Information about Cisco Catalyst IE9300 Rugged Series Switch
This document provides release information for the following Catalyst IE switches:
-
Cisco Catalyst IE9310 GE Fiber switch
-
Cisco Catalyst IE9320 GE Fiber switch
-
Cisco Catalyst IE9320 Fiber switch with 10 GE uplinks
-
Cisco Catalyst IE9320 10 GE Copper Data switch
-
Cisco Catalyst IE9320 10 GE PoE switch
-
Cisco Catalyst IE9320 10 G mGig 4PPoE switch
-
Cisco Catalyst IE9320 GE PoE switch
Cisco Catalyst IE9300 Rugged Series Switches provide rugged and secure switching infrastructure for harsh environments. It is suitable for industrial Ethernet applications, including manufacturing, utility substations, intelligent transportation systems (ITSs), rail transportation, and other similar deployments.
The switch fulfills the need for a high-density SFP, RJ-45, and Power over Ethernet (PoE) rack-, or wall-mount switch that can function as a software-defined (SD)-Access fabric edge. It provides end-to-end architectural uniformity in the Cisco Catalyst Center for Internet of Things (IoT) connected communities and extended enterprises.
In industrial environments, the switch can be connected to any Ethernet-enabled industrial communication devices. These devices include programmable logic controllers (PLCs), human-machine interfaces (HMIs), drives, sensors, and input and output (I/O) devices.
New Features for Cisco Catalyst IE9300 Rugged Series Switches and the Cisco Catalyst ESS9300 Embedded Series Switch
The features in the following table are new in this release for the supported switches.
Feature Name |
License Level |
Description |
Supported Switches |
---|---|---|---|
Stacking Support—4 members |
Network Essentials/Network Advantage |
A switch stack has multiple stacking-capable switches connected through their StackWise ports. The stack members work together as a unified system. Layer 2 and Layer 3 protocols present the entire switch stack as a single entity to the network | All IE9320 switches:
|
High-Availability Seamless Redundancy (HSR)—SAN |
Network Essentials |
HSR is a network protocol for Ethernet that is designed to achieve zero recovery time in ring topologies. It supports single fault in the ring with no downtime by sending each packet in both directions in the ring. |
|
Media Redundancy Protocol (MRP) |
Network Essentials |
MRP provides fast convergence in a ring network topology for industrial automation networks. Twelve rings are supported on standalone switches. The Media Redundancy Manager (MRM) defines its maximum recovery times for a ring in the following range: 200 ms and 500 ms. |
All Cisco Catalyst IE9300 Rugged Series Switches |
TrustSec Configuration on PRP Interface |
Network Advantage |
Cisco TrustSec builds secure networks by establishing domains of trusted network devices. Each device in the domain is authenticated by its peers. TrustSec is supported only on physical interfaces. You can configure TrustSec on member interfaces of a PRP channel but not on a PRP interface. |
|
VLAN Mapping |
Network Essentials |
A QnQ VLAN tunnel enables a service provider to segregate the traffic of different customers in their infrastructure, while still giving the customer a full range of VLANs for their internal use by adding a second 802.1Q tag to an already tagged frame. |
All Cisco Catalyst IE9300 Rugged Series Switches |
Feature Name |
License Level |
Description |
Supported Switches |
||
---|---|---|---|---|---|
Certificate-based MACsec |
Network Essentials
|
Certificate-based MACsec Encryption feature uses 802.1X port-based authentication with Extensible Authentication Protocol–Transport Layer Security (EAP-TLS) to carry Certificates for ports where MACsec encryption is required. This feature makes it feasible to manage the key at the centralized server over preshared key-based MACsec. |
Cisco Catalyst ESS9300 Embedded Series Switch |
Important Notes
Cisco Catalyst ESS9300 Embedded Series Switch: Upgrade to Latest Boot Software
If you have a Cisco Catalyst ESS9300 Embedded Series Switch, you must upgrade it to the latest version of ROM monitor software (ROMMON).
The upgrade is to accommodate the larger size of Cisco Catalyst IOS XE 17.13.1 caused by enhancements. If you do not upgrade, the switch may fail to boot.
Switch Model Numbers
Cisco Catalyst IE9300 Rugged Series Switches
The following table lists the supported IE9300 series hardware models and the default license levels that they are delivered with.
Model Number |
Default License Level |
Stacking Support |
Description |
---|---|---|---|
IE-9310-26S2C-A |
Network Advantage |
No |
|
IE-9310-26S2C-E |
Network Essentials |
||
IE-9320-26S2C-A |
Network Advantage |
Yes |
|
IE-9320-26S2C-E |
Network Essentials |
||
IE-9320-22S2C4X-A |
Network Advantage |
Yes |
|
IE-9320-22S2C4X-E |
Network Essentials |
||
IE-9320-24T4X-A |
Network Advantage |
Yes |
|
IE-9320-24T4X-E |
Network Essentials |
||
IE-9320-24P4X-A |
Network Advantage |
Yes |
|
IE-9320-24P4X-E |
Network Essentials |
||
IE-9320-16P8U4X-A |
Network Advantage |
Yes |
|
IE-9320-16P8U4X-E |
Network Essentials |
||
IE-9320-24P4S-A |
Network Advantage |
Yes |
|
IE-9320-24P4S-E |
Network Essentials |
All Cisco Catalyst IE9300 Rugged Series Switches have 4 GB of DRAM, four alarm inputs, and one alarm output. Other I/O include the following:
-
SD-cards socket
-
Power input
-
RJ-45 (RS-232) console
-
Micro-USB console
-
USB-A host port
![]() Note |
Documentation sometimes uses the following terms:
|
Starting with release 17.10.1, both the Network Essentials license and the Network Advantage license are available. The features available in the two licenses follow the IE9300 series, with the exception of MACsec-256.
Network Advantage License |
Description |
---|---|
Security |
MACsec-256 |
Routing |
Layer 3 routing support |
Upgrading the Switch Software
This section covers the various aspects of upgrading or downgrading the device software.
![]() Note |
See the Cisco IOS XE Migration Guide for IIoT Switches for the latest information about upgrading and downgrading switch software. |
SSH Algorithms for Common Criteria Certification Limitation
Starting from Cisco IOS XE Release 17.10, the following Key Exchange and MAC algorithms are removed from the default list:
-
Key Exchange algorithm:
-
diffie-hellman-group14-sha1
-
-
MAC algorithms:
-
hmac-sha1
-
hmac-sha2-256
-
hmac-sha2-512
-
![]() Note |
You can use the ip ssh server algorithm kex command to configure the Key Exchange algorithm and the ip ssh server algorithm mac command to configure the MAC algorithms. |
Finding the Software Version
The package files for Cisco IOS XE software can be found on the system board's internal flash memory device (flash:) or an external USB, depending on the device configuration.
You can use the show version privileged EXEC command to see the software version that is running on your switch.
![]() Note |
Although the show version output always shows the software image running on the switch, the model name shown at the end of this display is the factory configuration and does not change if you upgrade the software license. |
You can also use the dir filesystem: privileged EXEC command to see the names and versions of other software images that you might have stored in flash memory.
Software Images for Cisco IOS XE 17.13.x
The following table provides the filenames for the IOS XE 17.13.x software image for Cisco Catalyst IE9300 Rugged Series Switches and the Cisco Catalyst ESS9300 Embedded Series Switch.
Release |
Image Type |
Filename |
Switch Models |
---|---|---|---|
Cisco IOS XE.17.13.1 |
Universal |
ie9k_iosxe.17.13.01.SPA.bin |
|
Software Installation Options
The following table lists the options for the install
command for Cisco Catalyst IE9300 Rugged Series Switches.
To install and activate the specified file, and to commit changes to be persistent across reloads, enter the following command:
install add file filename
[ activate commit]
Option |
Description |
---|---|
abort |
Abort the current install operation. |
activate |
Activate an installed package. |
add |
Install a package file to the system. |
auto-abort-timer |
Install auto-abort-timer. |
autoupgrade |
Initiate software auto-upgrade on all incompatible switches. |
commit |
Commit the changes to the load path. |
deactivate |
Deactivate an install package. |
label |
Add a label name to any installation point. |
remove |
Remove installed packages. |
rollback |
Rollback to a previous installation point. |
Licensing
This section provides information about the licensing packages for features available on Cisco Catalyst IE9300 Rugged Series Switches.
License Levels
The software features available on Cisco Catalyst IE9300 Rugged Series Switches fall under these base or add-on license levels.
Base Licenses
-
Network Essentials
-
Network Advantage: Includes features available with the Network Essentials license and more.
Add-on Licenses
Add-on licenses require a Network Essentials or Network Advantage as a prerequisite. The features available with add-on license levels provide Cisco innovations on the switch, and on the Cisco Catalyst Center.
-
Catalyst Center DNA Essentials
-
Catalyst Center DNA Advantage: Includes features available with the Catalyst Center DNA Essentials license and more.
To find information about platform support and to know which license levels a feature is available with, use Cisco Feature Navigator. To access Cisco Feature Navigator, go to https://cfnng.cisco.com. An account on Cisco.com is not required.
Smart Licensing Using Policy
Smart Licensing Using Policy, which is an enhanced version of Smart Licensing, is the default and the only supported method to manage licenses.
Smart Licensing using Policy provides a licensing solution that does not interrupt the operations of your network. Instead, it enables a compliance relationship to account for the hardware and software licenses you purchase and use.
With this licensing model, you do not have to complete any licensing-specific operations, such as registering or generating keys before you start using the software and the licenses that are tied to it. Only export-controlled and enforced licenses require Cisco authorization before use. License usage is recorded on your device with timestamps, and the required workflows can be completed later.
Multiple options are available for license usage reporting – this depends on the topology you implement. You can use the Cisco Smart Licensing Utility (CSLU) Windows application, or report usage information directly to Cisco Smart Software Manager (CSSM). A provision for offline reporting for air-gapped networks, where you download usage information and upload to CSSM, is also available.
Starting with this release, Smart Licensing Using Policy is automatically enabled on the device. This is also the case when you upgrade to this release.
By default, your Smart Account and Virtual Account in CSSM is enabled for Smart Licensing Using Policy.
Caveats
Caveats describe unexpected behavior in Cisco IOS XE releases.
Open Caveats
Identifier |
Description |
---|---|
Memory Leak under timingd process |
|
IE9300 : Link is down with "GLC-TE" SFP after reload |
Resolved Caveats
Identifier |
Description |
---|---|
"logging alarm informational" command causes the generation of irrelevant information from PTP logs |
|
Cisco IOS XE Software Web UI Privilege Escalation Vulnerability |
Troubleshooting
For the most up-to-date, detailed troubleshooting information, see the Cisco TAC website at this URL:
https://www.cisco.com/en/US/support/index.html
Go to Product Support and select your product from the list or enter the name of your product. Look under Troubleshoot and Alerts, to find information for the problem that you are experiencing.
Related Documentation
Information about Cisco IOS XE at this URL: https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-xe/index.html.
Information about Cisco Catalyst IE9300 Rugged Series Switches is at this URL: https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-xe/index.html
Cisco Validated Designs documents at this URL: https://www.cisco.com/go/designzone
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs