Table Of Contents
Release Notes for Cisco 3300 Series Mobility Services Engine for Software Release 18.104.22.168
Last Revised: November, 2009
These release notes describe features, enhancements, and caveats for software release 22.214.171.124 for Cisco 3300 Series Mobility Services Engines and its two services: Context Aware Service (CAS) and Adaptive Wireless Intrusion Protection Service (wIPS).
Note Before installing this software, refer to the "System Requirements" section for details on compatibility with Cisco Wireless LAN Controllers and Cisco Wireless Control Systems (WCS).
Note You must purchase licenses from Cisco to retrieve information on tags and clients from access points. Refer to the "Ordering CAS Client and Tag Licenses for the Mobility Services Engine" section for details. You must purchase licenses from Cisco to support wIPS monitor mode access points. Refer to the "Ordering Adaptive wIPS Licenses for the Mobility Services Engine" section.
These release notes contain the following sections:
Cisco 3300 Series Mobility Services Engine and Services
The Cisco 3300 Series Mobility Services Engine supports various services within the overall Cisco Unified Wireless Network (CUWN).
The Cisco 3300 Series Mobility Services Engine currently supports the following services in release 6.0:
•Context Aware Service (CAS)-Allows a mobility services engine to simultaneously track thousands of mobile assets and clients by retrieving contextual information such as location, temperature, and availability from Cisco access points.
CAS relies on two engines for processing the contextual information it receives. The Context Aware Engine for Clients processes data received from Wi-Fi clients and the Context Aware Engine for Tags processes data received from Wi-Fi tags. Both of these engines can be deployed together or separately depending on the business need. This service was introduced in release 5.1.
Note You must purchase licenses from Cisco to retrieve contextual information on tags and clients from access points. Refer to the "Ordering CAS Client and Tag Licenses for the Mobility Services Engine" section.
•Wireless Intrusion Protection Service (wIPS)-Provides wireless-specific network threat detection and mitigation against malicious attacks, security vulnerabilities, and sources of performance disruption within the CUWN infrastructure. wIPS visualizes, analyzes, and identifies wireless threats, and centrally manages mitigation and resolution of security and performance issues using Cisco monitor mode access points. Proactive threat prevention is also supported to create a hardened wireless network core that is impenetrable by most wireless attacks.
Note You must purchase licenses from Cisco to support wIPS monitor mode access points from access points. Refer to the "Ordering Adaptive wIPS Licenses for the Mobility Services Engine" section.
Note Evaluation licenses for 100 clients,100 tags, and 20 access points (wIPS) come standard on each mobility services engine installed with release 6.0. Evaluation licenses are good for 60-days.
Note CAS and wIPS can operate simultaneously on the Cisco 3350 and Cisco 3310.
Note Refer to the online version of the Cisco Context-Aware Software Configuration Guide, Release 6.0 for details on configuring and monitoring CAS on the mobility services engine at:
Note Refer to the online version of the Cisco Wireless Intrusion Prevention System Configuration Guide, Release 6.0 for details on configuring and monitoring wIPS on the mobility services engine at:
Note Refer to the online versions of the Cisco 3350 and 3310 Mobility Services Engine Getting Started Guides for details on the physical installation and initial configuration of the mobility services engines at:
The following minimum releases are required to configure and monitor CAS on the Cisco 3300 Mobility Services Engine, Cisco WCS, and Cisco Wireless LAN Controller (Table 1).
Table 1 Minimum Software Requirements
Service System Minimum Software Release
Context-Aware Software and Wireless Intrusion Prevention System1
Mobility services engine
126.96.36.199 and 188.8.131.52
184.108.40.206 and 220.127.116.11
4.2.130 (or later)
Note Release 5.0.x is not supported with release 6.0.
18.104.22.168 (or later)
Cisco WCS Navigator
22.214.171.124 or later
1 Release 5.2 is the minimum software requirement for the controller, WCS, and mobility services engine to support Cisco Adaptive Wireless Intrusion Prevention System.
Upgrading to This Software Release
For instructions for automatically downloading the software using Cisco WCS or for manually downloading the software using a local or remote connection, refer to the "Updating Mobility Services Engine Software" section in Chapter 2 of the Cisco 3350 Mobility Services Engine Getting Started Guide and Cisco 3310 Mobility Services Engine Getting Started Guide.
You can find these documents at:
Upgrading from Release 5.x to 6.0
Caution The number of supported clients, tags, and access points (wIPS) is reset to 100 clients, 100 tags, and 20 access points when you upgrade to release 6.0. All tracking beyond these limits is lost. These limits correspond to the 60-day evaluation licenses that are standard on mobility services engines.
Caution You must back up the mobility services engine database before upgrading from release 5.x to 6.0 to preserve client, tag, and access point configurations. You can restore the database after the software upgrade.
To upgrade to release 6.0, follow these steps:
Step 1 Register the Product Authorization Key (PAK).
a. Client and wIPS licenses are registered at www.cisco.com/go/license.
b. Tag licenses are registered at www.aeroscout.com/content/support.
Step 2 Back up the mobility services engine database and the Aeroscout database:
a. To back up the mobility services database (network designs controller configurations, clients, and access points), follow these steps:
1. Choose Services > Mobility Services.
2. Click the name of the mobility services engine for which you want to back up the database.
3. Choose Maintenance > Backup from under the System menu (left).
4. Enter a name for the backup file. Click Submit (see Figure 1).
b. To back up the AeroScout database (tag licenses, chokepoints, and TDOA receivers) refer to the AeroScout Context-Aware Engine for Tags, for Cisco Mobility Services Engine User's Guide at :
Figure 1 System > Maintenance Window
Step 3 Download release 6.0:
a. Choose Services > Mobility Services.
b. Click the name of the mobility services engine on which you want to upgrade the software.
c. Choose Maintenance > Download Software from under the System menu.
d. Select either an uploaded image or browse and upload an image. Click Download.
Step 4 Install release 6.0 using the mobility services engine CLI using one of the following options:
•To overwrite existing software, enter:/etc/init.d/msed stopcd /opt/installers./<mse software file name>
•To do a fresh install, enter:/etc/init.d/msed stopcd/opt/mse/uninstall
Enter the following once in the uninstall directory:./uninstall
Enter no when prompted to keep the old database:cd/opt/installers./<mse software file name>
Step 5 Restore the mobility services engine and AeroScout database:
a. To restore the mobility services database, follow these steps:
1. Choose Services > Mobility Services.
2. Click the name of the mobility services engine on which you upgraded the software.
3. Choose Maintenance > Restore from under the System menu.
4. Select the file to restore from the drop-down menu. Click Submit.
b. To restore the AeroScout database refer to the AeroScout Context-Aware Engine for Tags, for Cisco Mobility Services Engine User's Guide at:
Step 6 Install licenses:
Refer to Chapter 2 of the Context-Aware Services Configuration Guide, Release 6.0 at:
Software Image is Compressed
If you download the mobility services engine image *.gz file using Cisco WCS, the mobility services engine automatically decompresses (unzips) it, and you can proceed with the installation as before.
If you manually download the compressed *.gz file using FTP, you must decompress the files before running the installer. These files are compressed under the LINUX operating system and must be decompressed using the gunzip utility program. The unzip method you use is defined by the filename you are trying to unzip.
To make the bin file executable, use the following command:
chmod +x filename.bin
Updated Software Version Shown in Cisco WCS after Polling
After a software update, the new mobility services engine software version does not immediately appear in mobility services engine queries on Cisco WCS. Up to five minutes is required for the new version to appear. Cisco WCS, by default, queries the mobility services engine every five minutes for status.
CAS and wIPS License Requirements
For complete details on ordering and downloading licenses refer to the Cisco 3300 Series Mobility Services Engine Licensing and Ordering Guide for Context-Aware Mobility Software, and Adaptive wIPS, Release 6.0 at:
•Client and wIPS licenses are installed from Cisco WCS (Administration > License Center).
–Refer to Chapter 2 of the Cisco Context-Aware Service Configuration Guide, Release 6.0 and Cisco Adaptive Wireless Intrusion Prevention System, Release 6.0, respectively.
•Tag licenses are installed using the AeroScout System Manager. Refer to the "Installing Tag Licenses" section in Chapter 2 of Cisco Context-Aware Service Configuration Guide, Release 6.0.
Ordering CAS Client and Tag Licenses for the Mobility Services Engine
CAS software licenses are based on the number of Wi-Fi client and Wi-Fi tag devices tracked. The Cisco 3350 Mobility Services Engine allows for the tracking of up to 18,000 devices (combined count of Wi-Fi clients and Wi-Fi tags) and the Cisco 3310 Mobility Services Engine allows for the tracking of up to 2,000 devices (combined count of Wi-Fi clients and Wi-Fi tags).
Licenses for Cisco Compatible Extensions (CX) tags (version 1 or later) and clients are offered independently. The client's license also includes tracking of rogue clients and rogue access points.
Licenses for tags and clients are offered in quantities ranging from 1,000 to 12,000 units and can be combined to meet the location tracking requirements of a CAS deployment. For example, combining the AIR-CAS-3KC-K9, AIR-CAS-12KC-K9, and AIR-CAS-1KT-K9 licenses provide tracking of 15,000 Wi-Fi clients and 1,000 Wi-Fi tags on a Cisco 3350 (see Table 2).
CAS License Ordering Summary
Order numbers for client and tag licenses are summarized in Table 2.
Table 2 Order Numbers for Client and Tag Licenses
Order Number Licenses Client Licenses 1
License for tracking 1,000 client devices.
License for tracking 3,000 client devices.
License for tracking 6,000 client devices.
License for tracking 12,000 client devices.
License for tracking 1,000 tag devices.
License for tracking 3,000 tag devices.
License for tracking 6,000 tag devices.
License for tracking 12,000 tag devices.
1 All client licenses include tracking of rogue clients and rogue access points.
Ordering Adaptive wIPS Licenses for the Mobility Services Engine
Adaptive wIPS software licenses are based on the number of full-time monitoring access points (often referred to as monitor mode acess points) that are deployed in the network. The licenses may be combined to arrive at the number of monitor mode access points required to run the Adaptive wIPS deployment. For example, combining AIR-WIPS-AP-5, AIR-WIPS-AP-25, and AIR-WIPS-AP-500 licenses provides support for 530 monitor mode access points.
Adaptive wIPs License Ordering Summary
Order numbers for Adaptive wIPS licenses are summarized in Table 3.
This section describes important information about new features and operational notes for CAS, wIPS, and the mobility services engine for release 126.96.36.199.
Features and operational notes are summarized separately for the mobility services engine, CAS, and wIPS.
Mobility Services Engine
Automatic Installation Script for Initial Setup
An automatic setup wizard is available to help you initially set up the mobility services engine.
An example of the complete automatic setup script is provided in the Cisco 3350 Mobility Services Engine Getting Started Guide and Cisco 3310 Mobility Services Engine Getting Started Guide.
You can find these documents online at:
Controller and Associated Mobility Services Engine Must be Mapped to the Same NTP and WCS Server
Communications between the mobility services engine, Cisco WCS, and the controller are in universal time code (UTC). Configuring NTP on each system provides devices with the UTC time. An NTP server is required to automatically synchronize time between the controller, Cisco WCS, and the mobility services engine.
The mobility services engine and its associated controllers must be mapped to the same NTP server and the same Cisco WCS server.
Local time zones can be configured on a mobility services engine to assist network operations center personnel in locating events within logs.
Note You can configure NTP server settings during the automatic installation script. Refer to the Cisco 3350 Mobility Services Engine Getting Started Guide or Cisco 3310 Mobility Services Engine Getting Started Guide for details on the automatic installation script. You can find these documents online at:
Mandatory Default Root Password Change
You must change the default root password of the mobility services engine during the automatic installation script to ensure optimum network security.
You can also change the password using the Linux command, passwd.
Networks with Large Access Point Deployments Might Experience Slower Location Updates
In networks with a large number of access points (approximately 2000 or more), mobility services engines might experience a slow down in location calculation and heatmap updates for clients, tags, and access points (CSCsk18810).
Large Burst of Notifications Might Cause Drop of Notifications
A mobility services engine might fail to send notifications if it receives a large burst of notifications. The dropped notification count appears on the Services > Context Aware Notifications window.
Refer to CSCsu43201 in the Open Caveats section for workaround.
Configuration Changes for Greater Location Accuracy
In some RF environments, where location accuracy is around 60 to 70% or where incorrect client or tag floor location map placements occur, you might need to modify the moment RSSI thresholds in the aes-config.xml file in the opt/locserver/conf/ directory of the mobility services engine (CSCsw17583).
The RSSI parameters that might need modification are:
Caution Please contact TAC for assistance in modifying these parameters.
Synchronization Required When Upgrading to Release 6.0 or Importing CAD Floor Images
When upgrading to release 6.0 from release 5.x (and earlier) you must synchronize after the software upgrade and also when CAD generated floor images are imported into Cisco WCS.
Floor Change or Minimum Distance Required for Location Transitions to Post to History Log
When history logging is enabled for any or all elements (client stations, asset tags, and rogue clients and access points), a location transition for an element is only posted if it changes floors or the element's new location is at least 30 feet or 10 meters from its original location.
Cisco Path: Services > Mobility Services > Device Name > Context Aware Service > Administration > History Parameters.
Logs can be viewed at Services > Mobility Services > Device Name > Systems > Log.
Release 4.1 of AeroScout MobileView Required for Northbound Notifications
If a release of AeroScout MobileView earlier than 4.1 is in use, incorrect responses are sent to those northbound notifications received from the mobility services engine. Northbound notifications are then resent by the mobility services engine, overloading the notification queue and resulting in reports of dropped notifications (CSCsx56618).
Separate Partner Engine Software Install Not Required for Tag Contextual Information
In release 6.0 (and 5.2), the partner software that supports tag contextual information (temperature, availability, and location calculations) is bundled into the mobility services engine software. No separate download of partner engine software is required as it was in release 5.1.
Cisco WCS Online Help Outlines Incorrect Software Download Procedure
In Cisco WCS online help (OLH), the steps in the "Downloading Software to a Mobility Services Engine Using Cisco WCS" section mistakenly notes commands for downloading an aeroscout-engine. The aeroscout-engine is now bundled within the mobility services engine software. Refer to Chapter 9 of the Cisco Context-Aware Service Configuration Guide, Release 6.0 for the correct download steps.
Non-Cisco Compatible Extensions Tags Not Supported
The mobility services engine does not support non-Cisco CX Wi-Fi tags. Additionally, these non-compliant tags are not used in location calculations or shown on Cisco WCS maps.
Cisco Compatible Extensions, Version 1 Tags Required at a Minimum
Only Cisco CX version 1 tags (or later) are used in location calculations and mapped in Cisco WCS.
Monitoring Information Varies for Clients and Tags
On the Monitor > Clients page (when Location Debug is enabled), you can view information on the last heard access point and its corresponding RSSI reading. This information is not available on the Monitor > Tags page.
Calibration Models and Data Apply Only to Clients
Calibration models and data apply only to clients. Calibration for tags is done using the AeroScout System Manager.
Refer to Chapter 7, "Context-Aware Planning and Verification" in the Cisco Context-Aware Software Configuration Guide, Release 6.0 for more details on client calibration.
Refer to the AeroScout Context-Aware Engine for Tags, for Cisco Mobility Services Engine User's Guide at the following link:
Advanced Location Parameters Apply Only to Clients
Settings for advanced location parameters related to RSSI, chokepoint usage, location smoothing, and assignment of outside walls on floors, are not applicable to tags.
Refer to the "Editing Advanced Location Parameters" section in Chapter 7 of the Cisco Context-Aware Software Configuration Guide, Release 6.0.
Cisco WCS Path: Services > Mobility Services > Device Name > Context Aware Service > Advanced > Location Parameters.
Location History Timestamps Match Browser's Location
The Cisco WCS timestamp is based on the browser's location and not on the mobility services engine settings. Changing the time zone on Cisco WCS or on the mobility services engine does not change the timestamp for the location history.
PDAs with Limited Probe Requests Might Affect Location
Many PDAs do not continuously send out probe requests after initial association to the Cisco Unified Wireless Network (CUWN). Therefore, calculating the location accuracy of such PDAs using RSSI readings is not always optimal.
Mandatory Setting Required on Intel 802.11n and 802.11 b/g/n Client Cards for Accurate Calibration
The Cisco CX RM option within Intel's Enterprise Security Profile must be enabled to ensure adequate calibration data points are collected for Intel 802.11n and 802.11 b/g/n client cards. You can use the Intel Client Software PROSET package to enable the Cisco CX RM option in the Enterprise Security Profile (CSCsl40623).
Mobility Services Engine with wIPS Service Enabled Mistakenly Allows a Controller to Be Assigned to Multiple MSEs
When wIPS is configured on the mobility services engine, often a controller can be assigned to more than one mobility services engine in error. By design, a controller can only be assigned to one mobility services engine and an error appears in the Cisco WCS window when you synchronize a mobility services engine and a controller (CSCsx38955).
Cisco WCS Screen and Navigation Changes
•Services replaces Mobility in the navigation bar of Cisco WCS.
•A centralized license center to install and view license status is available (Administration > License Center).
•A Switches tab is a new synchronize option to support the new wired Catalyst switch and wired client feature (Services > Synchronize Services).
New Feature Support
New features for the mobility services engine and services CAS and wIPS are summarized under separate headings.
Mobility Services Engine
Both the CAS and wIPS services can operate on the Cisco 3350 and Cisco 3310 simultaneously.
For details on all the features discussed in this section, refer to Chapter 7 of the Cisco Context-Aware Configuration Guide, Release 6.0 at the following link:
Location Services for Wired Switches and Clients
You can import the location of wired Catalyst stackable switches (3750, 3750-E, 3560, 2960, IE-3000 switches), switch blades (3110, 3120, 3130, 3040, 3030, 3020), and switch ports into the mobility services engine.
The following Catalyst 4000 series are also supported:
WS-C4948, WS-C4948-10GE, ME-4924-10GE, WS-4928-10GE, WS-C4900M, WS-X4515, WS-X4516, WS-X4013+, WS-X4013+TS, WS-X4516-10GE, WS-X4013+10GE, WS-X45-SUP6-E, and WS-X45-SUP6-LE
Once you define a wired switch and synchronize it with a mobility services engine, details on wired clients connected to a wired switch are downloaded to the mobility services engine over the NMSP connection. You can then view wired switches and wired clients using Cisco WCS.
Import and display of civic and emergency location information (ELIN) meets specifications of RFC4776 which is outlined at:
Note Catalyst stackable switches and switch blades must be operated with Cisco IOS Release 12.2(52)SG.
Cisco WCS Path: Configure > Ethernet Switches
Cisco WCS Supports Backup of Tag, Chokepoint, and TDOA Receiver Configuration Data
Release 6.0 provides support for backup of Tag, Chokepoint, and TDOA Receiver configuration data. In release 5.2, this feature was not supported.
Refer to the AeroScout Context-Aware Engine for Tags, for Cisco Mobility Services Engine User's Guide at the following link for backup process:
Note Configuration data must be backed up prior to any backup or software update of the mobility services engine. Refer to the "Upgrading to This Software Release" section.
Cisco WCS Path: Services > Mobility Services > Device Name > Maintenance > Backup
For details on all the features discussed in this section, refer to the Cisco Adaptive Wireless Intrusion Prevention System Configuration Guide, Release 6.0 at the following link:
Supported on Cisco 3350 and Cisco 3310
Cisco wIPS is supported on Cisco 3350 and 3310 mobility services engines in release 6.0. Previously, wIPS was supported only on the Cisco 3310 in release 5.2.
The following sections list open and resolved caveats in release 188.8.131.52 for Windows and Linux. For your convenience in locating caveats in Cisco's Bug Toolkit, the caveat titles listed in this section are taken directly from the Bug Toolkit database. These caveat titles are not intended to be read as complete sentences because the title field length is limited. In the caveat titles, some truncation of wording or punctuation might be necessary to provide the most complete and concise description. The only modifications made to these titles are as follows:
•Commands are in boldface type.
•Product names and acronyms may be standardized.
•Spelling errors and typos may be corrected.
Note If you are a registered cisco.com user, view Bug Toolkit on cisco.com at the following website:
To become a registered cisco.com user, go to the following website:
Table 4 lists the major open caveats in Version 184.108.40.206.
Table 4 Major Open Caveats
ID Number Caveat Title
Storing data during Calibration leads to Matlab memory allocation error
Rogue AP Location History not being generated
Table 5 lists the moderate open caveats in Version 220.127.116.11.
Table 6 lists the minor open caveats in Version 18.104.22.168.
Table 7 lists the resolved caveats in Version 22.214.171.124.
If You Need More Information
If you need information about a specific caveat that does not appear in these release notes, you can use the Cisco Bug Toolkit to find caveats of any severity. Click this URL to browse to the Bug Toolkit:
(If you request a defect that cannot be displayed, the defect number might not exist, the defect might not yet have a customer-visible description, or the defect might be marked Cisco Confidential.)
For the most up-to-date, detailed troubleshooting information, refer to the Cisco TAC website at:
.Then choose your product and then select the Troubleshoot and Alerts heading on the product page to find information on the problem you are experiencing and other service advisories.
The following documents are related to the mobility services engine:
•Cisco 3350 Mobility Services Engine Getting Started Guide and Cisco 3310 Mobility Services Engine Getting Started Guide
•Cisco Context-Aware Software Configuration Guide, Release 6.0
•Cisco Adaptive Wireless Intrusion Prevention System Configuration Guide, Release 6.0
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R)