic Crash on 17.8.1CCO

CSCwb94209

Cisco 9115 AP: Mode reset button does not clear CC mode and console blocking config

CSCwb95196

non-GA - webauth presents PEM timeout after hitting RUN

CSCwb95980

C9130 Kernal crash - PC is at _ZN10CACMetrics25accumulate

CSCwb98247

Cisco AP reloads unexpectedly in wlan_objmgr_peer_release_ref running 17.3.5

CSCwc04079

8.10.171.4 || WGB mode - Unable to assign static IP with subnet mask other than /24

CSCwc05350

Cisco Wave 2 APs: CAPWAP MTU flapping due to asymmetric MTU between AP to WLC and WLC to AP

CSCwc06293

Cisco 9120 AP stops beaconing

CSCwc07421

Cisco 4800-NDP: APs own MAC address added in NDP neighbor list

CSCwc09461

Cisco 9120 AP's delaying Authentication response frame

CSCwc14934

Outlook access not work on OEAP split tunnel but intranet/internet works fine

CSCwc15152

WLC does not show TSM Reports

CSCwc15229

Cisco 1832 reloads due to radio failure - Beacons stuck on Radio

CSCwc17045

AP console locks out after FIPS enable and AP full factory reset from eWLC, before CAPWAP rejoin

CSCwc20929

APP hosting segmentation does not work on Cisco 9100 AP and C9800 controller running 17.6.3

CSCwc22254

[AireOS]: With FIPS enabled on 3504 and 5520, Mobility Tunnel does not comes up

CSCwc23892

GUI-AP Join statistics page ap names are not showing in GUI mode

CSCwc35321

Wave 2 APs in local mode sending ARP requests to wireless clients from 10.128.128.128 IP address

CSCwc51428

Cisco 9130 AP: Kernel panic. __dma_inv_range+0x20/0x50

CSCwc51894

Cisco 9117 AP reloads unexpectedly due to Kernel panic, dp_print_host_stats

CSCwc54470

Cisco Wave 2 AP command "config boot crashkernel enable" does not generate kernel core to USB

CSCwc56774

WGB with Static IP loses IP address after multiple roams

CSCwc71198

CAPWAP flapping when VRRPv3 is present in network

CSCwc75102

Mobility Express AP Conversion to CAPWAP via DHCP Option 43 not working

Communications, Services, and Additional Information

  • To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

  • To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.

  • To submit a service request, visit Cisco Support.

  • To discover and browse secure, validated enterprise-class apps, products, solutions, and services, visit Cisco DevNet.

  • To obtain general networking, training, and certification titles, visit Cisco Press.

  • To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Cisco Bug Search Tool

Cisco Bug Search Tool (BST) is a gateway to the Cisco bug-tracking system, which maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. The BST provides you with detailed defect information about your products and software.

Documentation Feedback

To provide feedback about Cisco technical documentation, use the feedback form available in the right pane of every online document.