Read Me First


Note


To achieve simplification and consistency, the Cisco SD-WAN solution has been rebranded as Cisco Catalyst SD-WAN. In addition, from Cisco IOS XE SD-WAN Release 17.12.1a and Cisco Catalyst SD-WAN Release 20.12.1, the following component changes are applicable: Cisco vManage to Cisco Catalyst SD-WAN Manager, Cisco vAnalytics to Cisco Catalyst SD-WAN Analytics, Cisco vBond to Cisco Catalyst SD-WAN Validator, Cisco vSmart to Cisco Catalyst SD-WAN Controller, and Cisco Controllers to Cisco Catalyst SD-WAN Control Components. See the latest Release Notes for a comprehensive list of all the component brand name changes. While we transition to the new names, some inconsistencies might be present in the documentation set because of a phased approach to the user interface updates of the software product.

Related References

User Documentation

Communications, Services, and Additional Information

  • Sign up for Cisco email newsletters and other communications at: Cisco Profile Manager.

  • For information on the latest technical, advanced, and remote services to increase the operational reliability of your network visit Cisco Services.

  • To browse and discover secure, validated enterprise-class apps, products, solutions, and services, visit Cisco Devnet.

  • To obtain general networking, training, and certification titles from Cisco Press Publishers, visit Cisco Press.

  • To find warranty information for a specific product or product family, visit Cisco Warranty Finder.

  • To view open and resolved bugs for a release, access the Cisco Bug Search Tool.

  • To submit a service request, visit Cisco Support.

Documentation Feedback

To provide feedback about Cisco technical documentation use the feedback form available in the right pane of every online document.

Release Notes for Cisco SD-WAN Control Components, Cisco Catalyst SD-WAN Manager Release 20.15.1

These release notes accompany the Cisco Catalyst SD-WAN Control Components, Release 20.15.x, which provides Cisco Catalyst SD-WAN capabilities. They include release-specific information for Cisco Catalyst SD-WAN Controllers, Cisco Catalyst SD-WAN Validators, Cisco SD-WAN Manager as applicable to Cisco Catalyst SD-WAN.

Related Releases

For release information about Cisco IOS XE Catalyst SD-WAN devices, refer to Release Notes for Cisco IOS XE Catalyst SD-WAN device, Cisco IOS XE Release 17.15.x.

What's New for Cisco Catalyst SD-WAN Manager Release 20.15.1

Cisco is constantly enhancing the Cisco Catalyst SD-WAN solution with every release and we try and keep the content in line with the latest enhancements. The following table lists new and modified features we documented in the Configuration, Command Reference, and Hardware Installation guides.

Table 1. Cisco Catalyst SD-WAN Manager Release 20.15.1
Feature Description

Cisco Catalyst SD-WAN Monitor and Maintain

Converged Cisco SD-WAN Manager and Cisco SD-WAN Analytics Dashboard

This feature introduces a converged dashboard in Cisco SD-WAN Manager that merges the monitoring and analytics capabilities from both Cisco SD-WAN Manager and Cisco SD-WAN Analytics. This converged dashboard displays management data from the Cisco SD-WAN Manager alongside analytical insights from Cisco SD-WAN Analytics, all within a single interface.

To view a converged dashboard in Cisco SD-WAN Manager, Cisco SD-WAN Analytics must be onboarded into Cisco SD-WAN Manager.

Additional Report Types and Formats

This feature introduces several new report types, including Security reports, which are available in CSV or PDF format.

Additional Report Filters and Download Options

Generate new report types and download them in both PDF and CSV formats. The My Reports and the Generate report forms are updated to include additional report filters.

Generate an Admin-Tech File with Custom Commands

This feature enhances the output of the admin-tech file with additional command output information. With this feature, You can generate a customized admin-tech file with the required show command output details to help in troubleshooting. Custom admin-tech is independent of tech, core, and logs flag.

Cisco Catalyst SD-WAN Security

Share Traffic Information with Cisco Security Service Edge

Cisco SD-WAN Manager shares VPN and security group tag (SGT) information with Cisco Security Service Edge (SSE). This is called context information. SSE applies different policies to traffic based on the context information of the traffic.

Cisco Catalyst SD-WAN Systems and Interfaces

Configure EtherChannels using Configuration Groups With this feature you can configure EtherChannels on service and transport side using configuration groups.

Load Balancing for EtherChannels on Individual Port Channels

With this feature you can load balance EtherChannels for individual port channels on service and transport side using CLI templates.
Table 2. Cisco IOS XE Catalyst SD-WAN Release 17.15.1a
Feature Description

Cisco Catalyst SD-WAN Systems and Interfaces

Layer 2 (L2) VPN Multihoming and Hub-and-Spoke Support

With this feature, you can configure Layer 2 VPN on multiple devices on the same site in an active/standby configuration.

This feature also enables Layer 2 connections using an indirect path, such as a hub, for point-to-multipoint connections within the Cisco Catalyst SD-WAN fabric.

Configure EtherChannels using Configuration Groups With this feature you can configure EtherChannels on service and transport side using configuration groups.

Load Balancing for EtherChannels on Individual Port Channels

With this feature you can load balance EtherChannels for individual port channels on service and transport side using CLI templates.

Cisco Catalyst SD-WAN Routing

BFD Troubleshooting for Cisco Catalyst SD-WAN Using Radioactive Tracing

This feature provides the ability to troubleshoot BFD protocols using radioactive (RA) tracing.

RA tracing enables debug logs across various processes which participates and handles a particular BFD session.

Multicast Support for Hub and Spoke Topologies

This feature enables efficient distribution of one-to-many traffic for hub and spoke devices. The multicast routing protocols like, IPv4 Multicast, IGMPv3, PIM SSM, PIM ASM, Auto RP and Static RP distribute data to multiple recipients.

Using multicast overlay protocols in hub and spoke topology, a source can send a single packet of data to a single multicast address, which is then distributed to an entire group of recipients.

Cisco Catalyst SD-WAN Policies

Packet Duplication using Underlay Fragmentation

This feature uses adjacency MTU to combine with underlay fragmentation which allows the successful transmission of packets that exceed the MTU limitations by breaking them down into manageable fragments and ensuring their reliable delivery.

Remote Preferred Color in Data Policy

You can set a remote preferred color in the data policy to control traffic routing based on the SLA criteria.

See for Configure Traffic Rules information.

Service Insertion for Equinix

With this feature, you can deploy Palo Alto Networks firewall on Equinix and attach a service chain to Equinix interconnect gateway from the Workflow Library in Cisco SD-WAN Manager.

Cisco Catalyst SD-WAN Security

Cisco Umbrella Scope Credentials

This feature provides the ability to define and configure a new single Cisco Umbrella credential for both Umbrella SIG and Umbrella DNS.

Enhanced SGACL Logging

This feature enhances the Security Group Access Control List (SGACL) logging capability by using High Speed Logging (HSL) for Cisco IOS XE Catalyst SD-WAN devices. SGACL logging through HSL provides a logging method for security events that is more efficient and capable of scaling, useful in network environments experiencing high volumes of traffic.

Zscaler Sub-locations

This feature supports configuration of one or more Zscaler sub-locations for a given location.

Cisco Catalyst SD-WAN Firewall High Availability

By implementing High Availability (HA) in Cisco Catalyst SD-WAN, you can set up two Cisco IOS XE Catalyst SD-WAN devices in either active-active or active-standby configurations. When HA is enabled, features like the Zone Based Firewall (ZBF) and Network Address Translation (NAT) utilize this functionality to synchronize their states between the devices, whether in active-standby or active-active modes. In the event of a failure of the active device, the standby device seamlessly takes over operations without interrupting session flows, thus eliminating the need for reconnection.

Share Traffic Information with Cisco Security Service Edge

Cisco SD-WAN Manager shares VPN and security group tag (SGT) information with Cisco Security Service Edge (SSE). This is called context information. SSE applies different policies to traffic based on the context information of the traffic.

Cisco Catalyst SD-WAN Cloud OnRamp

Cloud OnRamp for SaaS Workflow

Cisco SD-WAN Manager allows you to select specific SaaS applications and identify best performing paths for each of these SaaS applications using a fully-guided workflow.

Cisco Catalyst SD-WAN Monitor and Maintain

Alarm Notifications Using WebHooks

Configure a WebHook URL in Cisco SD-WAN Manager to receive alarm notifications in Webex or Slack.

Connect to and troubleshoot Cisco Catalyst SD-WAN solution using Cisco RADKit

Use tools and Python modules from Cisco Remote Automation Development Kit (RADKit) to securely connect to remote terminals, WebUIs, or desktops. Using RADKit, a TAC engineer can request the required information during the troubleshooting process, from the various devices and services, in a secure and controlled way.

Generate an Admin-Tech File with Custom Commands

This feature enhances the output of the admin-tech file with additional command output information. With this feature, You can generate a customized admin-tech file with the required show command output details to help in troubleshooting. Custom admin-tech is independent of tech, core, and logs flag.

View Packet Duplication Information for Tunnels

This feature provides a single chart option in Cisco SD-WAN Manager for viewing packet duplication information for tunnels.

Cisco Catalyst SD-WAN NAT

Application-Level Gateway (ALG) in Service-Side NAT

Use an application-level gateway (ALG) to interpret the application-layer protocol and perform service-side NAT translations for FTP protocol.

Cisco Catalyst SD-WAN Multi-Region Fabric (also Hierarchical SD-WAN)

Create Regions and Assign Controllers Workflow

Cisco SD-WAN Manager introduces a fully-guided workflow that allows you to create multiple regions within your Cisco Catalyst SD-WAN fabric and assign Cisco SD-WAN Controllers to them.

Policy Groups

Preferred Remote Color in AAR Policy

You can set a remote preferred color in the AAR policy to control traffic routing based on the SLA criteria.

Region Support for Topology

Level topology attribute is supported for custom topologies where you could choose between Sites and Regions. When you add rules to your topology, match conditions using the Region condition.

Regions Support for Policy Groups

Associate devices from a particular region or subregion while deploying policy groups.

Cisco Catalyst SD-WAN Configuration Groups

Configuration Catalog

This feature introduces a catalog functionality which provides a collection of pre-defined intent based configurations and policies.

The Cisco Catalyst SD-WAN Portal hosts the catalog service, which is managed by Cisco. The Cisco SD-WAN Manager can download the readily available, cloud-hosted catalog entries from the Cisco Catalyst SD-WAN Portal and customize them as needed before deploying the configuration objects from the catalog entry onto devices in their network.

Create a Configuration Group Without Using a Workflow

This feature introduces a method for creating configuration groups directly on the Configuration Groups page of Cisco SD-WAN Manager without launching a workflow. After selecting a product solution, you can create a configuration group based on the available profiles for that solution. Cisco SD-WAN Manager creates the configuration group with the required profiles, which you can configure based on your requirement. This feature allows you to reuse previously created profiles. You can create, manage, and deploy the configuration group from one page.

Support for Specifying Default Values for Device Specific Variables of a Feature

You can provide a default value along with description to feature parameters when you select the Device Specific scope. Cisco SD-WAN Manager applies the default value of the parameter to the device while deploying the configuration group.

Cisco Catalyst SD-WAN Network-Wide Path Insight User

Visibility into IPsec Drops

This feature provides enhancements to the Network-Wide Path Insight feature to provide granular visibility into the IPsec drops.

Cisco Managed Cellular Activation

Managed Cellular Activation support for the IoT platforms and modules

The Managed Cellular Activation solution is supported in the IoT platforms and modules.

Cisco Catalyst SD-WAN Rugged Series Router Configuration Guide

Configure GNSS on PIMs Using Cisco SD-WAN Manager

This feature allows you to configure and manage the GNSS (Global Navigation Satellite System) PIM module on Cisco IOS XE Catalyst SD-WAN devices using Cisco SD-WAN Manager.

Deploying Smart Licensing Using Policy in Cisco Catalyst SD-WAN

Workflow for Assigning Licenses to Devices

Introduced the License Assignment Workflow for assigning licenses to devices.

Cisco Catalyst SD-WAN Integrations

Cisco Cyber Vision Integration

Cisco SD-WAN Manager supports integration with the Cisco Cyber Vision network security solution. You can configure devices in the network to monitor traffic on one or more interfaces and send the traffic to Cisco Cyber Vision Center to analyze it for security concerns.

Table 3. Cloud-delivered Cisco Catalyst SD-WAN

Field

Description

Interconnect Between Cisco Catalyst SD-WAN and Cisco Meraki SD-WAN

Cisco SD-WAN Interconnects is an automated workflow which enables administrators to easily configure, deploy, and monitor an interconnect between Cisco Catalyst SD-WAN and Cisco Meraki SD-WAN topologies using the Cisco Meraki dashboard.

You can monitor IPsec tunnel status, eBGP session status, and VPN tunnel statistics from the Interconnects page on the Cisco Meraki dashboard.

Bugs for Cisco Catalyst SD-WAN Control Components Release 20.15.x

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Software and Hardware Behavior Changes in Cisco Catalyst SD-WAN Control Components Release 20.15.1

Behavior Change

Description

When configuring a configuration group for Cisco IOS XE Catalyst SD-WAN devices, to configure cellular connectivity, you can add a Cellular Profile. To add a Cellular Profile, open the Transport & Management Profile, add a Cellular Controller feature, then add a Cellular Profile as a child feature of Cellular Controller.

The Cellular Profile includes fields for the authentication credentials to connect to a cellular network. When you enter a password in the Profile Password field, Cisco SD-WAN Manager encrypts the password. When you display the CLI commands that make up a device configuration in the configuration preview, Cisco SD-WAN Manager displays the password in its encrypted form, not as plain text.

See the Cellular Profile section.

There is a default RBAC role called security_operations. In Cisco Catalyst SD-WAN Manager Release 20.13.x and 20.14.x, this role included permission to enable or disable Cloud SaaS feeds.

In Cisco Catalyst SD-WAN Manager Release 20.15.x, the security_operations role no longer has this permission.

See the Restrictions for Role Based Access Control section.

Updated the aaa netconf-accounting command with supported options.

See the aaa netconf-accounting command.

Software and Hardware Behavior Changes in Cisco IOS XE Catalyst SD-WAN Release 17.15.1a

Behavior Change

Description

Updated the show platform software ipsec fp active flow command output.

The output of the show platform software ipsec fp active flow has been modified. The flow ID now supports a range between 0 - 4294967295. See the show platform software ipsec fp active flow command.

Updated the SLA class threshold values.

See the SLA Classes section, which describes the new SLA class threshold values.

Updated the request platform software sdwanadmin-tech command with supported options.

See the request platform software sdwan admin-tech command.

Updated the Policy Object Profile section with the new behavior on pagination when there are more than 50 profiles.

See the Policy Object Profile section.

Updated the size limit of the organization name to the range 1 to 128 for the organization-name command and the size limit of the interface name to the range 1 to 31 for the interface command.

See the sp-organization-name (system) and interface sections.

Updated the Configure Device Values section with the change in configuration groups for rollback timer. Only the Cellular Gateway solution in the configuration groups supports the rollback timer.

See the Configure Device Values section.

Updated the View Cflowd Information section for the show sdwan app-fwd cflowd commands to include support for up to 4000 flow records for each monitor (IPv4 and IPv6) from the cflowd database.

See the View Cflowd Information section.

Updated the Configure BFD for Routing Protocols section to include that the BFDs on the tunnel interface are inactive if sdwan mode is not configured for the tunnel interface.

See the Configure BFD for Routing Protocols section.

Information about provider and tenant remote servers and images on Cisco SD-WAN Manager.

See the Provider and Tenant Remote Servers and Images section.

Configuration of devices in SDCI cloud gateway extension using configuration groups is not supported.

See the Information About Configuring Devices for AWS Integration Using Configuration Groups section.

The policer increases the burst value when the user-configured value is lower than the calculated value, to prevent congestion and ensure optimal performance.

See the Policer Burst Tolerance section.

A static IP address is assigned by default if you assign a private color to a WAN interface while configuring a site using the configuration group workflow.

See the Overview of Configuration Group Workflows section.

Updated the Response Code End field in the Hunt Stop Rules table for consistency.

See the Server Group section.

In Cisco IOS XE Catalyst SD-WAN Release 17.14.1a and earlier, click the Send to Validator button to send only the controller's serial number once to the Cisco Catalyst SD-WAN Validator.

See the Send the Controller Serial Numbers to Cisco Catalyst SD-WAN Validator section.

Important Notes, Known Behaviors, and Workarounds

Multi-Region Fabric

From Cisco IOS XE Catalyst SD-WAN Release 17.15.1a and Cisco Catalyst SD-WAN Control Components Release 20.15.1, configuration of Multi-Region Fabric secondary regions and subregions is supported only through API.

Cisco Catalyst SD-WAN Manager Upgrade Paths

For compatibility information and server recommendations, see Cisco Catalyst SD-WAN Controller Compatibility Matrix and Server Recommendations.

For information about Cisco SD-WAN Manager upgrade procedure, see Upgrade Cisco SD-WAN Manager Cluster.

Table 4. Upgrade Paths For Cisco Catalyst SD-WAN Control Components Releases 20.6.x and Later Releases
Starting Cisco SD-WAN Manager Version Destination Version

20.6.x

20.7.x

20.8.x

20.9.x

20.10.x

20.11.x

20.12.x

20.13.x

20.14.x

20.15.x

20.6.x

Not Supported

Direct Upgrade

Direct Upgrade

Direct upgrade from 20.9.5.2 and later releases.

Step upgrade from 20.6.1, 20.6.2, and 20.6.3 either to 20.6.4 or 20.9.5.2 and later releases.

or

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.6.1, 20.6.2, and 20.6.3 either to 20.6.4 or 20.9.5.2 and later releases.

or

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.6.1, 20.6.2, and 20.6.3 either to 20.6.4 or 20.9.5.2 and later releases.

or

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.6.1, 20.6.2, and 20.6.3 either to 20.6.4 or 20.9.5.2 and later releases.

or

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.6.1, 20.6.2, and 20.6.3 either to 20.6.4 or 20.9.5.2 and later releases.

or

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.6.1, 20.6.2, and 20.6.3 either to 20.6.4 or 20.9.5.2 and later releases.

or

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

20.7.x

Not Supported

Not Supported

Direct Upgrade

Direct upgrade from 20.9.5.2 and later releases.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

20.8.x

Not Supported

Not Supported

Not Supported

Direct upgrade from 20.9.5.2 and later releases.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Step upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

20.9.x

Not Supported

Not Supported

Not Supported

Not Supported

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

Direct upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 
  • We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

  • If your Cisco Catalyst SD-WAN Manager is running Cisco vManage Release 20.9.x and you are looking to upgrade to Cisco Catalyst SD-WAN Manager Release 20.12.x, we recommend you use the CLI mode of configuration for cluster upgrades. If Cisco Catalyst SD-WAN Manager UI is used for upgrading a cluster, the cluster's nms process fails when the new partition is activated. Continue to use the Cisco Catalyst SD-WAN Manager UI and CLI for standalone Cisco SD-WAN Manager upgrades.

Direct Upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 
  • We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

  • If your Cisco Catalyst SD-WAN Manager is running Cisco vManage Release 20.9.x and you are looking to upgrade to Cisco Catalyst SD-WAN Manager Release 20.12.x, we recommend you use the CLI mode of configuration for cluster upgrades. If Cisco Catalyst SD-WAN Manager UI is used for upgrading a cluster, the cluster's nms process fails when the new partition is activated. Continue to use the Cisco Catalyst SD-WAN Manager UI and CLI for standalone Cisco SD-WAN Manager upgrades.

Direct Upgrade from 20.9.5.2 and later releases.

For cluster upgrade procedure using CLI: request nms configuration-db upgrade

Note

 
  • We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco SD-WAN Manager Release 20.1.1 and later.

  • If your Cisco Catalyst SD-WAN Manager is running Cisco vManage Release 20.9.x and you are looking to upgrade to Cisco Catalyst SD-WAN Manager Release 20.12.x, we recommend you use the CLI mode of configuration for cluster upgrades. If Cisco Catalyst SD-WAN Manager UI is used for upgrading a cluster, the cluster's nms process fails when the new partition is activated. Continue to use the Cisco Catalyst SD-WAN Manager UI and CLI for standalone Cisco SD-WAN Manager upgrades.

20.10.x

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Direct Upgrade

Direct Upgrade

Direct Upgrade

Direct Upgrade

Direct Upgrade

20.11.x

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Direct Upgrade

Direct Upgrade

Direct Upgrade

Direct Upgrade

20.12.x

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Direct Upgrade

Direct Upgrade

Direct Upgrade

20.13.x

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Direct Upgrade

Direct Upgrade

20.14

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Not Supported

Direct Upgrade


Note


To check the free disk space using the CLI,

  1. Use the vshell command to switch to vshell.

  2. In vshell, use the df -kh | grep boot command.



Note


The cluster upgrade must be performed using CLI,

  • The request nms configuration-db upgrade upgrade procedure must be performed only on one node in the cluster.

  • Enter login credentials, if prompted. Login credentials are prompted if all Cisco SD-WAN Manager server establish control connection with each other. After a successful upgrade, all configuration-db services are UP across the cluster and the application-server is started.Enter login credentials, if prompted. Login credentials are prompted if all Cisco SD-WAN Manager server establish control connection with each other. After a successful upgrade, all configuration-db services are UP across the cluster and the application-server is started.

  • To upgrade the configration database and to determine the node that needs an upgrade, enter request nms configration-db status command on each of the nodes. In the output look for the following:

    Enabled: true
    Status: not running

    Note


    After activating a new image on a Cisco SD-WAN Manager host server, the server reboots. After the reboot, for approximately 30 minutes, the output of the request nms configuration-db status command shows Enabled: false even on a node that has the configuration database enabled, while NMS services are being migrated to a containerized form. On the node to upgrade, as determined in the previous step, enter the following: request nms configration-db upgrade



Bugs for Cisco Catalyst SD-WAN Control Components Release 20.15.x

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Bugs for Cisco Catalyst SD-WAN Control Components Release 20.15.x

Resolved Bugs for Cisco Catalyst SD-WAN Control Components Release 20.15.1

Identifier

Headline

CSCwj10872

Unable to upload the file by drag and drop function.

CSCwk32515

Delayed notification (webhook) when one of the Webhook server is unreachable.

CSCwj85252

Cisco VPN Interface IPsec template does not send selected parameters to device.

CSCwk37436

Region ID assignment from Network Hierarchy is not mapped to the CLI configuration.

CSCwk14972

Cisco SD-WAN Manager : Serviceproxy hitting UpstreamOverflow-503/RateLimited-429 causing GUI down issues.

CSCwk27179

OMP: Advertiser IPv4 EIGRP cannot configured by Configuration Group.

CSCwk74660

On-prem CSSM server with IPv6 address gives Error while fetching sa/va list RESTEASY004655.

CSCwj37051

Cisco SD-WAN Manager CLI template fails to attach to CG418-E/CG522-E with error "access-denied".

CSCwj87791

POST /template/device/cli Example is not accurate - apidocs.

CSCwi90351

Uuid in certificate CN checks are case-sensitive, request for uuid checks to be case-insensitive.

CSCwj06854

Cisco IOS XE Catalyst SD-WAN Release 17.14.x UX1.0 Config preview show partial output for Static NAT configuration (interface missing).

CSCwj38614

Cisco Catalyst SD-WAN Manager Release 20.13.x: Enforce software version (ZTP) selected version is not reflected after save.

CSCwk35796

Cisco SD-WAN Manager RealTime show commands display incorrect time when devices are configured with IST timezone.

CSCwi31443

Cisco vEdge device cannot resolve Cisco SD-WAN Validator after reboot for software activation.

CSCwj77440

Cisco SD-WAN Manager apidocs missing schema for some parcels.

CSCwj81863

The rest API uniqueAggregation and cellularAggregation need enahnce example and schema.

CSCwi52276

System crash rebooted with "Software initiated - zebra-1 (pid: 4221)"

CSCwk30596

Cisco SD-WAN Manager: Smart account sync API timeout increase.

CSCwj58673

Cisco Catalyst SD-WAN Manager Release 20.14.x : 206 to 231 build. DR : Standby cluster. services One of the node do not start.

CSCwk39051

Validation Error when using public-internet or red color in custom topology policy.

CSCwk61142

Cisco SD-WAN Manager email alarms failing with SSL and TLS connecting to incorrect port 465.

CSCwk88478

VRRP default timer shows 1000ms in GUI but it show 100ms in preview and pushed 100ms to device.

CSCwi69833

Cisco SD-WAN Manager GUI SSH frontend sends too many requests to backend leading to timeouts, session closed.

CSCwk50045

Cisco SD-WAN Manager - ZTP doesn't permit to select a software.

CSCwj99812

Creating a new branch site on Cisco SD-WAN Manager network design using an old name is failing.

CSCwi87770

Custom rollback timer does not take effect.

CSCwj84723

Harden Cisco SD-WAN Manager certificate process.

CSCwj53683

Cisco SD-WAN Manager variables inconsistent for CSV export of device template.

CSCwk23323

Cisco SD-WAN Manager Cluster: When device is deleted from UI, the NCS entry does not get cleared on all nodes

CSCwj76609

Cisco SD-WAN Manager: Unexpected Reload when Modifying DNS Server Configuration

CSCwj57249

For event based alarms-missing event from device breaks Alarm logic-ReferCSCwj21640 Cisco SD-WAN Manager side fix.

CSCwk37757

Interface API Fails to Fetch Duplex State for Cisco IOS XE Catalyst SD-WAN device interfaces.

CSCwk22840

In 20.9.5.1, deleting the Disaster Recovery is not cleaning the database and the files.

CSCwj69758

On-Demand Tunnel is reported as down on Cisco SD-WAN Manager GUI for several hours.

CSCwk31416

Integration Management page in UI can't populate device list intermittently : rendering issue.

CSCwk27624

Control Policy is Programmed Incorrectly on Cisco SD-WAN Controller.

CSCwj89979

FIS - GUI UX Slowness - CSCwh28301.

CSCwk24904

CG522 - Data connection fails after a sim switchover.

CSCwk19371

Cisco SD-WAN Manager: Netconf errors and slow login.

CSCwc67155

Cisco SD-WAN Manager : HTTP proxy not using ICMP echo requests.

CSCwk00758

Feature name description does not match feature name auto generated from color selected.

CSCwj89565

Template pushes are taking a lot of time for scale setup.

CSCwj87100

Cisco SD-WAN Manager : Looses the entity-ownership after upgrade.

CSCwi59683

MT Controllers - show control connection history doesn't list org name.

CSCwk70854

Evaluation of Cisco SD-WAN Validator for BlastRADIUS vulnerability.

CSCwk70903

BlastRADIUS - RADIUS Protocol impact - CVE-2024-3596.

Open Bugs for Cisco Catalyst SD-WAN Control Components Release 20.15.1

Identifier

Headline

CSCwm09317

Incorrect site deleted from sorted list Configuration > Policies > Edit Policy > Policy Application.

CSCwk09812

Cisco SD-WAN Manager upgrade to version 20.12.3 with 32vCPU on-prem High CPU alarms.

CSCwm08353

WANI App lists are shown in policy compliance check.

CSCwm09265

Server names - Asterisk is not required for custom applications.

CSCwk41441

Cisco SD-WAN Manager template push failed config pull with "Failed to finish the task".

CSCwk85198

Cisco SD-WAN Manager 20.15.1: MC MRF: Audit Out-of-sync and Unmapping failed.

CSCwk23821

Cisco SD-WAN Manager 20.13.1 last-resort circuit button is not doing effect in configuration group.

CSCwk66060

OMP extranet policy not exporting all the routes for the prefixes.

CSCwk79499

Variable field is missing for second UCS-E blade while pushing the template.

CSCwm09327

Wasted space in Policy Application page.

CSCwk66113

"Change Device Values" option removed in Cisco SD-WAN Manager 20.15.

CSCwk37657

The devices brought up with PNP when pre deployed to a config group do not receive the full configuration.

CSCwk74774

Local User not able to login on Cisco SD-WAN Manager 20.12.3.

CSCwk87125

Bfd events are not getting published to messaging server in cluster setup.

CSCwk60384

Controller establishes multiple viptela-device session and affects performance.

CSCwj71739

Viptela Platforms are not following RFC standard for command accounting.

CSCwm01262

Fail to deploy same NFV CG with Switch parcel to different NFVIS devices. Validation Error on Switch.

CSCwm01992

Save option greyed out when trying to edit snmp parcel.

CSCwk89814

Cisco SD-WAN Manager 20.15 - Cisco SD-WAN Manager generates UTD container profile as low though profile is configured as high/medium !

CSCwm59794

Default values for variables name in configuration group aren't accepting more than 60 characters.

Cisco Catalyst SD-WAN Manager API

For information on Cisco SD-WAN Manager Release 20.15.x APIs, see Cisco SD-WAN Manager API.

Cisco Catalyst SD-WAN Manager GUI Changes

This section presents a summary of the significant GUI changes between Cisco Catalyst SD-WAN Manager Release 20.14.1 and Cisco Catalyst SD-WAN Manager Release 20.15.1.

  • Administration menu, Users and Access

    In the Administration menu, the Manage Users menu is renamed to Users and Access.
    Figure 1. Administration Menu
  • Network Hierarchy page, Multi Region Fabric (MRF) tab

    On the Configuration > Network Hierarchy page, the Network Settings tab is renamed to Multi Region Fabric (MRF).
    Figure 2. Network Hierarchy Page, Multi Region Fabric (MRF) Tab
  • Secondary regions and subregions

    On the Configuration > Network Hierarchy page, it is no longer possible to create secondary regions or subregions. From this release, these are supported only through API.

    Figure 3. Network Hierarchy Page

AI Assistant on Cisco SD-WAN Manager

Minimum supported release: Cisco Catalyst SD-WAN Manager Release 20.15.1

On Cisco SD-WAN Manager, click Cisco AI Assistant. The AI assistant is available only to cloud customers. You can use this feature for the following use cases:

  • Product and Features: Provides information about Cisco Catalyst SD-WAN and the features introduced in this release.

  • Monitor Network: Provides information about the network and application health.

To enable the AI assistant feature:

  1. Enable cloud services in Administration > Settings.

  2. Enter the Smart Account Credentials and click Save.

Full Cisco Trademarks with Software License

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.

Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)