Release Notes for Cisco 8500 Series Secure Routers, Release 17.15.x
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- US/Canada 800-553-2447
- Worldwide Support Phone Numbers
- All Tools
Feedback
Feedback
Cisco 8500 Series Secure Routers, Release 17.15.x
Cisco 8500 Series Secure Routers, Release 17.15.x
Cisco IOS XE 17.15.4a is the first release for Cisco 8500 Series Secure Routers in the Cisco IOS XE 17.15.x release series.
This document describes the features and issues for Cisco 8500 Series Secure Routers, Release 17.15.x.
The Cisco 8500 Series Secure Routers are compact 1RU platforms that are well-suited for Datacenter and Colocation deployments. The primary use-case for these routers is Enterprise WAN Aggregation.
The Cisco 8500 Series Secure Routers includes the following models:
● C8570-G2
● C8550-G2
For more information on the features and specifications of Cisco 8500 Series Secure Routers, see the Cisco 8500 Series Secure Routers Datasheet.
This section provides a brief description of the new hardware features introduced in this release.
New hardware features in Cisco IOS XE 17.15.5
There are no new hardware features for this release.
New hardware features for Cisco IOS XE 17.15.4a
Table 1. New hardware features for Cisco 8500 Series Secure Routers, Release 17.15.4a
| Feature |
Description |
| Cisco 8500 Series Secure Routers.. |
From Cisco IOS XE 17.15.4a, Cisco 8500 Secure Series Routers are available in these models: C8570-G2 C8550-G2 |
This section provides a brief description of the new software features introduced in this release.
New software features in Cisco IOS XE 17.15.5
There are no new software features for this release.
New software features for Cisco IOS XE 17.15.4a
Table 2. New software features for Cisco 8500 Series Secure Routers, Release 17.15.4a
| Product impact |
Feature |
Description |
| Licensing Process |
Cisco 8500 Series Secure Routers supports platform-based licensing, a way of grouping licenses and devices based on platform-classes. A platform class is a hierarchical categorization based on the product family and place in the network. In this platform-based licensing model, Essentials and Advantage licenses are available. License portability is supported across devices within the same platform class and usage of the same license across different modes is also possible. |
This table lists the resolved issues in this specific software release.
Note: This software release may contain open bugs first identified in other releases. To see additional information, click the bug ID to access the Cisco Bug Search Tool. To search for a documented Cisco product issue, type in the browser: <bug_number> site:cisco.com.
Resolved issues in Cisco IOS XE 17.15.5
Table 3. Resolved issues for Cisco 8500 Series Secure Routers, Release 17.15.5
| Bug ID |
Description |
| NGFW Policy Deployment Fails Due to Long Rule Name
|
|
| LWM "memory free low-watermark processor" value its changing itself after upgrade |
|
| Unexpected Reload on device with Static NAT When Polling NAT Translation Data |
|
| IOS-XE Devices: Router May Reload Unexpectedly During Startup Due To Segmentation Fault |
|
| Stuck locally originates BGP EVPN type-2 route |
|
| Device ignore the keepalive command under the SIG tunnel interface pushed by the vmanage |
|
| [XE BGP] BGP routes are advertised with 0 in AS PATH attribute when replacing ASN |
|
| Device crashed when using SDWAN Network-Wide Path Insight with AppQoE enabled. |
|
| After VRRS flaps AAA overflows the packet buffers causing an Out of Memory crash |
|
| DMVPN hub routers could experience an unexpected reload after tunnel down in specific timing scenario. |
|
| TPLUS Process is taking high CPU in IOSd |
|
| DMVPN spoke crashed at Process = NHRP |
|
| uCode core is not getting generated when interrupt is hit by CPP |
|
| Memory Leak in DNS Proxy/SKA Triggers Unexpected Reloads |
|
| ZBFW Invalid Zone drops after upgrade to 17.15 |
|
| Missing Calling-Station-ID in radius messages |
|
| IPv6 stale entries not expiring |
|
| PKI : Discard CRL of greater than 5MB on C9200 |
|
| Device May Unexpectedly Reboot When Importing CA Chains |
|
| sl_def_acl is not getting removed from vty after block period expiry |
|
| object-group service TCP port range |
|
| Device QFP crash with stuck threads while attempting to lock cft policy under Autonomous mode with UDP traffic |
|
| Device after running show policy-map type inspect zone-pair sessions memory increase for a couple of hours until it crash |
|
| Device: polaris_vconfd_cfgpull_t denials during config push trigger |
|
| Initial Authc/Authz not going to first TACACS server even when the server is alive |
|
| SNMPv3 user with encrypted pswd is not seen in 'show run' without re-configuring all snmpv3 configs |
|
| cpp_cp_svr crash if CEF OCE points to MPLS-SR-Tunnel interface |
|
| Unexpected reload due to Segmentation fault on IP SLA DynHostName Process |
|
| Crash when collecting backtrace for callsite |
|
| Stuck EVPN BGP type-2 local route and L2RIB route |
|
| Unexpected Reboot: PIM Sparse-Dense Interface Flap Triggers System Crash |
|
| Device ip community-list standard CLI template attach failure |
|
| Pubd memory leak when SSID monitoring is disabled |
|
| Ping failure from VRRP backup to VRRP primary virtual address when enabling security policy |
|
| Missing Calling-Station-ID (31) in Radius Accounting |
|
| Memory leak in repm |
|
| BGP neighborship flap during configure replace |
|
| Unexpected Reloads Caused by HTTP CORE Process |
|
| CTS Trustpoint loop triggers PKI segfault |
|
| Soln: 'childless-delete-object' seen after the longevity run on C8500-12X |
|
| device is sending lots of fib-updates alarms to vManage filling max alarms in vManage |
|
| Device ipv6 crypto-map config not displayed when configuring ospfv3 auth |
|
| IP aliases stuck in VRF even NAT statements removed |
|
| NETCONF/RESTCONF sync fails and dmiauthd may crash when AAA authentication banner contains a leading newline |
|
| IPv6 ND HA Memory Leak from IPv6 NS on Mgmt port |
|
| Defect Created by AutoAn for eem_cli_template_device |
|
| TFTP server declines TFTP client request when "BLKSIZE" optional header is not contained |
|
| IOS XE MTP using BDI interface does not forward rtp-nte when configured for passthrough and report |
|
| Unexpected Reboot in Process Sessmgrd |
|
| RP Crash While Debugging IKEv2 |
Resolved issues in Cisco IOS XE 17.15.4a
There are no customer impacting bugs that were fixed in this release.
This table lists the open issues in this specific software release.
Note: This software release may contain open bugs first identified in other releases. To see additional information, click the bug ID to access the Cisco Bug Search Tool. To search for a documented Cisco product issue, type in the browser: <bug_number> site:cisco.com.
Open issues in Cisco IOS XE 17.15.5
Table 4. Open issues for Cisco 8500 Series Secure Routers, Release 17.15.5
| Bug ID |
Description |
| Increased CPU Utilization Caused by BGP Scanner Process |
|
| IPv6 neighbour table entries are not timing out causing High TCAM utilisation (no default timers configured)
|
|
| Add CLI to change per MPLS label CEF statistics query interval on FMAN FP
|
|
| Behaviour change for "ip dhcp use class" command on sdwan router
|
|
| Device Attempts DHCP Relay Instead of Local Assignment – Clients Losing Connectivity
|
|
| Device crashing due to stuck threads when Netflow is enabled
|
|
| Increased CPU Utilization Caused by BGP Scanner Process
|
Open issues in Cisco IOS XE 17.15.4a
There are no customer impacting bugs that were identified in this release.
· Hardware Installation Guide for Cisco 8500 Series Secure Routers
· Software Installation Guide for Cisco 8500 Series Secure Routers
· Cisco 8000 Series Secure Routers Licensing
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2026 Cisco Systems, Inc. All rights reserved.