Full Cisco Trademarks with Software License

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.

Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)

About The Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms

The Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms are best-of-breed, 5G-ready, cloud edge platforms designed for accelerated services, multi-layer security, cloud-native agility, and edge intelligence to accelerate your journey to cloud.

Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms with Cisco IOS XE SD-WAN Software deliver Cisco’s secure, cloud-scale SD-WAN solution for the branch. The Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms are built for high performance and integrated SD-WAN Services along with flexibility to deliver security and networking services together from the cloud or on premises. It provides higher WAN port density and a redundant power supply capability. The Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms have a wide variety of interface options to choose from—ranging from lower and higher module density with backward compatibility to a variety of existing WAN, LAN, voice, and compute modules. Powered by Cisco IOS XE, fully programmable software architecture, and API support, these platforms can facilitate automation at scale to achieve zero-touch IT capability while migrating workloads to the cloud. The Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms also come with Trustworthy Solutions 2.0 infrastructure that secures the platforms against threats and vulnerabilities with integrity verification and remediation of threats.

The Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms are well suited for medium-sized and large enterprise branch offices for high WAN IPSec performance with integrated SD-WAN services.

For more information on the features and specifications of Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms, refer to the Cisco Catalyst 8300 Series Edge platforms datasheet.


Note


SFP ports on C8200-1N-4T platforms can only support 1 GB speed even though the copper SFP module does support the 10/100M speed.



Note


Sections in this documentation apply to all models of Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms unless a reference to a specific model is made explicitly.



Note


Cisco IOS XE Cupertino17.9.1a is the first release for the Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms in the Cisco IOS XE Cupertino 17.9.x release series.


Product Field Notice

Cisco publishes Field Notices to notify customers and partners about significant issues in Cisco products that typically require an upgrade, workaround or other user action. For more information, see https://www.cisco.com/c/en/us/support/web/field-notice-overview.html.

We recommend that you review the field notices to determine whether your software or hardware platforms are affected. You can access the field notices from https://www.cisco.com/c/en/us/support/web/tsd-products-field-notice-summary.html#%7Etab-product-categories.

New and Changed Hardware and Software Features

New and Changed Hardware Features

There are no new hardware features in this release.

New and Changed Software Features

Feature Navigator

You can use Cisco Feature Navigator (CFN) to find information about the software features, platform, and software image support on Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms. To access Cisco Feature Navigator, go to https://cfnng.cisco.com/.


Note


To access CFN, you do not require an account on cisco.com.


New and Changed Software Features in Cisco IOS XE 17.9.7b

There are no new features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.7a

There are no new software features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.6

There are no new software features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.5f

There are no new software features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.5e

There are no new software features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.5a

There are no new software features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.4a

There are no new features in this release. This release provides a fix for CSCwh87343: Cisco IOS XE Software Web UI Privilege Escalation Vulnerability. For more information, see the Security Advisory: cisco-sa-iosxe-webui-privesc-j22SaA4z.

New and Changed Software Features in Cisco IOS XE 17.9.4

There are no new software features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.3a

There are no new software features in this release.

New and Changed Software Features in Cisco IOS XE 17.9.2a

There are no new software features in this release.

New Software Features

Table 1. Software Features in Cisco Catalyst 8200 and Cisco Catalyst 8300 Series Edge Platforms IOS XE Cupertino 17.9.1a

Feature

Discription

10G SFP Module Support on Cisco Catalyst 8300 Edge Series Platforms

Cisco Catalyst 8300 Edge Series Platforms now supports newer 10G SFP module. For the complete list of supported SFP modules, see the Optics Compatibility Matrix.

IPsec Dual Stack Support on Non Cisco Devices

This feature provides the capabilities to carry both IPv4 and IPv6 traffic using a single IPsec Security Association (SA) that is tunnelled over IPv4. From IOS XE release 17.9.1a onwards, Cisco supports specific subnets in the access control list when the ingress end of the tunnel interface is configured with a third party IPsec client. With the introduction of the SVTI single security association dual stack feature, you can now manage the business-to-business services and other IOT business efficiently.

Support for BGP additional paths with label-unicast unique mode

This enhancement introduces support for configuring BGP additional paths when label-unicast unique mode is configured.

Support for Unicast-to-Multicast Destination Reflection

This feature introduces support for configuration of unicast-to-multicast destination reflection to facilitate unicast-to-multicast destination translation and unicast-to-multicast destination splitting. It also provides the capability for users to translate externally received unicast destination addresses to multicast addresses.

Smart Licensing Using Policy Features

New mechanism to send data privacy related information

A new mechanism to send data privacy related information was introduced. This information is no longer included in a RUM report.

If data privacy is disabled (no license smart privacy {all|hostname|version} command in global configuration mode), data privacy related information is sent in a separate sync message or offline file.

Depending on the topology you have implemented, the product instance initiates the sending of this information in a separate message, or CSLU and SSM On-Prem initiates the retrieval of this information from the product instance, or this information is saved in an offline file.

For more information, see license smart (global config).

Hostname support

Support for sending hostname information was introduced.

If you configure a hostname on the product instance and disable the corresponding privacy setting (no license smart privacy hostname command in global configuration mode), hostname information is sent from the product instance, in a separate sync message or offline file.

Depending on the topology you have implemented, the hostname information is received by CSSM, CSLU, and SSM On-Prem. It is then displayed on the corresponding user interface.

For more information, see license smart (global config).

Note

 

With the introduction of this enhancement, the hostname limitation which existed from Cisco IOS XE Amsterdam 17.3.2 to Cisco IOS XE Cupertino 17.8.x – is removed. In these earlier releases, hostname information is not sent or displayed on various licensing utilities (CSSM, CSLU, and SSM On-Prem).

RUM Report Throttling

For all topologies where the product instance initiates communication, the minimum reporting frequency is throttled to one day. This means the product instance does not send more than one RUM report a day.

The affected topologies are: Connected Directly to CSSM, Connected to CSSM Through CSLU (product instance-initiated communication), CSLU Disconnected from CSSM (product instance-initiated communication), and SSM On-Prem Deployment (product instance-initiated communication).

This resolves the problem of too many RUM reports being generated and sent for certain licenses. It also resolves the memory-related issues and system slow-down that was caused by an excessive generation of RUM reports.

You can override the reporting frequency throttling, by entering the license smart sync command in privileged EXEC mode. This triggers an on-demand synchronization with CSSM or CSLU, or SSM On-Prem, to send and receive any pending data.

RUM report throttling also applies to the Cisco IOS XE Amsterdam 17.3.6 and later releases of the 17.3.x train, and Cisco IOS XE Bengaluru 17.6.4 and later releases of the 17.6.x train. From Cisco IOS XE Cupertino 17.9.1, RUM report throttling is applicable to all subsequent releases.

Virtual Routing and Forwarding (VRF) Support

On a product instance where VRF is supported, you can configure the license smart vrf vrf_string command and use a VRF to send licensing data to CSSM, or CSLU, or SSM On-Prem.

Note

 
When using a VRF, the supported transport types are smart and cslu only.)

For more information, see license smart (global config).

ROMMON Compatibility Matrix

The following table lists the ROMMON releases supported in Cisco IOS XE 17.9.x releases.

Table 2. Minimum and Recommended ROMMON Releases Supported on Cisco Catalyst 8200 and Catalyst 8300 Series Edge Platforms respectively

Platforms

Cisco IOS XE Release

Minimum ROMMON Release Supported for IOS XE

Recommended ROMMON Release Supported for IOS XE

Catalyst 8300 Series Edge Platforms

C8300-1N1S-4T2X|6T

17.9.4

17.3(1r)

17.9(7r)

C8300-2N2S-4T2X|6T

17.9.4

17.3(1.2r)

17.7(1r)

Catalyst 8200 Series Edge Platforms

C8200-1N-4T

17.9.4

17.4(1r)

17.6(8.1r)

C8200L-1N-4T

17.9.4

17.5(1.1r)

17.6(8.1r)

Cisco Bug Search Tool

Cisco Bug Search Tool (BST) is a gateway to the Cisco bug-tracking system, which maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. The BST provides you with detailed defect information about your products and software.

Resolved Bugs in Cisco IOS XE 17.9.7b

Identifier

Headline

CSCwn78740

Device silent reload with CpuCatastrophicError.

Open Bugs in Cisco IOS XE 17.9.7b

There are no customer impacting bugs that were identified in this release.

Resolved Bugs in Cisco IOS XE 17.9.7a

Identifier

Headline

CSCwk31560

NAT Command not readable after reloaded.

CSCwm78086

BFD session is down after change tloc preference with pairwise-keying enabled.

CSCwk65071

Unexpected reboot due to IOSXE-WATCHDOG DBAL EVENTS after cellular interface flap.

CSCwm48755

Static IP NAT outside entry is translating traffic only in one direction with MPLS VPN.

CSCwn56474

Pairwise-keying every single BFD session up/down which trigger tunnel delete/create events.

CSCwm05395

Add event cause in ipsec vesen log.

CSCwf77488

IOSd crash after Radium boot up and online.

CSCwn19888

Device may experience a "qfp-ucode" crash due to stuck thread condition.

CSCwn07671

Tracker group with IP and DNS name tracker elements goes down when DNS query fails.

CSCwj92560

STCAPP command removed from device after reload.

CSCwi59183

C-NIM-1X sometimes print "FPGA firmware is upgraded. Need to reload the module".

CSCwm81900

CPP crashed during UTD security policy config on device.

CSCwk03686

Crash due a segmentation fault due a negative value.

CSCwd01261

MACsec with Non XPN cipher suite can't rekey as expected when PN reach 75%(2^32 - 1).

CSCwh50510

Router Crash with Segmentation fault(11), Process = NHRP when processing NHRP traffic.

CSCwn20614

After change integrity-type twice, all BFD sessions will be down.

CSCwh45169

Unexpected Reboot while Dispalying Information from Cleared SSS Session

CSCwm07396

Few BFD sessions down after clear mka session on client.

CSCwk97930

Crash occurs when IPv6 packets with link-local source are forwarded to SDWAN tunnels.

CSCwk45165

fman_fp memory leak on device.

CSCwk37351

Unexpected Reboot during PVDM OIR.

CSCwi87546

CPP unexpectedly reboot due to QFP CPP stuck at waiting for rw_lock - Lock id of 0 released.

CSCwn31739

Device crashes when EPC is configured on 100Gb link.

CSCwn24226

GETVPN Mismatch in GMs reported across COOP Due to KEK Sync Issue Between Prim & Sec KSs.

CSCwk95044

Packet Drops observed with Packet Duplication enabled when the Primary TLOC is shut.

CSCwk75459

MGCP GW fails to respond with 250 OK when there's a delay from dataplane in gathering stats.

CSCwm07651

An IOS XE Router running as a cEdge may experience an unexpected reset due to dbgd process.

CSCwe07349

SFP/SFP+ port goes down with I2C bus stuck

CSCwm79570

Cisco IOS and IOS XE SNMP Denial of Service Vulnerabilities.

CSCwm89600

Cisco IOS and IOS XE SNMP Denial of Service Vulnerabilities.

CSCwm79581

Cisco IOS and IOS XE SNMP Denial of Service Vulnerabilities.

CSCwm79554

Cisco IOS and IOS XE SNMP Denial of Service Vulnerabilities.

CSCwm79596

Cisco IOS and IOS XE SNMP Denial of Service Vulnerabilities.

CSCwm79577

Cisco IOS and IOS XE SNMP Denial of Service Vulnerabilities

CSCwm08791

Dial-peer never recovers an active state if it goes partial or busyout.

CSCwm01029

CUBE gets forked 180 and 183 with SDP, CUBE is not adding SRTP key when sending 183, causing failure.

CSCwn49403

CUBE incorrectly offers rtp instead of srtp in 200OK for srtp fallback scenario.

CSCwn19326

CDR file accounting creates dummy files.

CSCwm03319

Optimize voip trace handling with tenants.

CSCwn61584

Listen-port command is not working properly under tenants for UDP.

CSCwm73825

Crash observed on ISR 4321, while performing the conference call.

CSCwn48914

Router crash during SGW sync in VOICE REG BG Process.

CSCwm32946

CUBE doesn't relay/pass 488 Media Unacceptable from one leg to another leg for FAX (T.38) Re-INVITEs.

CSCwi77331

Unexpected reboot after CLI "show sip-ua connection".

CSCwn13988

CDR file accounting credentials exposure.

CSCwn60303

Router cube sip-ua commands lost after reload.

CSCwm91195

Memory leak on CUBE in subscribe pass-thru scenario.

CSCwk44855

Cannot dial to/from phone after it reboots in survivability mode.

CSCwm82247

CUBE memory leak for SIP out-of-dialog SUBSCRIBE under CCSIP_SPI_CONTROL process.

CSCwm79213

"setPthruCryptoData: mfPthruCrypto NULL" showing up excessively in the log.

CSCwm91175

OOD Subscribe with event message-summary is causing memory leak on CUBE.

CSCwn09710

Memory leak under *Dead* caused by AFW_application_proc.

CSCwm39795

DATA_RECREATE_ERR: (STBY-Modify): HA Module DSP_MSP reported CALL_MODIFY RECREATE failure on standby.

CSCwm79956

Memory leak under *Dead* caused by AFW_application_proc.

Open Bugs in Cisco IOS XE 17.9.7b

There are no customer impacting bugs that were identified in this release.

Resolved Bugs in Cisco IOS XE 17.9.6

Identifier

Headline

CSCwj70335

Crypto IKEv2 - Fragmented authentication packets detected as malformed on 3rd party vendor device.

CSCwf84960

C-NIM-2T: LED L remains green after port shutdown.

CSCwj08744

Unexpected reload when using the show running-config full | format command.

CSCwi01046

PoE module is not providing enough power to bring the ports after an unexpected reload.

CSCwi93422

Unexpected reload due IPV6 TCP packet in QFP.

CSCwj68151

Port-channel with service instances down on C-NIM-2T module.

CSCwh96578

SKA_PUBKEY_DB leak in TDL.

CSCwi08171

Device may crash due to Crypto IKMP process.

CSCwj02246

The SFP EN LED on the device is not lighted up after interface no shutdown.

CSCwi68865

Memory leak in Crypto IKEv2 due to C_NewObject.

CSCwj88872

IPsec tunnel fails to establish due to error IPSec policy invalidated proposal.

CSCwj40589

Endpoint tracker using DNS does not log down message when DNS server reachability is lost.

CSCwk23723

The device's mean queue calculation is incorrect on wred hierarchical QoS

CSCwk33173

EzPM application-performance profile cause memory leak and crash with long-lived idle TCP flows.

CSCwj36946

ROMMON 17.6(8.1r) release for auto-upgrade.

CSCwb47658

Repeated and endless messages Network change event - activated 4G Carrier Aggregation.

CSCwj45130

Segmentation Fault - Process = IPSec dummy packet process.

CSCwi06404

PKI crash after failing a CRL fetch.

CSCwj36915

C-NIM-2T: macsec not working under LACP port-channel member port.

CSCwk12524

Device reloaded due to ezManage mobile app service.

CSCwj72888

Reload in tcp_sanity due to l4 pointer not set.

CSCwj48421

FlexVPN Client : IPsec tunnels are down due to issue with SADB detach and delete.

CSCwi59834

The entSensorThresholdValue OID for PDU1 missing.

CSCwi25737

Router should discard IKE notification messages with incorrect DOI.

CSCwi14899

Device dropping IPsec traffic when SVI is used as a source for DMVPN tunnel.

CSCwh50628

Race condition crash on IOS-XE device.

CSCwi78365

Trim installed certificate on upgrade.

CSCwk53680

Inbound calls through the voice gateway results in phantom calls.

CSCwi09301

Shutting a Dialer interface with PPPoA unshuts it automatically.

CSCwj84949

Unencrypted traffic due to Non-functional IPsec tunnel in FlexVPN hub and spoke setup.

CSCwk15127

Failure to communicate a period of time after the stp status changes.

CSCwj86794

Device crashes while processing an NWPI trace.

CSCwj73113

MGCP GW does not respond with 250 OK for a DLCX leading to DLCX loop from CUCM side.

CSCwi59202

C-NIM-2T cannot boot up in IOS.

CSCwj30334

Device rebooted when attempting merge on used CVLA block.

CSCwj13681

Device can only store 64 FQDN patterns, but configuration accepts more than 64.

CSCwj23735

CUBE - "rtp port range" configuration lost under "voice service voip" after reload.

CSCwj26668

Wrong audio rtp packet marking for SCCP SRST.

CSCwj54666

SIP cause code incorrect for CCAPI cause code 31.

CSCwi27011

Inbound- Outbound call drops with CC=47.

CSCwk81414

CUBE Sending + on DID Number When "+" is Showing in the Line Text Label portion of From Header.

CSCwi39253

Out of Dialog SIP options ping not received but dial peer status still shows as active.

CSCwj95128

CUBE incorrectly change dtmf payload in asymmetric case.

CSCwj23804

Password created with "key config-key password-encrypt" ending with a "\" are lost after reload.

CSCwj05139

CUBE incorrectly switch to flow-trough mode on one leg after reinvite in Anti-trombone case.

CSCwj82258

Router may crash during transfer call flow in SRST.

CSCwi51157

CUBE routers crashing due to a Segmentation Fault in CCSIP_SPI_CONTROL process.

CSCwj98360

Media forking not working in CUBE.

CSCwi62717

Ambiguous CLI 'exit' under 'voice class tenant'.

CSCwh81312

NO MEMORY seen in standby router while checkpointing legs.

CSCwj75508

SRST running on router fails to register SCCP phones after reload.

CSCwj03696

Cannot call device in survivability mode if its ID ends with "T", CUBE Enterprise.

CSCwj05013

CUBE Media Proxy(CMP) dual forking not working after upgrade.

CSCwi69071

Unexpected reload caused by crash in 'Skinny Msg Server' process.

CSCwk08864

"authentication" command under dial-peer is missing "challenge.

CSCwj41553

SGW calling to TDM, AOR is not getting changed to number.

CSCwj59262

SIPREC Secure media forking -1 of 2 Audio Streams is encrypted due to same key sent for both streams.

CSCwi47242

Destination calling e164-pattern-map doesn't work.

CSCwk21056

Unexpected reboot due to HTTPc when executing XCC.

CSCwi77331

Unexpected reboot after CLI "show sip-ua connection".

CSCwj93967

History-Info header compatibility between CUBE and MS Direct Routing.

CSCwi59377

Calls are intermittently hitting the incorrect di.

Open Bugs in Cisco IOS XE 17.9.6

Identifier

Headline

CSCwj79987

Device does not establish BFD sessions after an upgrade.

CSCwk89256

Speed mismatch in IOS-XE configuration after device template pushed on the device.

CSCwk31560

NAT command not readable after reloaded.

CSCwh22414

Warning and critical CPU utilization thresholds not recomputed when using data-plane-heavy mode.

CSCwj44868

GETVPN coopks and wrong severity for rekey acknowledgement configuration mismatch log message.

CSCwm07651

Device crash due to dbgd process.

CSCwk49806

Device rebooted unexpectedly due to process NHRP crash.

CSCwi31110

Traceback seen @_nhrp_cache_delete due to negative global cache count.

CSCwb55514

Unexpected reboot of the ESP seen after enabling platform qos port-channel-aggregate.

CSCwe22066

Unexpected reload on IOS XE device due to cmand process with PIM.

CSCwk63722

Startup configuration failure post PKI server enablement.

CSCwj77594

IOS XE Controller Mode - WAN IP is allowed to be configured as System IP.

CSCwh44418

ARP incomplete in VRF Management interface - G0/0/0. It is recommended to switch the interface to G0.

CSCwj16153

Device front-panel port do not go down on single mode fiber when Rx side goes down.

CSCwk75459

MGCP GW fails to respond with 250 OK when there is a delay from dataplane in gathering statstics.

CSCwf73123

BFD timers reverting back to default value after negotiating correctly.

CSCwk61133

Process IOMd memory leak due to POE TDL message.

CSCwk03686

Crash due a segmentation fault due a negative value.

CSCwb25507

CWMP: Add vendor specific parameter for NBAR protocol pack version.

CSCwh50510

Device crash with segmentation fault(11), Process = NHRP when processing NHRP traffic.

CSCwk31715

After deleting a NAT configuration, the IP address still shows up in routing table.

CSCwm27005

CCA Detected logic error, code = 14" Traceback seen constantly.

CSCwf25735

QoS more than four remark with set-cos not work.

CSCwk30527

IKEv2 session is down after reload if identity local address is assigned to interface.

CSCwh45169

Unexpected Reboot while dispalying information from cleared SSS session.

CSCwk44078

GETVPN and migrating to new KEK RSA key does not trigger GM re-registration.

CSCwm27647

BFD sessions are down and not recovering for one color after hub replacement.

CSCwm32269

SBEN Onboarding fails - EAP-TLS failed to fetch IP address.

CSCwm13223

Device crashes in IOSd due to Malformed DMVPN-5-NHRP_RES_REPLY_IGNORE Syslog.

CSCwk22942

Unable to build two IPSec SAs with the same source and destination where one peer is PAT'd through the other.

CSCwh41497

DDNS update retransmission timer fails to work with a traceback error.

CSCwk79454

Endpoint tracker does not fail if default route is removed.

CSCwh12093

Enable SoS and ROCfeature for DSL.

CSCwm14665

Enable BFD L2 messages in the Punt path.

CSCwk37351

Device reboots unexpectedly during PVDM OIR.

CSCwh17102

Device showing 500 Max HSRP groups instead of 31.

CSCwc86434

Static NAT DIA inside static routes being advertised over OMP to remote sites.

CSCwi98707

PCM captures on voice-port fail or cause NIM module reloads.

CSCwi72295

Inconsistencies with openconfig-interfaces:config yang model in IOS-XE after defaulting interface.

CSCwi16111

IPv6 tcp adjust-mss not working after delete and reconfigure.

CSCwi63042

Packet drops observe between LISP EID over GRE Tunnel.

CSCwi62098

The show crypto ipsec sa command displays incorrect replay status.

Resolved Bugs - Cisco IOS XE 17.9.5f

There are no customer impacting bugs that were fixed in this release.

Open Bugs - Cisco IOS XE 17.9.5f

There are no customer impacting bugs that were identified in this release.

Resolved Bugs - Cisco IOS XE 17.9.5e

Identifier

Headline

CSCwi88969

FMFP-3-OBJ_DWNLD_TO_DP_FAILED observed when delete and configure zone-pair back.

CSCwi06404

PKI crash after failing a CRL Fetch.

CSCwi04547

Custom Application is marked as invalid.

CSCwk84047

Memory Leak due to security violation by new MAC address and '"Del Pend" object increases - ACE_IPV4.

CSCwh96578

SKA_PUBKEY_DB leak in TDL.

CSCwk50488

Memory leak in fman_rp under acl_db.

CSCwj03200

Reboot on IOS-XE during internal SSH certificate check when SSH session is started from device.

CSCwm81900

CPP crashed during UTD security policy configuration on the device.

CSCwj40589

Endpoint tracker using DNS does not log "DOWN" message when DNS server reachability is lost.

CSCwi87546

CPP unexpectedly reboot due to QFP CPP stuck at waiting for rw_lock - Lock id of 0 released.

Open Bugs - Cisco IOS XE 17.9.5e

There are no customer impacting bugs that were identified in this release.

Resolved Bugs - Cisco IOS XE 17.9.5a

Identifier

Headline

CSCwh73350

Router keeps crashing when processing a firewall feature.

CSCwh06834

Using special characters in the password while generating TP generates an invalid TP.

CSCwf23291

Device: write or do write saves configuration but RSA keys /SSH lost after reload.

CSCwc79115

Policy commit failure notification and alarm from Cisco Catalyst SD-WAN Controller.

CSCwh68508

Unexpected reboot after establishing control plane of EVPN MPLS and receiving packets.

CSCwi28227

NAT HSL logging vrf-filter is not working.

CSCwf82676

CPU usage mismatch between the show sdwan system status and show proc cpu platform commands.

CSCwf03193

Device crashes with crashinfo files when generated with the segmentation fault, process IPSEC key engine.

CSCwh08434

OMP route is advertised although the route is not available.

CSCwf26875

Ten0/0/2 from port-channel suspends the status when applying the platform qos port-channel-aggregate command.

CSCwf24164

Netflow stops working when flow monitor reaches cache limit.

CSCwh63061

Modem (P-5GS6-GL) is showing four additional NR bands support - 1, 3, 7, and 28.

CSCwf65540

Running tests on ThousandEyes Agent causes tracebacks on device running TE in docker container.

CSCwe14885

VPN is established although the peer is using a revoked certificate for authentication.

CSCwd17272

UTD packet drop due to fragmentation for ER-SPAN traffic.

CSCwf55243

Device is crashing while adding a trustpoint to the router .

CSCwh49644

CSDL Compliance failure : Use of 3DES by IPSec is denied.

CSCwh32386

Unexpected reload on device due to critical process fman_fp_image.

CSCwf67564

Device observes memory leak at process SSS Manager.

CSCwf78735

Device uses the NIM-1T/4T card for interconnection, and NAT+ GRE over IPsec cannot be applied.

CSCwh30377

Device data plane crash in Umbrella/OpenDNS processing due to incorrect UDP length.

CSCwf34171

The configure replace command fails due to the license UDI PID XXX SN:XXXX line on IOS-XE devices.

CSCwh20734

Crypto PKI-CRL-IO_0 process crash when PKI trustpoint is requested and deleted.

CSCwf96980

Unexpected reboot after configuring application redundancy.

CSCwh01425

ITU channel configuration seems not working on the device.

CSCwh20577

Crashed by Track Client thread at access invalid memory location.

CSCwh00963

Unable to migrate from ADSL to VDSL without reboot.

CSCwh36801

Crash in IP Input process during tunnel encapsulation.

CSCwh96415

DMVPN logging cannot be disabled.

CSCwe85301

Crypto PKI-CRL-IO_0 process crash when PKI trustpoint is deleted.

CSCwf05980

Device dropping Speedtest/IPerf packets with drop reason DROP 19 (Ipv4NoRoute).

CSCwf71557

IPv4 connectivity over PPP not restored after reload.

CSCwf63706

The device HSRP received unexpected active hello packet when interface is recovered.

CSCwf11394

Vdaemon debug log must mention port-hop and reason prior to Distloc.

CSCwf04866

Keyman process crash seen while re-generating SSH key in the device.

CSCwh00332

B2B NAT: when configration IP Nat inside/outside on Vasi intereface, ack/seq number abnormal.

CSCwh08948

Device: show platform hardware throughput crypto command displays ambiguous outputs.

Open Bugs - Cisco IOS XE 17.9.5a

Identifier

Headline

CSCwf84960

C-NIM-2T: LED L remains green after port shutdown.

CSCwh18120

IKEv2 - diagnose feature is taking 11% CPU during session bring up.

CSCwf67983

Device platform USB will not work once the USB is removed and inserted.

CSCwh22414

Warning and critical CPU utilization thresholds not recomputed when using data-plane-heavy mode.

CSCwi01046

PoE module is not providing enough power to bring the ports after an unexpected reload.

CSCwc30418

Segmentation fault observed in ikev2_dupe_delete_reason.

CSCwh12093

Enable SoS/ROC feature for DSL.

CSCwi06843

Endpoint tracker triggers a CPU Hog.

CSCwh80441

Cosmetic 3G issue causing distress - device is displayed as unknown.

CSCwi29637

SFP interface shut down, but the opposing device interface is still up and running.

CSCwi06404

PKI crash after failing a CRL Fetch.

CSCwi46997

NAT command is not readable after being reloaded.

CSCwi33168

DSP reporting out of range utilization values in SNMP.

CSCwi59834

EntSensorThresholdValue OID for PDU1 is missing.

CSCwi08171

Device crashes due to crypto IKMP process.

CSCwi53951

Packets with unicast MAC are dropped on a port channel L2 sub-intf after the device is rebooted.

CSCwb25507

CWMP: Add vendor specific parameter for NBAR protocol pack version

.

CSCwi25737

Device must discard IKE Notification messages with incorrect DOI.

CSCwh50510

Device crashes with segmentation fault(11), process = NHRP when processing NHRP traffic.

CSCwi10735

ZBF drops transit WAAS PSH/ACK packet due to invalid ACK number.

CSCwi53306

Unknown appID in ZBFW HSL log.

CSCwh91136

Traffic not encrypted and droped over IPsec SVTI tunnel.

CSCwe24491

Static NAT with HSRP stops working after removing /adding standby.

CSCwi14899

Device dropping IPsec traffic when SVI is used as source for DMVPN tunnel.

CSCwh41497

DDNS update retransmission timer fails to work with a traceback error.

CSCwi51326

CPP CP SVR crashes after decoding all packets to text (using l2 copy) on fia trace .

CSCwi04547

Cisco SD-WAN custom application is marked as invalid .

CSCwi16111

IPv6 TCP adjust-mss not working after delete and reconfigure.

CSCwi63042

Packet drops observed between LISP EID over GRE tunnel.

CSCwi59202

C-NIM-2T cannot boot up in IOS.

Open Bugs in Cisco IOS XE 17.9.4a

Identifier

Headline

CSCwe95072

Unexpected reload due to memory corruption when modifying and access list.

CSCwf52751

CLI template fails to attach to CG418-E with error access-denied.

CSCwf24164

Netflow stops working when flow monitor reaches cache limit in the Device.

CSCwd61988

Output packet Bytes calculation biase when we enable QoS on port channel.

CSCwf41492

NHRP BFD flaps randomly with dynamic tunnel (NHRP phase 3) in DMVPN.

CSCwe14885

VPN is established although the peer is using a revoked certificate for authentication.

CSCwc86434

Static NAT DIA inside static routes being advertised over OMP to remote sites.

CSCwd17272

UTD Packet drop due to fragmentation for ER-SPAN traffic.

CSCwf55243

Device is crashing while adding a trustpoint to the router.

CSCwe85301

Crypto PKI-CRL-IO_0 process crash when PKI trustpoint is being deleted.

CSCwf34171

The Configure replace command fails due to the "license udi PID XXX SN:XXXX" line on Cisco IOS XE devices.

CSCwf41450

Device reloads changing the resource profile.

CSCvz82148

%CRYPTO_SL_TP_LEVELS-6-VAR_NEW_VALUE message is observed in each write config with same crypto value.

CSCwf25735

QoS more than four remark with set-cos not work.

CSCwf00276

Packets with L2TP headers cause device to crash

CSCwd39257

Cisco IOS XE cpp crash is seen when entering no ip nat create flow-entries command

CSCwf03193

Device crashes with crashinfo files were generated with segmentation fault, process IPSEC key engine.

CSCwf63706

HSRP received unexpected active hello packet when interface recovered.

CSCwf60120

Static NAT entry gets deleted from running config; but remains in startup configiration.

CSCwf51206

EVPN: BUM traffic is not flooded to bridge domain interface.

CSCwf11394

Cisco IOS XE - debug log should mention port-hop and reason prior to DISTLOC

CSCwe51910

SNMP ifindex persist does not work.

Resolved Bugs in Cisco IOS XE 17.9.4

Identifier

Headline

CSCwf48808

FlexVPN: Stale client routes stuck in RIB on FlexServer.

CSCwe93905

NAT ALG is changing the Call-ID within SIP message header causing calls to fail.

CSCwf02225

Device freezes for show sdwan command.

CSCwe28204

Control connection over L3 Tloc extension failing as no NAT table entry created.

CSCwe18124

MACsec remains marked as SECURED, but randomly the traffic stops working.

CSCwe25076

ALG breaks NBAR recognition impacting application firewall performance.

CSCwd87195

NAT configuration with redundancy, mapping id and match-in-vrf options with no-alias support.

CSCwf08698

Device crashes unexpectedly due to a fault in the TLSCLIENT_PROCESS.

CSCwd34941

NAT configuration with no-alias option is not preserved after reload.

CSCwf47796

NHRP cache entries flood matching a /32 default route.

CSCwf09758

Watchdog crashes while importing a large CRL file into switch.

CSCwe41946

DTMF is failing through IOS MTP during call on-hold.

CSCwe37123

Device uses excessive memory when configuring ACLs with Large Object Groups.

CSCwe12194

Auto-update cycle incorrectly deletes certificates.

CSCwd49309

Ucode crash is seen on device with traffic pointing to segfault in coff handler.

CSCwe33793

Memory allocation failure with extended antireplay enabled.

CSCwe66318

NAT entries expire on standby router.

CSCwe31471

Segmentation fault in SD-WAN PB rx when per-tunnel QoS config withdraw.

CSCwd59722

Unexpected reboot due to Cisco IOS XE WATCHDOG: Process = Crypto IKMP.

CSCwe70374

Device platform punt-policer is not configurable.

CSCwf47563

Device is crashing after importing the trustpoint with RSA key pair.

CSCwe18058

Unexpected reload with IPS configured.

CSCwd73783

Observed qfp-ucode-wlc crash.

CSCwe39011

GARP on port up/up status from the router is not received by remote peer device.

CSCwf39490

MCID (Malicious Call Identification) gets broken due to custom prefix setting under STCAPP FAC.

CSCwe19084

NAT: Traffic is not translated to the same global address though PAP is configured.

CSCwe89404

No way audio when using secure hardware conference with secure endpoints.

CSCwa96399

Configuring entity-information xpath filter causes syslogs to print, does not return data.

CSCwe06518

Device: ~23% degradation in IPSEC IPv6 profile in CCO for 1400B.

CSCwc89823

Router crashes due to CPUHOG when walking Cisco FlashMIB @snmp_platform_get_flash_file_info.

CSCwe32862

Cisco IOS XE crashes while executing AES crypto functions.

CSCwf37888

Packet Duplication: Duplicate packets are counted on primary tunnel interface statistics.

CSCwd68994

ISAKMP profile does not match as per configured certificate maps.

CSCwd35047

Failed to ping gateway while configuring SharedLOM with console telnet interface until router reload.

CSCwd49177

ISG Layer 2 Connected Subscriber: IPv6 prefix delegation is not reachable when packet are switched.

CSCwe88689

C8200: ROMMON 17.6(6r) release for auto-upgrade.

CSCvy60823

PCIe Bus and Kernel Errors, Interfaces go down when these errors are seen.

Open Bugs in Cisco IOS XE 17.9.4

Identifier

Headline

CSCwe95072

Unexpected reload due to memory corruption when modifying and access list.

CSCwf52751

CLI template fails to attach to CG418-E with error access-denied.

CSCwf24164

Netflow stops working when flow monitor reaches cache limit in the Device.

CSCwd61988

Output packet Bytes calculation biase when we enable QoS on port channel.

CSCwf41492

NHRP BFD flaps randomly with dynamic tunnel (NHRP phase 3) in DMVPN.

CSCwe14885

VPN is established although the peer is using a revoked certificate for authentication.

CSCwc86434

Static NAT DIA inside static routes being advertised over OMP to remote sites.

CSCwd17272

UTD Packet drop due to fragmentation for ER-SPAN traffic.

CSCwf55243

Device is crashing while adding a trustpoint to the router.

CSCwe85301

Crypto PKI-CRL-IO_0 process crash when PKI trustpoint is being deleted.

CSCwf34171

The Configure replace command fails due to the "license udi PID XXX SN:XXXX" line on Cisco IOS XE devices.

CSCwf41450

Device reloads changing the resource profile.

CSCvz82148

%CRYPTO_SL_TP_LEVELS-6-VAR_NEW_VALUE message is observed in each write config with same crypto value.

CSCwf25735

QoS more than four remark with set-cos not work.

CSCwf00276

Packets with L2TP headers cause device to crash

CSCwd39257

Cisco IOS XE cpp crash is seen when entering no ip nat create flow-entries command

CSCwf03193

Device crashes with crashinfo files were generated with segmentation fault, process IPSEC key engine.

CSCwf63706

HSRP received unexpected active hello packet when interface recovered.

CSCwf60120

Static NAT entry gets deleted from running config; but remains in startup configiration.

CSCwf51206

EVPN: BUM traffic is not flooded to bridge domain interface.

CSCwf11394

Cisco IOS XE - debug log should mention port-hop and reason prior to DISTLOC

CSCwe51910

SNMP ifindex persist does not work.

CSCwh60848

CUBE - SIP Message Queuing Fails to Resume Transmission

Resolved Bugs in Cisco IOS XE 17.9.3a

Identifier

Headline

CSCwd45402

MSR unicast to multicast not working if destination and source are the same in service reflect configuration.

CSCwd07516

Memory leak under linux_iosd-imag related to SNMP.

CSCwd90168

Unexpected reload after running show voice dsp command while an ISDN Call disconnects.

CSCwd16559

ISG FFR: ARP request to reroute nexthop IP is not triggered if ARP entry not in ARP table.

CSCwd45363

IPSEC throughput level / ambiguous outputs.

CSCwc27307

Service engine YANG support for Zone-based Firewall.

CSCwd16664

GetVPN Long SA - GM re-registration after encrypting 2^32-1 of packets in one IPSEC SA.

CSCwd81357

QoS Classification not working for DSCP or ACL + MPLS EXP.

CSCwd89338

Clear ISG existing lite-session upon reception of DHCP packet for same client.

CSCwc99823

Fman crash seen in SGACL@ fman_sgacl_calloc.

CSCwd25107

Interface VLAN1 placed in shutdown state when configured with ip address pool command.

CSCwd61255

Data plane crash is seen on the device when making per-tunnel QoS configuration changes with scale.

CSCwe01015

IKEv2/IPSec - phase 2 rekey failing when peer is behind NAT.

CSCwd03869

CEF DPI load-balancing causes out of order packets.

CSCwc65697

vCube crashing and restarting during call flow.

CSCwd84599

Dataplane memory utilization issue - 97% QFP DRAM memory utilization.

CSCwc99453

Enable license feature hseck9 command on the device.

CSCwe03614

CWMP : MAC address of ATM interface is not included in inform message.

CSCwd38943

GETVPN: KS reject registration from a public IP.

CSCwd06372

Unconditional excessive logging in eogre tunnel error handling case.

CSCvy14316

MPLS VPN traffic dropped due FDB OOM with cause FIAError under scale flow number.

CSCwd85580

Device reloads unexpectedly after set ospfv3 authentication null command.

CSCwd33202

DHCP behavior issue when BDI interface is enabled on WAN and SVI interface.

CSCwd06923

Stale ip alias left after NAT statement got removed.

CSCwd47123

ISG uses identifier mac-address 0000.0000.0000 when DHCP LQ does not reply.

CSCwd72312

GETVPN : Traffic drops is seen on GM after rekey installing policies.

CSCwc14688

Single WAN interface subslot 0/0 timing.

Open Bugs in Cisco IOS XE 17.9.3a

Identifier

Headline

CSCwd39257

IOS-XE cpp crash when entering no ip nat create flow-entries command.

CSCwd63783

Memory leak on vdaemon process caused router reload.

CSCwd97077

Device leaking memory in MallocLite because of telemetry subscription to collect FNF cache.

CSCwe09805

OID for SNMP monitoring of DSP resources are not working as expected.

CSCwe25076

ALG breaks NBAR recognition impacting application firewall performance.

CSCwe14885

VPN is established although the peer is using a revoked certificate for authentication.

CSCwe24491

Static NAT with HSRP stops working after removing and adding standby.

CSCwd17272

UTD Packet drop due to fragmentation for ER-SPAN traffic.

CSCwe32862

Device crashes while executing AES crypto functions.

CSCwe19084

NAT: Traffic is not translated to the same global address though PAP is configured.

CSCwe12652

Incorrect return MIB for ciscoWanCellExtMIB and ciscoWan3gMIB.

CSCwd68994

Unable to match on customer profile based on certificate-map.

CSCwc06327

PFP policy in SRTE, RIB resolution in FC bring down ipsec tunnel interface- stuck at linestate down.

CSCwe38732

IP CEF load sharing command is being changed by the device.

CSCwe39011

GARP on port up/up status from the device is not received by remote peer device.

CSCwd34941

NAT configuration with no-alias option is not preserved after reload.

CSCwh60848

CUBE - SIP Message Queuing Fails to Resume Transmission

Resolved Bugs in Cisco IOS XE 17.9.2a

Identifier

Headline

CSCwc21739

NAT not requesting further for low ports after initial allocation when cli knob "reserved-ports" set.

CSCwc39012

Crash saving tracelogs after "Too many open files" error.

CSCwc03478

VTCP does not support Layer2 correctly.

CSCwc82140

QFP crashes when ZBFW configuration geatures "log dropped-packets" configuration.

CSCwd12591

Device ucode crash is seen during FW classification and the session is becomes free.

CSCwc99668

Device added by IKEV2 is getting deleted at responder.

CSCwc23077

Firewall drop is seen stating “FirewallL4” seen on the device.

CSCwc78528

DSPware 60.1.1 release targeting v179_throttle.

CSCwc44851

Bootstrap is failing on the device.

CSCwc96444

Device is not programming correct next-hop for unicast prefix with multicast config present.

CSCwc49715

Carsh is seen @ UNIX-EXT-SIGNAL: Aborted(6), Process = Check heaps, having PPPoe with cwmp configs.

CSCwb52324

Device unexpected reload due to QFP ucode crash.

CSCwc77183

Packet duplication is causing drops in payment transactions with SdwanGenericDrop code.

CSCwc20170

Device reloads unexpectedly due to critical FTMd fault when VRF configuration is pushed

CSCwb89958

Unified Policy HSL not sending properly NBAR application information.

CSCwc89328

Multiple devices experience crashes every 4 to 5 miniutes.

CSCwc11376

CefcFRUPowerOperStatus false report on the device.

CSCwc45950

ZBFW self zone policy drops SSH session on Mgmt-intf 512 ports.

CSCwc43794

Device VRF+NAT Outside Source Static - Drop packets during FTP (Active-mode) execution.

CSCwc28587

Crashed without generating any core (Critical process plogd fault on rp_0_0 (rc=75).

CSCwc32595

BFD sessions remains down if interface flap form up/down/up.

CSCwb90252

Automatically freeing up filesystems stale image or recovered folder (lost+found).

CSCvz89354

Device crashes due to CPUHOG when walking ciscoFlashMIB.

CSCwc39865

Subscriber session getting stuck and needs clearing it manually.

CSCwb48953

Device speed test failing with "Device Error: Speed test in progress".

CSCwc72923

ERROR information: Device r configuration failed:interface Serial0/1/0:23 isdn switch-type primary-ntt.

CSCwc84967

Intermittent double DTMF due to changing timestamp on a DTMF event.

CSCwb08057

ISG: Number of lite sessions conversion in progress counter not decrementing on failed account-logon.

CSCwd11365

Needs cert update - Azure CGW creation fails due to NVA provisioning failure.

CSCwc79145

Throughput degrades when Local TLOC specified in Data Policy goes down.

CSCwc29629

Crashes when Virtual-Access tries to bring-up/bring-down OSPFv3 ipsec crypto session authentication.

CSCwd13352

SSH from device tgetting closed after the device is updated.

CSCwc77177

BFD and control packets are dropped when ACL is applied on gigi to which loopback is bind.

CSCwc68132

SIG tunnel tracker packets are dropped by firewall with self zone policy.

CSCwd56336

BFD sessions are not coming up after flapping the interface due to low ftm rate.

CSCwd56015

UTD skipped when interface UTD config is used to enable/disable UTD.

Open Bugs in Cisco IOS XE 17.9.2a

Identifier

Headline

CSCwd45508

Device does not form BFD across Serial link when upgrading.

CSCwd23810

IOS-XE: A high CPU utilization caused by NHRP.

CSCwd45402

MSR Unicast-To-Multicast not working if the destinatio and source are the same in service reflect configuration.

CSCwd45363

IPSEC throughput level ambiguous outputs.

CSCwd13050

After upgrade, device moved into out of sync status.

CSCwd12955

NAT translation is not correctly sent to hub router from branch when SSNAT and UTD are configured.

CSCwc28468

Template is not pushed to the device if device is running in FIPS mode.

CSCwc99823

Fman crash is seen in SGACL@ fman_sgacl_calloc.

CSCwd34941

NAT configuration with no-alias option is not preserved after reload.

CSCwd15560

With 2 sequences, should not skip if the match is different and action is same.

CSCwd33966

Unable to configure the local BGP.

CSCwd37410

0365 and MS Teams applications access issues when using DIA with app-list match in data-policy.

CSCvz55282

Serviceability enhancements for config migration failures between releases.

CSCwd36621

CERM may kick in due to IPSec sessions initiated for on-demand tunnels.

CSCwd44006

Control Connection on the device does not come-up with reverse proxy using enterprise certificate.

CSCwd29334

Upgrade failures due to inability to establish netconf connection.

CSCwd11124

Device kernel crash - kernel NULL pointer dereference - error_code(0x0010) - not-present page.

CSCwa14636

Device stopped forwarding traffic. Suspect OMPd is busy.

CSCwd38626

Repeating SYS-2-PAK_SUBBLOCK_BADSIZE: 4 -Process= "<interrupt level>".

CSCwd33202

DHCP behavior issue is seen when BDI interface is enabled on WAN and SVI interface.

CSCwd17381

NAT and DIA traffic is skipping UTD in forward direction after  SSNAT  path from service-side.

CSCwd34860

Device see the increase of "Input errors" without any other specifc errors increasing under show interface command.

CSCwd12330

Invalid TCP checksum in SYN flag packets passing through device.

CSCwd18028

After delete CSP, new CCM bring up on existing CSP is stuck in "Initializing CCM" on MT cluster.

Resolved Bugs in Cisco IOS XE 17.9.7b

Identifier

Headline

CSCwn78740

Device silent reload with CpuCatastrophicError.

Open Bugs in Cisco IOS XE 17.9.1a

Identifier

Headline

CSCwc39012

Crash saving tracelogs after "Too many open files" error.

CSCwc20075

Unable to switch the technology from 4g to 3g.

CSCwb89958

Unified Policy HSL not sending properly NBAR application information.

CSCwc23077

Firewall drop seen stating “FirewallL4” seen on the device.

CSCwb74821

Yang-management process confd is not running, controller mode 17.6.2a.

CSCwc44851

Bootstrap failing on c8300 on 17.9.

CSCwc55684

SIG GRE: Layer 7 Health check doesn't work on Loopback interfaces.

CSCwc56896

Crash is seen in ipv6_tunnel_macaddr while adding/removing gre multi-point tunnel mode.

CSCwc52538

SDWAN flows are not distributed and load-balanced evenly and consistently.

CSCwc55260

Memory leak due to FTMd process.

CSCwc69881

Device lost configuration due to multiple power cycles on site.

CSCwc20170

Device reloads unexpectedly due to critical FTMd fault when VRF configuration is pushed.

CSCwb88621

Device unable to establish control connection with vBond due to out of order DTLS packets.

CSCwc37465

Static NAT configuration in CLI with the no-alias keyword cannot be retrieved via NETCONF/YANG.

CSCwc59598

Device statistics collection causing service-side BFD to flap on every collection interval.

CSCwc50477

Device crashed in ipv4_nat_create_out2in_session_entry

CSCwc67465

Device cannot be upgraded to 17.8.

CSCwc59650

The show sdwan app-fwd cflowd flows vpn X format table does not show all flows for vpn X

CSCwc32595

BFD sessions remains down if interface flap form up/down/up

CSCwc38529

Traffic seems not inspected by UTD when umbrella is set.

CSCwc63563

Unable to set specific speed and duplex values on SFP ports on IOS-XE routing platforms.

CSCwc39865

Subscriber Session getting stuck and needs clearing it manually.

CSCwc43973

DLC is not completing after upgrading to Smart licensing from CSL

CSCwc55467

BFD Tunnel on the router is not staying up, 1 out of 40 tunnels.

CSCwc42978

Device looses all BFD sessions with Invalid SPI.

CSCwc67171

Tracebacks at cgm_avlmgr_class_init and cpuhog_key_init

CSCwb08057

ISG: Number of lite sessions conversion in progress counter not decrementing on failed account-logon.

CSCwc63337

Destination not reachable if configured as a next for a static route resolvable via non /32 OMP.

CSCwc29629

Crashes when Virtual-Access tries to bring-up/bring-down OSPFv3 ipsec crypto session authentication.

CSCwc27208

BFD sessions not coming UP because of ANTI-REPLAY-FAILURES.

CSCwc68132

SIG tunnel tracker packets are dropped by firewall with self zone policy.

CSCwc70468

CPA fail to send SIP Update for AsmT before "maxTermToneAnalysis" expiration.

CSCwc70511

URGENT ISR4331/K9 | Version 17.06.02 | Router Reloaded Unexpectedly.

Communications, Services, and Additional Information

  • To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

  • To get the business results you’re looking for with the technologies that matter, visit Cisco Services.

  • To submit a service request, visit Cisco Support.

  • To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco DevNet.

  • To obtain general networking, training, and certification titles, visit Cisco Press.

  • To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Cisco Bug Search Tool

Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.

Documentation Feedback

To provide feedback about Cisco technical documentation, use the feedback form available in the right pane of every online document.

Troubleshooting

For the most up-to-date, detailed troubleshooting information, see the Cisco TAC website at https://www.cisco.com/en/US/support/index.html.

Go to Products by Category and choose your product from the list, or enter the name of your product. Look under Troubleshoot and Alerts to find information for the issue that you are experiencing.