Release Notes for Cisco Configuration Professional Express 3.5 on IR800 Series Routers
Determining the Cisco IOS Release
What is Not Supported in Release 3.5
First Published: September 12, 2017
Revised: December 4, 2017
These release notes support Cisco Configuration Professional Express Release 3.5 on IR800 Series Routers. To download the software, go to:
https://software.cisco.com/download/release.html?i=!y&mdfid=281795035&softwareid=282159854&release=3.5&os
This document contains the following sections:
■Determining the Cisco IOS Release
■What is Not Supported in Release 3.5
Cisco Configuration Professional Express is an embedded, device-management tool that enables bootstrap configuration and provisioning of a Cisco Industrial Router (IR).
CCP Express provides you two options to bring up a brand new router. You can use the Quick Setup Wizard to perform the basic configuration tasks and Advanced Setup option for detailed configuration options. For a brand new router, Quick setup wizard is the preferred option.
Caution: If you log into an IR800 Series device as a one-time user with the cisco/cisco username and password, you must create another user through the UI or command line. Otherwise, the one-time user session is deleted, and your configurations are not saved. For more information, refer to the Cisco Configuration Professional Express Quick Start Guide at:
https://www.cisco.com/c/en/us/td/docs/routers/access/800/829/software/cisco_configuration_professional_express/v3_5/guides/quickstart/CiscoCPExpress-IR-3-5-qsg.html
Supported Routerslists the routers that Cisco Configuration Professional Express supports.
Cisco Configuration Professional Express is supported on the following browsers:
For IR800 Series routers running Cisco Configuration Professional Express, we recommend Cisco IOS Release 15.6(3)M2 or later.
For security features, use Cisco IOS Release 15.5(1) T or later.
To determine the Cisco IOS software release currently running on your Cisco router, log in to the router and enter the show version EXEC command. The following sample output from the show version command indicates the Cisco IOS release in the second line.
The Cisco Configuration Professional Express 3.5 installation files are left untarred on the router flash.
Release 3.5 introduces the following new features:
■CPU Utilization Dashlet—A new dashlet is shown in a popup dialog. The details of CPU usage are in percents for different intervals.
■Gyroscope Configuration—Under General Settings, the Gyroscope option is available.
■Access CCP Express Using a Friendly URL—You can open a browser and enter “myir800.com”.
■Secure Console When Creating New User in Wizard—When you access CCP Express for the first time on a machine, you have an option to enable console authentication.
■SNMP Configuration—Under General Settings, the SNMP option is available.
■GPS Support in Cellular Interface Configuration (Interface Screen and Wizard)
CAUTION : This product is shipped with a default configuration which is unique to each device. The default configuration allows the user to access the CCP Express Quick Setup Wizard to perform basic configuration. Erasing or making any other manual configuration changes prior to using CCP Express is strongly discouraged as the default configuration is mandatory for CCP Express to operate. For IR configuration questions, please contact your Cisco support representative.
This following is the list of known issues in Cisco Configuration Professional Express Release 3.5:
Symptom: In the Interface screen (in both the Admin view and the End User view), the Edit VLAN and Edit Interface dialog boxes do not reflect the correct values for the attributes displayed on the Summary screen.
Condition: This issue occurs when the Interfaces feature is in use, and an interface or a VLAN is being edited.
Workaround: Upgrade your Cisco IOS Software Release to 15.2(4)M or later.
Symptom: The Cisco Configuration Professional Express interfaces screen displays a blank page.
Condition: This issue occurs when the Cisco IOS Release that is being used is earlier than Release 15.2, and the router has cellular interfaces.
Workaround: Upgrade to Cisco IOS Release 15.2.4M2 or later, or Release 15.3.1T or later for all SKUs.
Symptom: While creating a user very first time in a new router the password is not encrypted.
Condition: The user will be prompted to create a new user while logging in to the router for the first time with default username and password. The newly created user is not encrypted. The password will be visible when anyone tries to check the running configuration.
Workaround: Login to router and execute a CLI “service password-encryption” in config mode. Otherwise navigate to Any CLI to the box menu and execute the same CLI in config mode.
Symptom: NAT translations do not happen if stale NAT translation CLIs present in the configuration.
Condition: This problem is seen when interface enabled for NAT feature is deleted using CCP Express 3.0 [on supported Cisco Routers]
This problem occurs with the following conditions:
1. Enabling NAT during Interface configuration and deleting it
2. Configuring an interface as Primary WAN interface and deleting it
3. Configuring an interface as Secondary WAN interface and deleting it
In above conditions following CLIs are sent to router from CCP Express software and stays in configuration as stale entries when deleted
1. If the interface part of NAT overload configuration is deleted, then create that interface (see example below).
2. Delete the stale NAT overload CLI.
3. Delete the created interface.
4. Execute “clear nat translations forced”.
The below entry may exist on the device causing NAT translations to not work properly.
Symptom: Unable to access the Internet. Traffic is not going through the configured WAN interface.
Condition: When the WAN interface gets its IP and default gateway from DHCP server, CCP Express should not push “ip route 0.0.0.0 0.0.0.0 'primary WAN interface” configuration to the router. With this configuration the traffic is not flowing through the device, when already the default route (GW IP received from DHCP server) is installed on the router.
Workaround: Remove the CLI manually in the router like “no ip route 0.0.0.0 0.0.0.0 'primary WAN interface'” or using CCP Express Any CLI to the box feature to execute the CLI.
Symptom: The protocol 914c/g protocol is not listed under net-admin application list in the Policy screen.
Condition: This particular protocol cannot be configured using CCP Express.
Workaround: There is no workaround. If you configure “match protocol 914c/g” under any of the class-maps using the CLI on the router, the UI will show “parsing error” while accessing some features, e.g. CWS.
Symptom: Uploads in CCP Express are getting aborted automatically under certain conditions in Microsoft Internet Explorer due to browser timeout issues.
Condition: When Microsoft Internet Explorer is used, we have noticed that certain devices shoot up in the CPU utilization to 100%. This causes subsequent processing to halt. The options are to try again or use Google Chrome, Mozilla Firefox, or Microsoft Edge browsers.
Workaround: There is no workaround for this in Microsoft Internet Explorer.
Symptom: IOS upload not listing the IOS image on the IR boxes.
Condition: The command show file info should yield “type is image” for any IOS image file. In IR routers, this is shown as “ebcdic text”. Hence the files are not listed.
Workaround: A code workaround to check for ebcdic text if the box type is IR is put in to list the IOS images. This is entirely not correct as vlan.dat (and also other files which are not known at this point) can also be listed as ebcdic text. So code has excluded vlan.dat from the checks and only checks for type as ebcdic text to list the IOS images. In addition, since IR devices use IOS installation bundles, the file is checked for presence of “bundle” in its name. The user will have to manually identify and select the correct IOS image bundle.
Symptom: Dashboard router option is not showing Hardware Health in IR routers.
Condition: Hardware Health option in Dashboard is not listed. The output of the command “show environment all” given by IOS in IR routers is very much different when compared to the standard output given in ISR routers for IOS (based on which the initial design was done).
Workaround: There is no workaround here. By design, if the values cannot be fetched, the dashlet will not be displayed.
Symptom: L ogin to UI is not possible for user with privilege level other than 15
Condition: HTTP server in IOS permits only privilege level 15 user credentials to be used for application login.
Workaround: There is no workaround. User should be created with privilege level 15.
Symptom: Integration with Cisco Active Advisor works at authentication level, but you cannot upload data from device in Microsoft Internet Explorer.
Condition: When Microsoft Internet Explorer is used, the authentication to CAA works, but the data upload does not work. We need to use Google Chrome, Mozilla Firefox, or Microsoft Edge.
Workaround: There is no workaround for this in Microsoft Internet Explorer.
Symptom: Upgrade from an older version causes top menu items to launch different pages.
Condition: When user upgrades to version 3.4 from older versions, the page reloads after the upgrade and clicking the top menu items may launch different pages.
Workaround: Clear the browser cache and launch CCP Express again. This is because top menu was rearranged and after the installation, the old file is present on the browser and does not fetch the new file.
Symptom: Safari browser does not do copy to clipboard, download of config and also allow user to enter data in certain fields.
Condition: Safari browser does not support every element currently used. Blob and Datalist are not supported.
Workaround: Datalist is used in few pages where the drop down has values and also allows user to enter any value. This option of entering values will not be available when using Safari. Also Copy to Clipboard and Download of config is not displayed in Safari. In case this support is required, user should use any other supported browser.
Symptom: WAN interface shows status as down in IR800 after configuration using Quick Setup Wizard.
Condition: WAN interface status is retrieved from show ip interface brief and other supported commands. The application lists the status as read from the device configuration. This issue is not consistently reproducible.
Workaround: There is no workaround. The application depends on the IOS platform to provide the status.
Symptom: Quick Setup Wizards provides an option for WiFi AP Config on the IR829 device, but doesn't actually configure the AP.
Condition: This happens when the BVI Interface is not configured.
Workaround : The user has to ensure that BVI IP address is configured before using Wizard WiFi configuration.
Symptom: Default configuration can cause a device lockout.
Condition : The default configuration contains a one-time user, which is removed if logged in via telnet.
Workaround : The default configuration leaves the console without any login credentials. In case of a lockout, the user can always use the console to gain access back to the device. To counter the connectivity issue, the new user is written to the device before the existing one-time user is cleared.
Symptom: On the IR829 Dual-LTE, controller profile configuration results in unnecessary warning for modem-reset.
Condition: When pushing the controller configuration from Quick Setup Wizard, the device issues warnings even when the pushed configuration is the existing default.
Workaround : The fix for this is addressed in CCP Express defect CSCve52052 (Ambiguous instruction to reset modem leads to incomplete workflow). For every profile push, a modem reset is issued from CCP Express in the case of dual LTE. With this fix in the code, the issue of ambiguous instructions displayed to the user leading to configuration breakage is addressed.
Symptom: IOX Device Manager does not launch on theIR809.
Condition : This is caused by a platform bug in IOS 15.6.3M1 release. When IOS is upgraded from 15.6.3M1 to latest 15.6.3M2 the Guest OS product_id is not getting updated with a valid ID and the 'caf' process stops running.
Workaround: To overcome this issue, follow these steps from the Guest OS console.
Check CAF status by executing ' monit summary '. You should be see caf in a Running state.
After following the above steps, the device will be able to launch the IOX manager UI manually as well as from CCP_Exress.
Symptom: WiFi configuration not getting pushed on LAN network change.
Condition: When a user changes the LAN network while using the Quick Setup Wizard, the WiFi configuration gets pushed to the AP. This is followed by a write memory which will save the configuration on the AP. Following this the BVI interface address is updated. But since the network change happened, the AP would not be reachable from 10.10.10.0 network. This means that the change to the BVI Interface IP address is pushed, but is not written to memory. And in case of a reboot or power failure after the day 0 configuration using Quick Setup Wizard, this IP Address change can be lost.
Workaround : In case of a LAN network change, user should login to the router using the new IP address, session in to AP and then issue a write memory. This will ensure that the changes to BVI interface is saved to memory in the AP
Symptom: IR809 cellular interface configuration not working as expected.
Condition: Cellular interface profile changes are returning an error on an IR809 running on 15.6(3)M2 IOS. Additionally, the modem related information is returned as blank values.
Workaround : This platform issue for IR809 is addressed in IOS release15.7. The user should upgrade to this latest version, subject to its availability.
Symptom: Performance issue on the IR800 series.
Condition: The IR800 could display slow performance if the Guest OS is consuming too many CPU resources.
Workaround: Refer to the software configuration guide in the IR800 documentation for examples of performance tuning. This should only be done under the recommendation of Cisco or an authorized partner. 4G performance may be impacted if changed without proper guidelines.
Symptom: Application shows issues when using the Edge Browser. Many elements are not rendered correctly and the user is unable to proceed with actions.
Condition: Some features of the application are not working when using the Edge Browser as compared to other browsers.
Workaround: Use any of the following browsers: Chrome, Firefox, Safari (Mac only) and Internet Explorer 11 (Windows only).
Symptom: On the IR809, when security is configured, IOX access via LAN may not work if the right configuration is not present.
Condition: When security is configured, zones come into effect. So if IOX configuration is done, both the IOX interface as well as the interface acting as the LAN interface should be present in the LAN zone for IOX LAN access to work.
Workaround: The application cannot check if the interface acting as the LAN interface is present in the LAN zone. The user should navigate to the Zones screen under the Security tab, and add the respective interface under Zone LAN. Once this is done, IOX access via LAN should help the user access the Device Manager.
Symptom: Upgrade of CCP Express fails in Edge Browser.
Condition: When using Edge for a CCP Express upgrade, the upgrade process fails. Sometimes this happens frequently. The options are to try again or use Chrome or Firefox browsers.
Workaround: There is no workaround for this in Edge.
Symptom: CPU Graph has a rendering delay when configuration radio options are clicked.
Condition: User launches Dashboard and clicks on CPU Dashlet link. The dashlet loads and displays the data in graph format. If you change the interval options, the graph takes a couple of seconds to load and display the data. This is due to the time taken to query the device and the time for the plugin to render the graph.
Workaround: There is no workaround for this.
Symptom: Password entered in SNMP configuration is not fetched back by the application.
Condition: IOS does not display the password used in SNMP configuration via any supported command. Since the value cannot be fetched back from the device, this field cannot be populated.
Workaround: There is no workaround for this as this is purely from the IOS platform.
Symptom: Safari browser does not list the default ports shown as dropdown for TCP and UDP in extended ACL configuration.
Condition: Safari browser does not support data-list in HTML.
Workaround: There is no workaround in Safari.
Symptom: CCP Express does not defend against CSRF attack.
Condition: CCP Express application can defend against CSRF attack only if the IOS HTTP server employs a usable solution to fix this issue.
Additional documentation available for the Cisco Configuration Professional Express are:
■ Cisco Configuration Professional Express Quickstart Guide
■ Cisco Configuration Professional Express Administration Guide
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.