Upgrading the MSE
For instructions on automatically downloading the software using the Prime Infrastructure or for manually downloading the software using a local or remote connection, see the “Updating Mobility Services Engine Software” section in Chapter 2 of the Cisco Mobility Services Engine Getting Started Guide.
You can find these documents at the following URL:
This section contains the following topics:
The following scenarios are available to upgrade MSE to 22.214.171.124 from 7.x releases:
Note Do not run uninstall on the 7.4 Release, instead stop the MSE and directly run the installer.
Upgrading the MSE to 126.96.36.199 from 7.x Release Without Data Migration
To upgrade from 7.x release to 188.8.131.52 without data migration, follow these steps:
Step 1 Back up the existing database using the Prime Infrastructure. (We recommended this).
All data existing on the system will be lost and a fresh blank database will be created.
Step 2 Transfer the *.tar file for 184.108.40.206 to the MSE appliance:
Step 3 Place the file in the /opt/installers folder. You should manually FTP this file to the appliance.
Note Use binary mode for the transfer. Make sure that the downloaded file sizes are the same as those on Cisco.com.
Step 4 Untar the file: tar -xvf CISCO-MSE-K9-7-4-110-0-64.bit-db.tar
This gives you the following:
- 1 Cisco-MSE-L-K9-7-4-110-0-64bit.bin.gz
Step 5 To decompress (unzip) the file, execute: gunzip CISCO-MSE-L-K9-7-4-110-0-0-64bit.bin.gz.
Step 6 Enter the following command:
chmod +x CISCO-MSE-L-K9-7-4-110-0-64bit.bin
Step 7 Stop the MSE service using the following command:
service msed stop
Step 8 Uninstall the existing MSE software. Choose deletion of database when prompted.
Step 9 Invoke the MSE installer.
Doing so installs the new database using the four.zip files for the database along with the MSE software.
Initial database installation can take a long time (20 minutes at least -or- approximately). Do not cancel the installer midway through the installation process.
Once installed, follow the regular procedure to start, stop, or add an MSE to the Prime Infrastructure.
Note The MSE appliance needs to be rebooted using the “reboot” command before starting the MSE services.
Upgrading the MSE to 220.127.116.11 from 7.x Release
To upgrade the MSE to 18.104.22.168 from 7.x release, follow these steps:
Note Complete database installation is not required if you are upgrading from 22.214.171.124
Step 1 Download CISCO-MSE-L-K9-7-4-110-0-64bit.bin.gz to the MSE using the standard Prime Infrastructure download software page.
Step 2 Transfer the software to the /opt/installers directory on the MSE server via FTP or another transport method.
Step 3 Unzip the file: gunzip CISCO-MSE-L-K9-7-4-110-0-64bit.bin.gz
Step 4 Enter the following command:
chmod +x CISCO-MSE-L-K9-7-4-110-0-64bit.bin
Step 5 Run this command: service msed stop and restart the MSE.
Step 6 Execute the file with./CISCO-MSE-L-K9-7-4-110-0-64bit.bin
The installer automatically detects if there is an old database present and asks the relevant questions.
Restoring an Old Database to 126.96.36.199
To restore an old database, follow these steps:
Note The regular Restore option on the Prime Infrastructure cannot be used to restore an older database of older releases such as 6.0, 188.8.131.52, or 184.108.40.206 onto 220.127.116.11.
Step 1 Stop the running MSE 18.104.22.168.
Step 2 Uninstall the software. Delete the database.
Step 3 Based on backed up data that you want to restore, follow the matrix in Table 2 to install a relevant version of MSE.
Table 2 Release Matrix
Version of Database to be restored
New Version that Should be Installed
5.2, 6.0, 7.0
Step 4 Once you have installed the software, restore the desired database backup onto this using the regular procedure from the Prime Infrastructure.
Step 5 To migrate data to 7.x.x.x, follow the steps in the .
Compressed Software Image
If you download the mobility services engine image *.gz file using the Prime Infrastructure, the mobility services engine automatically decompresses (unzips) it, and you can proceed with the installation as before.
If you manually download the compressed *.gz file using FTP, you must decompress the files before running the installer. These files are compressed under the LINUX operating system and must be decompressed using the gunzip utility program. The unzip method you use is defined by the filename you are trying to unzip.
To make the bin file executable, use the chmod +x filename.bin command.
The MSE virtual appliance software is distributed as an Open Virtualization Archive (OVA) file. You can install the MSE virtual appliance using any of the methods for deploying an OVF. For more information on deploying the MSE virtual appliance, see Chapter 5: “MSE Delivery Modes” in the Cisco Connected Mobile Experiences Configuration Guide, Release 7.4, and Cisco Wireless Intrusion Prevention System, Release 7.4, respectively.
Updated Software Version Shown in the Prime Infrastructure After Polling
After a software update, the new mobility services engine software version does not immediately appear in mobility services engine queries on the Prime Infrastructure. Up to 5 minutes is required for the new version to appear. Prime Infrastructure, by default, queries the mobility services engine for status every 5 minutes.
CAS, wIPS, and Advanced Location Services License Requirements
Client and wIPS licenses are installed from the Prime Infrastructure (Administration > License Center). See, Chapter 2: “Adding and Deleting Mobility Services Engines and Licenses” in the Cisco Connected Mobile Experiences Configuration Guide, Release 7.4, Cisco Wireless Intrusion Prevention System, Release 7.4, and Cisco Location Analytics Configuration Guide, Release 7.4 respectively.
Tag licenses are installed using the AeroScout System Manager. See the “Installing Tag Licenses” section in Chapter 2: “Adding and Deleting Mobility Services Engines and Licenses in the Cisco Connected Mobile Experiences Guide, Release 7.4.
For complete details on ordering and downloading licenses, see the Cisco Mobility Services Engine Licensing and Ordering Guide at the following URL: http://www.cisco.com/en/US/prod/collateral/wireless/ps9733/ps9742/data_sheet_c07-473865.html
Licensing Information for MSE
Cisco MSE Location Services and Advanced Location Services Software
- Advanced Location service is introduced in Release 7.4 and it includes Mobile Concierge service and Location Analytics service.
- From Release 7.4 onwards, licensing is going to be AP based and not end point based. To accommodate this, new L-LS-licenses are introduced in this release.
Note CAS licenses will be End of Life with standard 6 months of End of Sales and until then both CAS and LS licenses will co-exist.
- Cisco MSE 3355 supports up to 500 access points for Cisco MSE Location Services or Advanced Location Services. The Cisco MSE virtual appliance supports up to 1,000 access points, depending on the server resources.
- There is no change to endpoint support and MSE 3355 supports 25,000 and high end virtual alliance supports 50000. All licenses are additive.
SKUs for Cisco MSE Location Services
The following are the Cisco MSE location services software licenses.
Note You must select L-MSE-PAK to order these licenses.
License for base Location Services for 1 access point.
License for base Location Services for 100 access points.
License for base Location Services for 1000 access points.
License for Advanced Location Services for 1 access point.
License for Advanced Location Services for 100 access points.
License for Advanced Location Services for 1000 access points.
SKU to upgrade from a Location Services to Advanced Location Services:
License to upgrade to Advanced Location Services for 1 access point.
Cisco Wireless IPS Software
Licenses are available for monitor mode and enhanced local mode for Cisco wIPS software.
SKUs for Cisco wIPS in Monitor Mode
The Cisco wIPS monitor mode licenses are based on the number of number of full-time monitoring access points deployed in the network. The Cisco 3355 mobility services engine supports up to 5,000 monitor mode access points. The Cisco mobility services engine virtual appliance supports up to 10,000 monitor mode access points, depending on server resources. All licenses are additive.
Note You need to select L-MSE-PAK to order these licenses.
Supports 1 Monitor Mode access point.
Supports 100 Monitor Mode access points.
Supports 1000 Monitor Mode access points.
SKUs for Cisco wIPS in Enhanced Local Mode
The Cisco wIPS Enhanced Local Mode software licenses are based on the number of local mode (data serving) access points. The Cisco mobility services engine supports up to 5,000 local mode access points. The Cisco mobility services engine virtual appliance can track up to 10,000 local mode access points, depending on the server resources. All licenses are additive.
Note You must select L-MSE-PAK to order these licenses.
Supports 1 Enhanced Local Mode access point.
Supports 100 Enhanced Local Mode access points.
Supports 1000 Enhanced Local Mode access points.
Cisco Mobility Services Licenses for High Availability
No separate license is required for high availability. To enable high availability, you need to deploy a primary Cisco MSE appliance with Cisco CAS and wIPS licenses, and a secondary Cisco MSE appliance without any Cisco CAS or wIPS license.
This section describes the operational notes and navigation changes for CAS, wIPS, and the mobility services engine for Release 22.214.171.124 and later releases.
Features and operational notes are summarized separately for the mobility services engine, CAS, and wIPS.
This section contains the following topics:
Operational Notes for a Mobility Services Engine
This section lists the operational notes for the mobility services engine and contains the following topics:
Automatic Installation Script for Initial Setup
An automatic setup wizard is available to help you initially set up the mobility services engine.
An example of the complete automatic setup script is provided in the Cisco Mobility Services Engine Getting Started Guide.
You can find these documents at the following URL:
Parameter Changes During Upgrade from 6.0.x to 7.0.x
You will notice a change in the tracking limits when you do the following:
1. Configure tracking limits in 6.0.x.
2. Upgrade to 7.0.x.
If limits are greater than licensed counts, limits are removed and licensed counts are enforced instead.
Controller and Associated Mobility Services Engine Must be Mapped to the Same NTP and Prime Infrastructure Server
Communication between the mobility services engine, the Prime Infrastructure, and the controller are in Coordinated Universal Time (UTC). Configuring the Network Time Protocol (NTP) on each system provides devices with the UTC time. An NTP server is required to automatically synchronize time between the controller, Prime Infrastructure, and the mobility services engine.
The mobility services engine and its associated controllers must be mapped to the same NTP server and the same Prime Infrastructure server.
Local time zones can be configured on a mobility services engine to assist network operations center personnel in locating events within logs.
Note You can configure NTP server settings while running the automatic installation script. See the Cisco Mobility Services Engine Getting Started Guide for details on the automatic installation script at the following URL:
Mandatory Default Root Password Change
You must change the default root password of the mobility services engine while running the automatic installation script to ensure optimum network security.
You can also change the password using the Linux passwd command.
Note For the initial login, even if you choose Skip (S), you will be prompted to enter the password. This is because it is mandatory to change the root password at the initial login.
Configuring the Prime Infrastructure Communication Username and Password Using MSE setup.sh
You can configure the Prime Infrastructure Communication username and password using the MSE setup.sh script file.
Scenarios which you might encounter while configuring the Prime Infrastructure username and password are as follows:
- If you configure a new Prime Infrastructure username and password, the password provided is applicable for the new Prime Infrastructure username created.
- If you only configure the Prime Infrastructure username without configuring the Prime Infrastructure password, then the default password admin is applied to the configured username.
- If you only configure the Prime Infrastructure password without configuring the Prime Infrastructure username, then the password for the admin user is changed.
- If you configure an existing username for the Prime Infrastructure username and also configure the password, then the password for that existing user is changed.
Note These users are API users, and they do not have corresponding OS users on the MSE appliance.
Configuration Changes for Greater Location Accuracy
In some RF environments, where location accuracy is around 60 to 70% or where incorrect client or tag floor location map placements occur, you might need to modify the moment RSSI thresholds in the Context Aware Service > Advanced > Location Parameters page on the Prime Infrastructure.
The following RSSI parameters might require modification:
Contact Cisco TAC for assistance in modifying these parameters.
Operational Notes for CAS
This section lists the operational notes for a mobility services engine and contains the following topics:
Synchronization Required When Upgrading to Release 7.2 or Importing CAD Floor Images
When upgrading to Release 7.2 from Release 6.x (and earlier), you must synchronize after the software upgrade and also when CAD-generated floor images are imported into the Prime Infrastructure.
Floor Change or Minimum Distance Required for Location Transitions to Post to the History Log
When history logging is enabled for any or all elements (client stations, asset tags, rogue clients, and access points), a location transition for an element is posted only if it changes floors or the new location of the element is at least 30 feet (10 meters) from its original location.
Note The other conditions for history logging are as follows:
- Clients: Association, authentication, re-association, re-authentication, or disassociation.
- Tags: Tag Emergency button.
- Interferers: Interferer severity change, cluster center change, or merge.
See Services > Mobility Services > Device Name > Context Aware Service > Administration > History Parameters.
Logs can be viewed at Services > Mobility Services > Device Name > Systems > Log.
AeroScout MobileView Release 4.1 Required for Northbound Notifications
If AeroScout MobileView Release 4.1 and earlier is in use, incorrect responses are sent to those northbound notifications received from the mobility services engine. Northbound notifications are then sent again by the mobility services engine, overloading the notification queue and resulting in reports of dropped notifications.
The workaround for this is to upgrade to AeroScout MobileView Version 4.1 (CSCsx56618).
Separate Partner Engine Software Install Not Required for Tag Contextual Information
In Release 5.2 and later, the partner software that supports tag contextual information (temperature, availability, and location calculations) is bundled into the mobility services engine software. No separate download of partner engine software is required as in Release 5.1.
Non-Cisco Compatible Extensions Tags Not Supported
The mobility services engine does not support non-Cisco CX Wi-Fi tags. Additionally, these non-compliant tags are not used in location calculations or shown on the Prime Infrastructure maps.
Cisco Compatible Extensions Version 1 Tags Required at a Minimum
Only Cisco CX Version 1 (or later) tags are used in location calculations and mapped in the Prime Infrastructure.
Monitoring Information Varies for Clients and Tags
Note This information is missing if the AeroScout Tag Engine is used.
In the Monitor > Clients page (when Location Debug is enabled), you can view information on the last heard access point and its corresponding Received Signal Strength Indicator (RSSI) reading.
Calibration Models and Data
Calibration models that are applied through the Prime Infrastructure do not apply to tags if AeroScout engine is used for calculation. If the Cisco tag engine is used, then everything applied on the Prime Infrastructure calibration models and data uses tag calculation.
Calibration models and data do not apply only to tags if AeroScout engine is used for tag calculation. It always applies to wireless clients, interferers, rogue APs, and rogue clients.
See Chapter 7, “Context-Aware Planning and Verification” in the Cisco Connected Mobile Experiences Configuration Guide, Release 7.4 for more details on client calibration.
See the AeroScout Context-Aware Engine for Tags for Cisco Mobility Services Engine User’s Guide at the AeroScout website.
Advanced Location Parameters
Advanced location parameters does not apply to tags if AeroScout engine is used and otherwise it works always. Settings for advanced location parameters related to RSSI, chokepoint usage, location smoothing, and assignment of outside walls on floors, are not applicable to tags.
See the “Editing Advanced Location Parameters” section in Chapter 7 of the Cisco Connected Mobile Experiences Configuration Guide, Release 7.4.
See Services > Mobility Services > Device Name > Context Aware Service > Advanced > Location Parameters in the Prime Infrastructure UI.
Location History Time stamps Match Browser Location
The Prime Infrastructure time stamp is based on the browser location and not on the mobility services engine settings. Changing the time zone on the Prime Infrastructure or on the mobility services engine does not change the time stamp for the location history.
PDAs and Smartphone with Limited Probe Requests Might Affect Location
Many PDAs like smartphones and other Wi-Fi devices with power save mode do not continuously send out probe requests after an initial association to the CUWN. Therefore, calculating the location accuracy of such PDAs using RSSI readings is not always optimal.
Prime Infrastructure Screen and Navigation Changes
- Services replaces Mobility in the Prime Infrastructure navigation bar.
- A centralized license center to install and view license status is available (see Administration > License Center).
- A Switches tab is a new synchronize option to support the new wired Catalyst switch and wired client feature (see Services > Synchronize Services).
Operational Notes for Location Analytics Service
This section lists the operational notes for Location Analytics service.
The Location Analytics in Release 7.4 provides ability to view the analytic results in both 2D (Open Street Maps) and 3D (WebGL) environments. This provides improved understanding of results, on multiple floor paths or when dwell times are calculated throughout a multi-storey building. The 3D environment presents the same information as the 2D environment.
WebGL is an advanced feature that provides graphic capabilities. All borowsers do not support WebGL on a particular hardware. Verify your browser compatibility in the Get WebGL website. If your browser supports WebGL, then you must see a spinning cube.
If your browser does not support WebGL, you must do the following:
- Update your latest drivers for video card.
- For Google Chrome, follow the instructions given for WebGL and 3D Graphics in the Google Chrome support website.
- For Firefox, follow these steps to enable WebGL:
– Download the latest build of Firefox browser and launch Firefox on your computer.
– In the browser address line, enter about:config
– In the Search text box, enter webgl to filter the settings
– Double click webgl.enabled_for_all_sites
– Set the webgl.enabled_for_all_sites=true
- For Safari, follow these steps to enable WebGL:
– Choose Safari > Preferences.
– Click the Advanced tab.
– Select the Show Develop menu in menu bar check box.
– Choose Enable WebGL from the Develop menu.
Note If your system does not support 3D, then the analytic results are displayed only in 2D Open Street Maps view.
- Internet Explorer 10 does not have the built-in support for WebGL and Microsoft has not announced any plans for implementing it in the future. WebGL support can be manually added to Internet Explorer using third-party plugins. For more information, see the WebGL for Internet Explorer website.
Sometimes Location Analytics service does not start up because of a stray Jboss process that runs as a root user. If Analytics engine does not start and if you notice a stray Jboss process with root permissions running, then you must to do the following:
- Stop Location Analytics service from the Prime Infrastructure.
- Kill the Jboss process.
- chown - R nobody:nobody/opt/mse/analytics.
- Start Location Analytics service from the Prime Infrastructure.