Read Me First

Related References

User Documentation

Communications, Services, and Additional Information

  • Sign up for Cisco email newsletters and other communications at: Cisco Profile Manager.

  • For information on the latest technical, advanced, and remote services to increase the operational reliability of your network visit Cisco Services.

  • To browse and discover secure, validated enterprise-class apps, products, solutions, and services, visit Cisco Devnet.

  • To obtain general networking, training, and certification titles from Cisco Press Publishers, visit Cisco Press.

  • To find warranty information for a specific product or product family, visit Cisco Warranty Finder.

  • To view open and resolved bugs for a release, access the Cisco Bug Search Tool.

  • To submit a service request, visit Cisco Support.

Documentation Feedback

To provide feedback about Cisco technical documentation use the feedback form available in the right pane of every online document.

Release Notes for Cisco SD-WAN Controllers, Cisco SD-WAN Release 20.6.x


Note

The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on standards documentation, or language that is used by a referenced third-party product.


These release notes accompany the Cisco SD-WAN Controllers, Cisco SD-WAN Release 20.6.x, which provides Cisco SD-WAN capabilities. They include release-specific information for Cisco vSmart Controllers, Cisco vBond Orchestrators, Cisco vManage as applicable to Cisco SD-WAN Controllers.

Related Releases

For release information about Cisco IOS XE SD-WAN devices, refer to Release Notes for Cisco IOS XE SD-WAN Devices, Cisco IOS XE Release 17.6.x.

For release information about Cisco vEdge Devices, refer to Release Notes for Cisco vEdge Devices, Cisco SD-WAN Release 20.6.x.

What's New for Cisco SD-WAN Controllers Release 20.6.x

Cisco is constantly enhancing the SD-WAN solution with every release and we try and keep the content in line with the latest enhancements. The following table lists new and modified features we documented in the Configuration, Command Reference, and Hardware Installation guides.

What's New for Cisco IOS XE Release 17.6.x

This section applies to Cisco IOS XE SD-WAN devices.

Table 1. Cisco IOS XE Release 17.6.4
Feature Description

Configure Disaster Recovery Alerts

This feature provides support for configuring Cisco vManage alerts to generate an alarm and a syslog message for any disaster recovery workflow failure or event that occurs.

Support for NAT High-Speed Logging

This feature provides the ability to enable or disable high-speed logging (HSL) of all translations by NAT.

The new ip nat log translations flow-export command is introduced.

You can configure NAT HSL using a device CLI or a CLI add-on template.

Renew Device CSR

This feature allows you to reset the RSA private and public keys, and generate a CSR that uses a new key pair. In earlier releases, the generation of CSR used the existing key pair.

DigiCert Migration

This feature enables Digicert certificate authority server in place of Symantec certificate authority server for signing the controller device certificates on Cisco SD-WAN controllers including Cisco vSmart Controller, Cisco vBond Orchestrator, and Cisco vManage. You can protect, verify, and authenticate the identities of organizations and domains using these certificates.

Table 2. Cisco IOS XE Release 17.6.1a
Feature Description

Cisco SD-WAN Getting Started

Quick Connect Workflow for Onboarding Cisco IOS XE SD-WAN Devices

This feature provides an alternative, guided method in Cisco vManage to onboard supported WAN edge devices into the Cisco SD-WAN overlay network. As part of the Quick Connect workflow, basic day-0 configuration profiles are created, which apply to all Cisco IOS XE SD-WAN devices, irrespective of the device model and device family. This workflow adds edge devices to the WAN transport and establishes data plane and control plane connections.

This feature is supported on Cisco IOS XE SD-WAN devices only.

Cisco vManage Persona-based Cluster Configuration

Simplifies adding Cisco vManage servers to a cluster by identifying servers based on personas. A persona defines what services run on a server.

Support for Reverse Proxy with Cisco IOS XE SD-WAN Devices and Cisco SD-WAN Multitenancy

With this feature, you can deploy a reverse proxy device in your overlay network between Cisco IOS XE SD-WAN devices and Cisco vManage and Cisco vSmart Controllers. Also, this feature enables you to deploy a reverse proxy device in both single-tenant and multitenant overlays that include Cisco vEdge or Cisco IOS XE SD-WAN edge devices.

Support for License Management Offline Mode and Compliance Alarms

With this feature, you can manage Cisco SD-WAN licenses through a Cisco vManage instance that is not connected to the internet. To synchronize license and compliance information between Cisco vManage and Cisco SSM, you must periodically download synchronization files from Cisco vManage and upload the files to Cisco SSM.

This feature also introduces compliance alarms that alert you if devices in the Cisco SD-WAN network are not yet licensed.

Cisco SD-WAN Systems and Interfaces

RBAC for Policies

This feature allows you to create users and user groups with required read and write permissions for Cisco vManage policies. RBAC for policies provides users with the access to all the details of policies to help maximize the operational efficiency. It makes it easier to meet configuration requirements and guarantees that authorized users on the system are only given access to what they need.

Implicit ACL on Loopback Interfaces

This feature allows you to configure implicit ACL on loopback interfaces.

You can filter and manage data traffic by configuring implicit ACL on loopback interfaces instead of using the physical WAN interface. This saves public IP address space.

Geofencing

This feature provides a way to restrict a device's location to an operational geographical boundary, and to identify a device's location and report any violations of the configured boundary. If the device is identified to be in violation, you can restrict network access to the device using Cisco vManage operational commands.

In the CLI or a CLI template, configure geofencing coordinates for establishing the location of the device. You can also register for SMS alerts.

Cisco SD-WAN EtherChannel

This feature allows you to configure EtherChannels on Cisco IOS XE SD-WAN devices in service-side VPN.

An EtherChannel provides fault-tolerant high speed link, redundancy, and increased bandwidth between Cisco IOS XE SD-WAN devices and other devices such as routers, switches, or servers connected in a network.

You can configure EtherChannels only using the CLI device templates and CLI add-on feature templates.

Tenant Device Forecasting

With this feature, a service provider can control the number of WAN edge devices a tenant can add to their overlay network. By doing so, the provider can utilize Cisco SD-WAN controller resources efficiently.

Migrate Multitenant Cisco SD-WAN Overlay

This feature enables you to migrate a multitenant Cisco SD-WAN overlay comprising shared Cisco vManage instances and Cisco vBond Orchestrators, and tenant-specific Cisco vSmart Controllers to a multitenant overlay comprising shared Cisco vManage instances, Cisco vBond Orchestrators, and Cisco vSmart Controllers.

Cisco SD-WAN Support for Carrier Supporting Carrier Connectivity

The feature adds support for carrier supporting carrier (CSC) connectivity on Cisco IOS XE SD-WAN devices.

CSC enables you to interconnect IP or multiprotocol label switching (MPLS) networks operating at different sites over an MPLS backbone network. Using CSC requires an edge router that supports CSC functionality, called a carrier edge (CE) device, at each site. This feature enables a Cisco IOS XE SD-WAN device to serve as a CE device, making it unnecessary to have a separate dedicated CE device at each site managed by Cisco SD-WAN.

Wireless Management on Cisco 1000 Series Integrated Services Routers

This feature enables you to configure wireless LAN settings on Cisco 1000 Series Integrated Services using Cisco vManage.

With Cisco vManage, you can automate the wireless LAN controller configuration and provide wireless connectivity without the need of another external controller to configure and manage wireless settings on the routers.

Extended Visibility with Cisco SD-WAN and Cisco ThousandEyes

You can deploy Cisco ThousandEyes Enterprise agent natively as a container application on eligible Cisco IOS XE SD-WAN devices to integrate Cisco SD-WAN with Cisco ThousandEyes. You can install and activate the Cisco ThousandEyes Enterprise agent through Cisco vManage.

By integrating Cisco SD-WAN with Cisco ThousandEyes, you can gain granular insights into network and application performance with full hop-by-hop path analysis across the Internet, and isolate fault domains for expedited troubleshooting and resolution.

Cisco SD-WAN Routing

Radio-Aware Routing Support

This feature enables Radio-Aware Routing (RAR) support on Cisco IOS XE SD-WAN devices. RAR is a mechanism that uses radios to interact with the routing protocol OSPFv3 to signal the appearance, disappearance, and link conditions of one-hop routing neighbors. In a large mobile networks, connections to the routing neighbors are interrupted due to distance and radio obstructions. RAR addresses the challenges faced when merging IP routing and radio communications in mobile networks.

Redistribution of Replicated Routes to BGP, OSPF, and EIGRP Protocols

This feature allows you to configure the following:

- Redistribution of leaked or replicated routes between the global VRF and service VPNs for BGP, OSPF, and EIGRP protocols on Cisco IOS XE SD-WAN devices

- OMP administrative distance option to prefer OMP routes over MPLS routes

- VRRP tracking to track whether a leaked route is reachable

Cisco SD-WAN Policies

SLA Class Support Enhancement

This feature is an enhancement to support more than six SLA classes per policy on Cisco IOS XE SD-WAN devices.

Application-aware Routing and Data Policy SLA Preferred Colors

This feature provides different behaviors to choose preferred colors based on the SLA requirements when both application-aware routing policy and data policies are configured.

Flexible NetFlow Enhancement

This feature enhances Flexible NetFlow to collect type of service (ToS), sampler ID and remarked DSCP values in netflow records. This enhancement provides the flexibility to define flow record fields to customize flow records by defining flow record fields. The ToS and remarked DSCP fields are supported only on IPv4 records. However, the sampler ID field is supported for both IPv4 and IPv6 records.

Cisco SD-WAN Security

Unified Security Policy

This feature allows you to configure a single unified security policy for firewall and UTD security features such as IPS, Cisco URL Filtering, AMP, and TLS/SSL.

Having a single unified security policy simplifies policy configuration and enforcement as firewall and UTD policies can be configured together in a single security operation rather than as individual policies.

Cisco SD-WAN Cloud OnRamp

Support for Cloud OnRamp for SaaS Probing through VPN 0 Interfaces at Gateway Sites

Cloud OnRamp for SaaS tests the performance of (probes) routing paths to find the best routing path for specific cloud application traffic. Using the best routing path for the traffic of a cloud application optimizes the performance of the application.

This feature enables Cloud OnRamp for SaaS to probe through VPN 0 interfaces at gateway sites as part of determining the best path to use for the traffic of specified cloud applications. This extends the best path probing to include more of the available interfaces connected to the internet.

Using this feature, Cloud OnRamp for SaaS can probe interfaces at a gateway site, whether they use service VPNs (VPN 1, VPN 2, and so on) or the transport VPN (VPN 0). This is helpful when a branch site connects to the internet, exclusively or in part, through a gateway site that uses a VPN 0 interface to connect to the internet.

Cloud onRamp for SaaS over SIG Tunnels

This feature allows you to connect to Cloud onRamp for SaaS by means of a SIG tunnel.

Cloud onRamp for SaaS over SIG tunnels provides you secure access to the SaaS applications, and the capability to automatically select the best possible SIG tunnel for accessing the SaaS applications.

Routing Traffic Flow to a Virtual Hub Firewall or a Local Firewall

This feature enables you to route Microsoft Azure Virtual WAN hub traffic to a firewall on a local branch router, or direct local branch traffic to an Azure secured virtual hub, to be subject to the security policies of the Azure Firewall Manager.

Cisco SD-WAN and Google Service Directory Integration and Support for Cloud State Audit and Cloud Resource Inventory

With the integration of Google Service Directory with the Cisco SD-WAN solution, you can discover your applications in the Google cloud using Cisco vManage. You can use the discovered applications to define application-aware routing policies in Cisco vManage.

The Audit feature in Cisco vManage is now extended to Google Cloud integration. Use this option to ensure that the states of the objects in Google Cloud stay in sync with Cisco vManage state.

Cloud Resource Inventory in Cisco vManage retrieves a detailed list of your cloud objects, their identifiers, the timestamps when such objects were created, and so on.

Cisco vManage Support for Monitoring Multicloud Services

This feature enables you to monitor your multicloud network using the Cisco vManage UI.

Cisco SD-WAN Cloud Interconnect with Megaport: Interconnects to Google Cloud and Microsoft Azure

You can deploy a Cisco Catalyst 8000v Edge Software (Cisco Catalyst 8000V) instance as the interconnect gateway in the Megaport fabric and connect an SD-WAN branch location to the interconnect gateway. From the interconnect gateway, you can create software-defined interconnects to Google Cloud VPCs, or Microsoft Azure VNets or Virtual WANs to link your branch location to the cloud resources through the Megaport fabric.

Cisco SD-WAN Cloud Interconnect with Equinix

You can deploy a Cisco Cloud Services Router 1000V (Cisco CSR 1000V) instance as the Interconnect Gateway in the Equinix fabric and connect an SD-WAN branch location to the Interconnect Gateway. From the Interconnect Gateway, you can create software-defined interconnects to an AWS cloud onramp or another interconnect gateway in the Equinix fabric.

Cisco SD-WAN AppQoE

DRE Profiles

This feature provides the flexibility to use resources for DRE based on your connection requirements by applying profiles such as S, M, L, and XL.

Apply DRE profiles using the AppQoE feature template in Cisco vManage.

UCS-E Series Server Support for Deploying Cisco Catalyst 8000V

This feature lets you deploy Cisco Catalyst 8000V instances, on supported routers, using the UCS-E series blade server modules. With this feature, the supported routers can be configured as integrated service nodes, external service nodes, or hybrid clusters with both internal and external service nodes.

Enhanced Troubleshooting for AppQoE

This release introduces additional show commands to verify and troubleshoot issues in AppQoE features. A few existing show commands for AppQoE have also been enhanced.

- show sdwan appqoe error recent

- show sdwan appqoe status

- show sdwan appqoe flow closed (command modified to include the keyword error)

- show sslproxy status (command output modified)

Cisco SD-WAN Monitor and Maintain

Generate System Status Information for a Cisco vManage Cluster Using Admin Tech

This feature adds support for generating an admin-tech file for a Cisco vManage cluster. The admin-tech file is a collection of system status information intended for use by Cisco SD-WAN Technical Support for troubleshooting.

Prior to this feature, Cisco SD-WAN was only able to generate an admin-tech file for a single device.

View Generated Admin-Tech Files at Any Time

This feature adds support for viewing generated admin-tech files whenever the admin-tech files are available on a device.

You can view the list of generated admin-tech files and then decide which files to copy from your device to Cisco vManage. You can then download the selected admin-tech files to your local device, or delete the downloaded admin-tech files from Cisco vManage, the device, or both.

Additional Real Time Monitoring Support for Routing, License, Policy, and Other Configuration Options

This feature adds support for real time monitoring of numerous device configuration details including routing, license, policy, Cloud Express, Cisco vBond Orchestrator, TCP optimization, SFP, tunnel connection, license, logging, and Cisco Umbrella information. Real time monitoring in Cisco vManage is similar to using show commands in the CLI of a device.

There are many device configuration details for Cisco vManage. Only a subset of the device configuration details is added in Cisco IOS XE Release 17.6.1a and Cisco vManage Release 20.6.1.

Manage Data Collection for Cisco SD-WAN Telemetry

This feature allows you to disable data collection for Cisco SD-WAN telemetry using Cisco vManage.

Data collection for telemetry is enabled by default.

Network-Wide Path Insight in Cisco vManage Enhancements

This feature provides enhancements to network-wide path insight tracing, including additional filters and options for traces, DNS domain discovery, and new displays for application flows, trace views, and app trends.

On-Demand Troubleshooting

This feature lets you view detailed information about the flow of traffic from a device. You can use this information to assist with troubleshooting.

Security Parameters Index in the show crypto ipsec sa Command

This feature qualifies the show crypto ipsec sa command for use in Cisco vManage CLI template and modifies the information displayed about Security Parameters Index (SPI) on the supported routers.

Production Change Management in Audit Logs

This feature adds support to include template and policy configuration details in audit logs. You can view the current and previous configuration details for any action in Cisco vManage.

DPI Statistics

This feature lets you view detailed information about the flow of traffic from a device.

Cisco SD-WAN Forwarding and QoS

Per-VPN QoS

When a Cisco IOS XE SD-WAN device receives traffic belonging to different VPNs from the branch network, you can configure a QoS policy to limit the bandwidth that can be used by the traffic belonging to each VPN or each group of VPNs.

Cisco SD-WAN SNMP

Support for Cisco SD-WAN Traps

This feature adds support for receiving the following SNMP trap notifications:

  • Certificate expiration notification on Cisco IOS XE SD-WAN devices and Cisco vEdge devices.

  • Health monitoring notifications on Cisco vEdge devices, Cisco vBond Orchestrator, Cisco vSmart Controller, and Cisco vManage.

Cisco SD-WAN MIBs

The following Cisco SD-WAN MIBs are introduced on Cisco IOS XE SD-WAN devices:

CISCO-SDWAN-APP-ROUTE-MIB.my

CISCO-SDWAN-BFD-MIB.my

CISCO-SDWAN-OPER-SYSTEM-MIB.my

CISCO-SDWAN-POLICY-MIB.my

CISCO-SDWAN-SECURITY-MIB.my

Cisco SD-WAN Commands

show platform software memory

This feature adds support for displaying memory information for specified Cisco SD-WAN processes.

NAT Serviceability Enhancement

This feature is used to display configured and operational data specific to NAT.

What's New for Cisco SD-WAN Release 20.6.x

This section applies to Cisco vEdge devices.

Table 3. Cisco SD-WAN Release 20.6.4
Feature Description

Configure Disaster Recovery Alerts

This feature provides support for configuring Cisco vManage alerts to generate an alarm and a syslog message for any disaster recovery workflow failure or event that occurs.

Renew Device CSR

This feature allows you to reset the RSA private and public keys, and generate a CSR that uses a new key pair. In earlier releases, the generation of CSR used the existing key pair.

Table 4. Cisco SD-WAN Release 20.6.1
Feature Description

Cisco SD-WAN Getting Started

Cisco vManage Persona-based Cluster Configuration

Simplifies adding Cisco vManage servers to a cluster by identifying servers based on personas. A persona defines what services run on a server.

Support for Reverse Proxy with Cisco IOS XE SD-WAN Devices and Cisco SD-WAN Multitenancy

With this feature, you can deploy a reverse proxy device in your overlay network between Cisco IOS XE SD-WAN devices and Cisco vManage and Cisco vSmart Controllers. Also, this feature enables you to deploy a reverse proxy device in both single-tenant and multitenant overlays that include Cisco vEdge or Cisco IOS XE SD-WAN edge devices.

Systems and Interfaces

Dual Endpoint support for interface status tracking on Cisco vEdge devices

This feature allows you to configure tracker groups with dual endpoints using the Cisco vManage System template and associate each template group to an interface. The dual endpoints provide redundancy for tracking the status of transport interfaces to avoid false negatives.

RBAC for Policies

This feature allows you to create users and user groups with required read and write permissions for Cisco vManage policies. RBAC for policies provides users with the access to all the details of policies to help maximize the operational efficiency. It makes it easier to meet configuration requirements and guarantees that authorized users on the system are only given access to what they need.

Tenant Device Forecasting

With this feature, a service provider can control the number of WAN edge devices a tenant can add to their overlay network. By doing so, the provider can utilize Cisco SD-WAN controller resources efficiently.

Migrate Multitenant Cisco SD-WAN Overlay

This feature enables you to migrate a multitenant Cisco SD-WAN overlay comprising shared Cisco vManage instances and Cisco vBond Orchestrators, and tenant-specific Cisco vSmart Controllers to a multitenant overlay comprising shared Cisco vManage instances, Cisco vBond Orchestrators, and Cisco vSmart Controllers.

Routing

Route Manipulation for Leaked Routes with OMP Administrative Distance

This feature allows you to configure the OMP administrative distance option to prefer OMP routes over MPLS routes.

Policies

Traffic Classification Using NBAR

This feature extends Network-Based Application Recognition (NBAR) support to Cisco SD-WAN vEdge devices.

SLA Class Support Enhancement

This feature is an enhancement to support more than six SLA classes per policy on Cisco SD-WAN devices.

Application-aware Routing and Data Policy SLA Preferred Colors

This feature provides different behaviors to choose preferred colors based on the SLA requirements when both application-aware routing policy and data policies are configured.

Cloud OnRamp

Cloud onRamp for SaaS over SIG Tunnels

This feature allows you to connect to Cloud onRamp for SaaS by means of a SIG tunnel.

Cloud onRamp for SaaS over SIG tunnels provides you secure access to the SaaS applications, and the capability to automatically select the best possible SIG tunnel for accessing the SaaS applications.

Cisco SD-WAN Monitor and Maintain

Generate System Status Information for a Cisco vManage Cluster Using Admin Tech

This feature adds support for generating an admin-tech file for a Cisco vManage cluster. The admin-tech file is a collection of system status information intended for use by Cisco SD-WAN Technical Support for troubleshooting.

Prior to this feature, Cisco SD-WAN was only able to generate an admin-tech file for a single device.

View Generated Admin-Tech Files at Any Time

This feature adds support for viewing generated admin-tech files whenever the admin-tech files are available on a device.

You can view the list of generated admin-tech files and then decide which files to copy from your device to Cisco vManage. You can then download the selected admin-tech files to your local device, or delete the downloaded admin-tech files from Cisco vManage, the device, or both.

Embedded Packet Capture for Cisco vEdge Devices Using CLI Commands

This feature provides an alternative method to capture traffic data to troubleshoot connectivity issues between Cisco vEdge devices and Cisco vManage using supported CLI commands. As part of this feature, the following commands are introduced to capture traffic details:

- request stream capture

- show packet-capture details

Additional Real Time Monitoring Support for Routing, License, Policy, and Other Configuration Options

This feature adds support for real time monitoring of numerous device configuration details including routing, license, policy, Cloud Express, Cisco vBond Orchestrator, TCP optimization, SFP, tunnel connection, license, logging, and Cisco Umbrella information. Real time monitoring in Cisco vManage is similar to using show commands in the CLI of a device.

There are many device configuration details for Cisco vManage. Only a subset of the device configuration details is added in Cisco IOS XE Release 17.6.1a and Cisco vManage Release 20.6.1.

Manage Data Collection for Cisco SD-WAN Telemetry

This feature allows you to disable data collection for Cisco SD-WAN telemetry using Cisco vManage.

Data collection for telemetry is enabled by default.

On-Demand Troubleshooting

This feature lets you view detailed information about the flow of traffic from a device. You can use this information to assist with troubleshooting.

Production Change Management in Audit Logs

This feature adds support to include template and policy configuration details in audit logs. You can view the current and previous configuration details for any action in Cisco vManage.

DPI Statistics

This feature lets you view detailed information about the flow of traffic from a device.

Cisco SD-WAN SNMP

Support for Cisco SD-WAN Traps

This feature adds support for receiving the following SNMP trap notifications:

  • Certificate expiration notification on Cisco IOS XE SD-WAN devices and Cisco vEdge devices.

  • Health monitoring notifications on Cisco vEdge devices, Cisco vBond Orchestrator, Cisco vSmart Controller, and Cisco vManage.

Important Notes, Known Behavior, and Workaround

  • The Cisco SD-WAN vManage 20.6.3 release is impacted by the following defect, CSCwc15033 ,which may affect your use of Cisco vManage software. We strongly recommend you to upgrade your Cisco vManage to the recommended Cisco vManage Release 20.6.3.1 or later to resolve this issue. For more information see, Cisco SD-WAN Release 20.6.3 Software Advisory Notice.

  • In Cisco vManage Release 20.5.x and earlier releases, if you created a template with the encrypted data field, the template push fails in Cisco vManage Release 20.6.x. The template push fails due to the change in the encryption library of Cisco vManage Release 20.6.x, and the following error message displays: Bad ciphertext padding provided . To successfully push template on the device, update and resave the template.

  • Starting from Cisco SD-WAN Release 20.4.1.1, Microsoft Azure environment is supported for deploying Cisco SD-WAN controllers (Cisco vBond orchestrator, Cisco vSmart controller, and Cisco vManage). The support is limited to Cisco SD-WAN cloud-based deployments only.

Cisco vManage Upgrade Paths

For information about Cisco vManage upgrade procedure, see Upgrade Cisco vManage Cluster.

Starting Cisco vManage Version Destination Version

19.2.x

20.1.x

20.3.x

20.4.x

20.5.x

20.6.x

18.x/19.2.x

Direct Upgrade

Direct Upgrade

Check disk space*

  • If the disk space is more than 2GB: Direct Upgrade

  • If the disk space is less than 2GB: Step upgrade through 20.1

  • If you are upgrading to 20.3.5, the available disk space should be at least 2.5 GB.

For cluster upgrade procedure**: request nms configuration-db upgrade

Note 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.

Step upgrade through 20.3.x

Step upgrade through 20.3.x

Step upgrade through 20.3.x

20.1.x

Not Supported

Direct Upgrade

Direct Upgrade

For cluster upgrade procedure**: request nms configuration-db upgrade

Note 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.

Direct Upgrade

For cluster upgrade procedure**: request nms configuration-db upgrade

Note 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.

Step upgrade through 20.3.x

Step upgrade through 20.3.x

20.3.x

Not Supported

Not Supported

Direct Upgrade

Direct Upgrade

Direct Upgrade

For cluster upgrade procedure**: request nms configuration-db upgrade

Note 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.

Direct Upgrade

For cluster upgrade procedure**: request nms configuration-db upgrade

Note 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.

20.4.x

Not Supported

Not Supported

Not Supported

Direct Upgrade

Direct Upgrade

For cluster upgrade procedure**: request nms configuration-db upgrade

Note 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.

Direct Upgrade

For cluster upgrade procedure**: request nms configuration-db upgrade

Note 

We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.

20.5.x

Not Supported

Not Supported

Not Supported

Not Supported

Direct Upgrade

Direct Upgrade

*To check the free disk space using CLI,

  1. Use the vshell command to switch to vshell.

  2. In vshell, use the df -kh | grep boot command.

**Cluster upgrade must be performed using CLI

  • Use the following command to upgrade the configuration database. This must be done on only one node in the cluster:
    request nms configuration-db upgrade

    Note

    We recommend the data base size in the disk is less than or equal to 5GB. Use the request nms configuration-db diagnostic command to check the data base size. This is applicable only for upgrades of devices running Cisco vManage Release 20.1.1 and later.


  • Enter login credentials, if prompted. Login credentials are prompted if all Cisco vManage server establish control connection with each other. After a successful upgrade, all configuration-db services are UP across the cluster and the application-server is started.

Resolved and Open Bugs

About the Cisco Bug Search Tool

Use the Cisco Bug Search Tool to access open and resolved bugs for a release.

The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.

You can filter the search results by last modified date, bug status (open, resolved), severity, rating, and support cases.

Bugs for Cisco SD-WAN Controllers Release 20.6.4

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Resolved Bugs for Cisco SD-WAN Controllers Release 20.6.4

Identifier

Headline

CSCwa60525

Device template fails due to community string error after upgrade to 20.6

CSCwa85537

Cisco vManage UI stuck forever with {{msg1}} showed on UI while attaching cEdge to device template failed

CSCwc41119

Duplicate Role descriptors found in IDP metadata

CSCvz06108

Enhancement: Cisco VPN Interface IPsec template does not DH group 2 as option

CSCwb68441

VPN drop menu shows empty in NWPI when we iniiate trace for first time

CSCwb35787

20.4 TACACS: old password working after password change on TACACS server

CSCwb37899

CoR Multicloud for GCP Site-to-Cloud CGW Deployment fails with Code 400 in S2S non supported region

CSCvx00337

Cisco vManage - Wildfly allocation reduced after upgrade

CSCwc00863

OMPD crash on policy update

CSCvz35603

VRRP optional fields Server error

CSCwb38187

Cisco vManage - 20.6.2.1 template push failed due to optional field - Invalid value for prefix

CSCwc10636

Replication does not start after system triggered manual switchover

CSCwc10437

20.6.3 to 20.6.4 Cisco vManage upgrade task got stuck in schedule state for Cisco vManage1

CSCwc15033

Template push fails with 'Failed to update configuration' error on 20.6.3

CSCwc15687

New image activation fails with DR paused and a warning message requesting to pause DR

CSCvz87812

Provide "Migrate Device" option in Cisco vManage UI before the device has been onboarded to Cisco vManage

CSCwb20070

20.8 : Disaster Recovery workflow fails during switchover

CSCwb38813

Secondary Cisco vManage continuously generates 'Data Center Down' alarms

CSCwa87469

Enabled usage but prepaid consumption

CSCwc08514

Cisco vManage GUI and CLI has different syntax for usergroup

CSCvz37973

SRST Feature Template "CUCM Media Resource Group" does not accept variable for field

CSCvy01378

Device Specific field is not usable

CSCvz48258

Enabling an application once gateway is attached goes through, but shows app as disabled on Cisco vManage

CSCvz63280

Cisco vEdge Does Not Respond Properly to vSmart Policy Prefix-list Changes (CLI Policy)

CSCwa25355

20.7: Unreachable node still shows up in device list

CSCwa40924

Cisco vManage UI failed to update password

CSCwc22047

IOS XE Devices not able to download policies from vSmart

CSCvz95054

System IP persists after invalidating the edge devices from the Cisco vManage which it is not connected .

CSCwa54969

Cisco vManage iptables-dropped Log stopped after upgrading 20.6.1

CSCvz66256

Filtering the data based on local tloc is returning no data in Cisco vManage GUI for DPI stats

CSCwa87012

Route policy to match multiple community string, Cisco vManage does not generate match community command

CSCwc02128

Unable to push device template with security policy with firewall destination port list attached

Open Bugs for Cisco SD-WAN Controllers Release 20.6.4

Identifier

Headline

CSCwc04446

Default route is not installed in the routing table of VPN 0 if the VNIC is changed in OpenStack

CSCwc47497

Cisco vManage does not send API calls to cisco.com to a configured HTTP proxy server

CSCwb65034

Search for tunnel is not working

CSCwc27827

Tunnel services cannot be changed of Cellular Gateways from Cisco vManage

CSCwc59865

Cisco vManage statistics-db heap-dump and thread-print commands are not supported

CSCwc05127

Breakdown of U-Plane communication after updating vSmart's CiscoPKI certificate

CSCwc37072

Template failed issue

CSCwc60513

Disk utilization increases on ceph although disk utilization on Cisco vManage doesn't increase

CSCwc62130

Cisco vManage Running 20.6.3 has no option for match VPN on device access control list

CSCwb76421

DPI stats processing is limited to 1 to 1.3 TB per day

CSCwc75057

Cisco vManage configuration commit hit Aborted: application communication failure error

Bugs for Cisco SD-WAN Controllers Release 20.6.3.1

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Resolved Bugs for Cisco SD-WAN Controllers Release 20.6.3.1

Bug ID

Description

CSCwc15033

Template push fails with 'Failed to update configuration' error on 20.6.3

Bugs for Cisco SD-WAN Controllers Release 20.6.3

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Resolved Bugs for Cisco SD-WAN Controllers Release 20.6.3

Identifier

Headline

CSCwb43423

cEdge: IOS XE image installation fails

CSCwb16723

Traceroute not working on cEdge with NAT

CSCwb51595

Missing IOS config (voice translation rule) on upgrade from 17.3 to 17.6

CSCwa67886

UDP based DNS resolution doesn't work with IS-IS EMCP on IOX-XE

CSCwb33968

Vmanage failed to display active flows when flow count is high on the device.

CSCvz84588

Destination prefix packets getting dropped because forwarding plane is not programming the next hop.

CSCwb59736

CSR BFD tunnel are zero with SDWAN version 17.03.03.0.7

CSCwb44275

Simulated flows with PPPoE with NAT DIA result in crash consistently over Utah platform

CSCwa57873

Incorrect reload reason - Last reload reason: LocalSoft for Netconf Initiated request

CSCwb18223

SNMP v2 community name encryption problem

CSCwb18315

Umbrella DNS security policy doesn't work with Cloud onRamp with SIG tunnels

CSCwa49721

SDWan HUB with firewall configured incorrectly dropping return packets when routing between VRFs

CSCwb13820

C8Kv crashed at high scale with IPSEC and heavy features configured

CSCwb39098

Router crashed after new IPv6 address assigned when router use specific configuration

Open Bugs for Cisco SD-WAN Controllers Release 20.6.3

Bug ID

Description

CSCwb38813

Secondary Cisco vManage continuously generates 'Data Center Down' alarms

CSCwb97344

Cisco vManage cluster upgrade from 20.3.4.1 to 20.6.3 : configuration-db upgrade failed

CSCwc02128

Unable to push device template with security policy with firewall destination port list attached

CSCvy72764

Services still communicate via old OOB IP after changing the vpn 0 OOB interface IP

CSCwb20070

Disaster Recovery workflow fails during switchover

CSCwa76773

MT-tenant deletion causes VmonitorAgent log to get stuck and DCA doesn't send information to DCS

CSCwa87469

Enabled usage but prepaid consumption

CSCvz60689

Cisco vManage with IPv6 interface with local user fails until we login with ipv4 once

CSCwb38187

Cisco vManage - 20.6.2.1 template push failed due to optional field - Invalid value for prefix

CSCwa90832

App-Server continuously restarting after the restore of config-db during Active-Backup Restore

CSCwa21248

Boot up time to bring up the containers takes considerable amount of time in 20.6 compared to 20.5

CSCwb61136

Cisco IOS XE SD-WAN Device: "platform console serial" command is removed unexpectedly after vManage push template

CSCwc15033

Template push fails with 'Failed to update configuration' error on 20.6.3

Bugs for Cisco SD-WAN Controllers Release 20.6.2.2

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Resolved Bugs for Cisco SD-WAN Controllers Release 20.6.2.2

Bug ID

Description

CSCwa54712

Evaluation of Cisco SD-WAN for Log4j 2.x DoS vulnerability fixed in 2.17

Bugs for Cisco SD-WAN Controllers Release 20.6.2.1

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Resolved Bugs for Cisco SD-WAN Controllers Release 20.6.2.1

Bug ID

Description

CSCwa47745

Evaluation of Cisco vManage for Log4j RCE (Log4Shell) vulnerability

Bugs for Cisco SD-WAN Controllers Release 20.6.2

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Resolved Bugs for Cisco SD-WAN Controllers Release 20.6.2

Bug ID

Description

CSCvx00337

Cisco vManage - Wildfly allocation reduced after upgrade

CSCvy33818

On MTT Cisco vManage system IP persists after invalidating and deleting the edge devices.

CSCvy44723

control connection to the edege device doesnt come up with v6 and reverse proxy

CSCvy89137

"show support omp peer" not available - replacement for "show internal omp peer"

CSCvy89347

Advertisement-interval delays withdrawal even if there was no previous update message and stable rib

CSCvy96800

Feature template for OPSF default-origination metric doesn't save changed variable names

CSCvy97321

omp route propagation delays due to constant marker resets on TLOC flap

CSCvy97925

vEdge Local configuration not showing up under GUI

CSCvy99978

2.5 MT Cisco vManage generate wrong configuration for app-list <ftp&ftp-data>

CSCvz16944

Multicloud Monitoring Dashboard does not show any data when login as provider and switch to tenant

CSCvz18399

20.5.1 Cisco vManage aggregate optional field is not considered as optional

CSCvz25427

tenant login privilege is denied if local radius tacacs auth is configured

CSCvz26464

Renew CSR MTT- Cluster : Alarms for WANedge software device cert expiration is not generating tenant

CSCvz26738

cfgmgr crashed while trying to delete / create tenant in Multi Tenant lead to vdaemon crash

CSCvz30541

In 20.6, Device with 17.5.1, AppQoE TCP opt graphs are not displayed.

CSCvz31909

Disaster Recovery is failing to export the config-db in standby DR

CSCvz36007

cloudagent-v2 gets stuck at host discovery

CSCvz36335

UI didn't comeup when 2nd node was a compute node

CSCvz39917

Failed to find VPN mapping for cloudType:{} after upgrade from 20.4.2 to 20.6.1

CSCvz43823

Cisco vManage is not able to discover VPCs for Multi-cloud when >14 AWS accounts provisioned

CSCvz48262

Unable to enable PnP Connect

CSCvz49235

Software activation via UI failing even when DR replication is paused

CSCvz49299

Cisco vManage services do not start on upgrade from 20.3 to 20.6 due to upgrade-context.json incorrect

CSCvz51928

Interface Endpoints isn't updated when tunnel refresh button is used

CSCvz55034

Cisco vManage 20.6.1 Dashboard does not show custom application server logo

CSCvz55982

Incorrect error message during NWPI Trace configuration

CSCvz65205

Resource group not working on Cisco vManage 20.6.1

CSCvz67290

Not able to copy or add new Voice Policy in Cisco vManage 20.6.1

CSCvz69856

Cisco vManage - After upgrade to 20.4.2 or 20.6.1 feature template field is not optional anymore

CSCvz73489

API to fetch control summary is not working in 20.5 or later release

CSCvz75378

"The status code is missing in the response from server" when filtering on devices groupId

CSCvz07202

Tenant creation is failing on 20.3.3 MT cluster vmanage

Open Bugs for Cisco SD-WAN Controllers Release 20.6.2

Bug ID

Description

CSCvy01378

Device Specific field is not usable

CSCvy31077

vBond upgrade from 20.4.1 to 20.5.1 may fail due to upgrade-confirm not received

CSCvy39355

CSR generation fails if given OU differs from org-name on the Cisco vManage

CSCvy72764

services still communicate via old OOB IP after changing the vpn 0 OOB interface IP

CSCvy87142

valid-vedges list in Cisco vManage and vbond are not consistent after send to controller

CSCvz02667

Cisco vManage ODT : Monitoring Stats collection takes > 3 hours when selected for 1 day duration.

CSCvz03954

Udpate Cisco vManage clustering support to CloudDock

CSCvz05132

CoR SaaS "vQoE Score History" not getting displayed for vEdge on Cisco vManage

CSCvz28684

Huge Data replication observed during DR process of 3 node cluster running 20.3.4

CSCvz30153

ES(ex. Alarm/Event/Audit) replication import fail

CSCvz32341

custom application list not replicated in Disaster Recovery for a Single Node Cisco vManage Cluster

CSCvz34413

replication will start from time 0 if replication leader entry not present replicationstatus table

CSCvz40247

Security policies applied to incorrect interface in cluster mode, iptables

CSCvz46043

Device inventory sections shows incorrect count.

CSCvz50700

Error occurred while generating report

CSCvz53305

Cisco vManage: Local device access policy with SNMP is not getting pushed correctly.

CSCvz60689

Cisco vManage with IPv6 interface with local user fails until we login with ipv4 once

CSCvz67260

Generate Bootstrap Configuration for c8300 is not working, Cisco vManage 20.6.1

CSCvz68624

Login to Viptela OS fails if plain-text password was set in cloud-init write_files

CSCvz75471

New sequence in RPL with set as-path has both prepend and exclude as required fields

CSCvz87812

Provide "Migrate Device" option in Cisco vManage UI before the device has been onboarded to Cisco vManage

CSCvz89536

[MSDC] 20.6.2: API delay of 90+ seconds in displaying Real Time Tunnel statistics

CSCvz95054

System IP persists after invalidating the edge devices from the Cisco vManage which it is not connected.

CSCvz89254

Cisco vManage config roll back failed after Cisco vManage template is attached to the Cisco IOS XE SD-WAN device.

CSCwa32801

config-db memory climbing up on MT scale setup

CSCwa17310

template attach fails after upgrading to 20.6.2 from 20.4.2

CSCvz94799

MTT : OptIn status is not updated to the Cisco IOS XE SD-WAN devices in a tenant

CSCwa25256

Installing new enterprise wan edge cert does not remove old cert causing device to use old cert

CSCvz80036

vEdge_Nitro: google-accounts getting classified as google-services in DPI Application

CSCwa23351

NWPI fail to merge domain/IP for dual Cisco IOS XE SD-WAN device site

CSCwa21248

boot up time to bring up the containers takes considerable amount of time in 20.6 compared to 20.5

CSCwa56750

MTT, site/node level alarm are missing when manually shutdown / re-start edge device

Bugs for Cisco SD-WAN Controllers Release 20.6.1

This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Resolved Bugs for Cisco SD-WAN Controllers Release 20.6.1

Bug ID

Description

CSCvm52858

Incorrect referencing to SHA on Data plane (GCM)

CSCvs66726

Cluster deactivate is not supported when cluster is stuck in init state

CSCvt63483

Cisco vManage: neo4j transient exception - database not upto the required version

CSCvv13313

Select control connection TAB for any vsmarts, it will never show vbond connections

CSCvv31205

Network Design - Unable to add Services due to cEdge SNMP global parameters is set

CSCvv50436

Cisco vManage WebServer uses a hard coded self-signed certificate

CSCvv99743

High failure API rate when device is not directly connected to the API query receiver

CSCvw31595

SG attach fails with Placement Failed Error - VM BW not met even though there are no SC's attached

CSCvw36009

vBond/vSmart Upgrade Failed and Rollback due to Upgrade confirm not received.

CSCvw45408

Azure Node:Device Upgrade task stuck when 1 Cisco vManage node goes for a reboot

CSCvw48486

Cisco vManage email notifications not working

CSCvw54692

cEdge Unable to configure ospf simple password authentication

CSCvw55764

VNF Install fail - VNF packages are not sync'd/copied in new added Cisco vManage node in Cisco vManage cluster

CSCvw56471

Upgrade 20.3->20.4, ND Profile->LAN page does not show global vlan, spanning-tree and native-vlan

CSCvw57727

Backward Compatibility:20.4 LAN global vlan config does not automatically translate for NFVIS 4.2

CSCvw69475

Cisco vManage MTT Cluster - Cisco vManage Active to Backup restore does not work

CSCvw92020

Checkbox is not usable under Update Device Template tab

CSCvx00337

Cisco vManage - Wildfly allocation reduced after upgrade

CSCvx02370

add device check for alarm process

CSCvx11296

cedge reporting normal even though it is over warning threshold

CSCvx14674

ENH: make media-type rj45 available in the interface template

CSCvx18282

ND Profile -> LAN preview does not show global VLAN, spanning-tree and/or trunk native VLAN info

CSCvx30650

Generic SIG template is not getting added to device Template

CSCvx34991

Cisco vManage - TACACS requests are sourced from old interface IP after IP changed

CSCvx43560

template push fails when entire device config is passed as a input variable

CSCvx44834

ASR1K - ACE entry added after object-group is missing in hardware causing packets drops

CSCvx57103

Cisco vManage: Template push may fail after upgrading to 20.4

CSCvx62993

Cisco vManage: motd api will retrieve line break by removing the slash character and keeping "n"

CSCvx68299

Template Update: "Error occurred while generating inputs for device templates. Please try again... "

CSCvx70706

Adding a new SC to an attached SG when no resources available saves SC although SC not provisioned

CSCvx72147

Unable to generate Admin tech via GUI

CSCvx76036

View of dashboard Cisco vManage for (OMP sessions) in Multi-Tenant

CSCvx79831

Call Feature Template: Number Pattern does not accept characters '[ ]' , '$' and '^'

CSCvx80917

Cisco vManage monitor-realtime ospf neighbor/interface incorrect

CSCvx82823

Destination device drop-down doesn't show devices after speed test run

CSCvx89235

MTT : SD-AVC REST APIs calls task stuck in scheduled state after creating / editing custom appli

CSCvx89314

Data collection status stuck in Queued state after performing VNF start/stop/reboot

CSCvx93652

Push vEdge list fails to vSmart with application error.

CSCvx94934

df -kh output is misleading and Cisco vManage platform until we reload the VM

CSCvx95333

Use new format of cloud-init for bootstrap of vEdge Cloud >=20.5

CSCvx98106

Cisco vManage user sessions not getting cleaned up, approx 19700 active sessions

CSCvx99730

vBond restart happens after "show orchestrator unclaimed-vedges ?" command

CSCvy00144

Setting logging console to disabled does not work in Cisco vManage global settings feature template

CSCvy00234

API Docs for /device/ip/ipRoutes doesn't filter for VPN correctly

CSCvy01922

Cisco vManage cert issue during a Cluster build due to certifcate issue

CSCvy03296

CLI Template variables appear in reverse alphabetical order.

CSCvy05380

6 node Cisco vManage device list page refreshing in 30 sec with GET API : dataservice/system/device/vedges

CSCvy11479

user from resource-group can manage global resources

CSCvy12594

Cisco vManage REST API response 403 is sent in incorrect Content-type HTML format, should be JSON

CSCvy14263

20.6 Controller Upgrade failed: NetConf: Connection to device failed during install.

CSCvy14627

Activating changes in Security Policy that is attached to the vEdge will fail and lock the database

CSCvy14765

Cisco vManage doesn't apply TCP MSS configuration under SIG tunnel if it's set to default in SIG template

CSCvy15370

Cisco vManage API running too frequently under Rediscover Network resulting in Page Loading too often

CSCvy20437

ciscotacro/rw disablement via CLI template fails

CSCvy22617

206/next-vmanage:LATEST: deploy in esxi: traceback/crash & stuck observed while first login

CSCvy22914

Cisco vManage GUI down 20.3.3 due to Full GC (Allocation Failure)

CSCvy23515

Cisco vManage/20.5.1/Warning: Chassis Number is Mandatory for Cisco Devices// They are installed in the db

CSCvy24936

vBond connections continuously flapping on edge devices.

CSCvy25919

Cloud OnRamp: Available Regions not listing all regions that AWS account has access to

CSCvy26980

Unknown error: Unable to update or delete user credentials for existing AWS/Azure acount

CSCvy27219

Cisco vManage GUI is down after /opt/data fills with heapdump

CSCvy29280

NullPointerException in getMasterTemplateDefinition when retrieving template details

CSCvy32540

DB_upgrade failed because of one NMS service failed to start.

CSCvy33818

On MTT Cisco vManage system IP persists after invalidating and deleting the edge devices.

CSCvy34295

CLI request nms configuration-db update-admin-user does not change user password on rest of Cisco vManage

CSCvy34380

Cisco vManage 20.5.1 Security Policy Can't have match protocl Name and Destination Port number

CSCvy35142

"App Route Statistics" won't display statistics for cEdges on 20.4.x

CSCvy43320

Request support to have "ciscotac" internal commands

CSCvy45393

During Cisco vManage cluster creation, the primary Cisco vManage did not send the S/N to load share the CC

CSCvy50083

Devices->Local Configuration , Split Screen while viewing the Local configuration , screen attached

CSCvy60555

Rollback of GCP CGW does not complete if Compute Alpha API is are not enabled or Quota limit hits

CSCvy63368

How to add missing Sudi_chassis in Cisco vManage running 20.5 before upgrade to 20.7

CSCvy66979

[SIG template] Values greater than 255 for idle-time and refresh-time for Zscaler are unconfigurable

CSCvy71956

206/176 : ztp upgrade not triggered and stuck at 'Sync Pending - Software upgrade after ZTP'

CSCvy73412

Templatepush failed for C8300-2N2S-4T2X with error bad-cli-negotiation auto,parser-context

CSCvy75420

Cisco vManage reports 'upgrade request failed in device' error after installing the software via ZTP

CSCvy77151

Unable to add user in SNMP Feature Template

CSCvy79095

configuration db VMANAGE ROOT CA node is not updated

CSCvy82153

Login Success for deleted Cisco vManage local user

CSCvy82285

KVM vbond if-oper-status down after reboot by Cisco vManage APi (support Redhat*)

CSCvy85092

Admin user logged in Cisco vManage with logging auth group

CSCvy88437

AWS VPN based: IPSEC tunnels from CGW C8kvs to TGW down on latest 20.6 build

CSCvy88637

Cisco vManage email notification - supporting special character & (ampersand) in the email address

CSCvy93596

application services goes OOM due to user session node deletion as part of startup in Cisco vManage

CSCvy93992

Enforce Software Version(ZTP) does not work as expected on Multi Tenant setup

CSCvy94112

request nms server-proxy stats does not work

CSCvy97925

vEdge Local configuration not showing up under GUI

CSCvz04803

MTT, Missing OMP down Alarms(tloc, node, site) after device is unreachable

CSCvz16670

OMP node down cannot generate when change system-ip

CSCvz30626

20.6: Cisco vManage Main Dashboard , with Top Application Data => SSL proxy, data is empty

Open Bugs for Cisco SD-WAN Controllers Release 20.6.1

Bug ID

Description

CSCvw81892

[SIT] AWS instance Cisco vManage unable to reach devices after upgrade to 20.5.999 image

CSCvx44834

ASR1K - ACE entry added after object-group is missing in hardware causing packets drops

CSCvx46554

Cisco vManage reverting API changes after 5 minutes

CSCvx79376

Cisco vManage UI showing empty group value when editing device values

CSCvy01378

Device Specific field is not usable

CSCvy31077

vBond upgrade from 20.4.1 to 20.5.1 may fail due to upgrade-confirm not received

CSCvy33818

On MTT Cisco vManage system IP persists after invalidating and deleting the edge devices.

CSCvy38478

Cisco vManage ver 19.2.4 crash, becomes unstable/unusable

CSCvy39355

CSR generation fails if given OU differs from org-name on the Cisco vManage

CSCvy44723

control connection to the edege device doesnt come up with v6 and reverse proxy

CSCvy63270

Cisco vManage is not generating/sending "endpoint-tracker" command to interface (cedge)

CSCvy72764

services still communicate via old OOB IP after changing the vpn 0 OOB interface IP

CSCvy77303

cEdge template throws internal error via feature template to just one device

CSCvy82286

Inconsistent response from Cisco vManage API to generate bootstrap in 20.5.1

CSCvy84892

vSmart doesn't establish control connection with Cisco vManage in 20.5.1 reason:"ERR_SER_NUM_NT_PRESENT"

CSCvy87142

valid-vedges list in Cisco vManage and vbond are not consistent after send to controller

CSCvy89137

"show support omp peer" not available - replacement for "show internal omp peer"

CSCvy96335

During ZTP Cisco vManage pushes template before SW was upgraded up to minimal required

CSCvy99978

2.5 MT Cisco vManage generate wrong configuration for app-list <ftp&ftp-data>

CSCvz02667

Cisco vManage ODT : Monitoring Stats collection takes > 3 hours when selected for 1 day duration.

CSCvz03954

Infra query not send to all CSPs by Cisco vManages in cluster causing CD Cluster to Fail

CSCvz05132

CoR SaaS "vQoE Score History" not getting displayed for vEdge on Cisco vManage

CSCvz05221

Impossible to install UTD software with "Task cannot proceed. Similar task is in progress" error

CSCvz07161

20.6 / 17.6 : Custom Apps do not work with working Cisco vManage going down in cluster

CSCvz14731

Cisco vManage detects Viptela OS on ISR 1100 even if its running IOS XE

CSCvz14915

[MT-MT Migration]Unable to see OMP seesions on tenant dashboard after migration from 20.3 to 20.6

CSCvz16944

Multicloud Monitoring Dashboard does not show any data when login as provider and switch to tenant

CSCvz25190

20.6 EFT Drop2 HTTP(S) Proxy configuration

CSCvz28541

Possible day 0 issue: software upload fails if Cisco vManage session times out during the process

CSCvz28684

Huge Data replication observed during DR process of 3 node cluster running 20.3.4

CSCvz29468

" Signature trust establishment failed for metadata entry " on Cisco vManage Error

CSCvz30124

20.6 MT provider: when template is detached, password for "admin" can be changed but UI throws error

CSCvz30153

ES(ex. Alarm/Event/Audit) replication import fail

CSCvz30626

20.6: Cisco vManage Main Dashboard , with Top Application Data => SSL proxy, data is empty

CSCvz31054

Cisco vManage Tunnel States API is not backward compatible between 20.6 and 20.4.1

CSCvz31290

Cisco vManage is not pushing the tracker to an interface on cEdge under "VPN Interface Ethernet" template

CSCvz31540

Cisco vManage GUI: upstream connect error or disconnect/reset before headers

CSCvz31909

1+1 DR is failing to export the config-db in standby DR

CSCvz32341

custom application list not replicated in Disaster Recovery for a Single Node Cisco vManage Cluster

CSCvz33123

Shared clouddock cluster activation shows FAILED after claiming its successful

CSCvz34413

replication will start from time 0 if replication leader entry not present replicationstatus table

CSCvz36007

cloudagent-v2 gets stuck at host discovery

CSCvz36335

UI didn't comeup when 2nd node was a compute node

CSCvz36420

LiveAction and other token logins are failing for Cisco vManage

CSCvz37973

SRST Feature Template "CUCM Media Resource Group" does not accept variable for field

CSCvz38091

csrf.properties file is not updated in an upgrade from 20.4 to 20.6

CSCvz38128

For ODT driven Graphs, could see data for old duration timestamps, in-stead of requested time-stamp

CSCvz40247

Security policies applied to incorrect interface in cluster mode, iptables

CSCvz30541

In 20.6, Device with 17.5.1, AppQoE TCP opt graphs are not displayed.

CSCvz39917

Failed to find VPN mapping for cloudType:{} after upgrade from 20.4.2 to 20.6.1

CSCvz37616

Template attach fails during localized policy execution

CSCvz25427

20.6 LATEST: Tenantadmin seeing basic privileges- javax.ws.rs.ForbiddenException: HTTP 403 Forbidden

CSCvz40568

Server error: illegal reference ncs devices

Redesign of Cisco vManage GUI

From Cisco vManage Release 20.6.1, Cisco vManage GUI is redesigned and offers a new visual display. Besides the new sign in screen, this section presents a comparative summary of the significant changes between older Cisco vManage releases and Cisco vManage Release 20.6.1 and later.

Change in Navigation Menu

From Cisco vManage Release 20.6.1, the navigation menu at the top left of the Cisco vManage window is collapsed, and can be expanded to view the menu options. The previous releases of Cisco vManage have a static side-bar navigation menu.

Figure 1. Navigation Menu in Cisco vManage Release 20.5.1 and Earlier

Figure 2. Navigation Menu (Collapsed) in Cisco vManage Release 20.6.1 and Later

Figure 3. Navigation Menu (Expanded) in Cisco vManage Release 20.6.1 and Later

Change in Position of the User Profile and Sign Out Options

From Cisco vManage Release 20.6.1, the User Profile and Sign Out options are moved to the bottom of the collapsible side-bar menu in the left pane. In the previous releases, these options are available at the top-right corner of Cisco vManage.

Figure 4. User Profile and Sign Out Options inCisco vManage Release 20.5.1 and Earlier

Figure 5. User Profile and Sign Out Options in Cisco vManage Release 20.6.1 and Later

Change in Presentation of the Main Dashboard

From Cisco vManage Release 20.6.1, the position of Select Resource Group drop-down menu is shifted to the left.
Figure 6. Main Dashboard in Cisco vManage Release 20.5.1 and Earlier

Figure 7. Main Dashboard in Cisco vManage Release 20.6.1 and Later

Other Changes

The redesign includes:

  • New icons across Cisco vManage

    Figure 8. Example of Icons in Cisco vManage Release 20.5.1 and Earlier

    Figure 9. Example of Icons in Cisco vManage Release 20.6.1 and Later

  • New design for GUI elements such as tabs and buttons

    Figure 10. Example of GUI Elements in Cisco vManage Release 20.5.1 and Earlier

    Figure 11. Example of GUI Elements in Cisco vManage Release 20.6.1 and Later

  • New design for search bars across Cisco vManage

    Figure 12. Example of Search Bar in Cisco vManage Release 20.5.1 and Earlier

    Figure 13. Example of Search Bar in Cisco vManage Release 20.6.1 and Later