Release Notes for Cisco TrustSec 2.1
General Deployability 2012 Release
The most current version of this document is available at the following URL:
http://www.cisco.com/en/US/docs/switches/lan/trustsec/release/notes/rn_cts_crossplat.html
Contents
This document contains the following sections:
•New Features, Supported Hardware and Software
•Cisco TrustSec How-To Documents
•Caveats - TrustSec 2.1 General Availability 2012 Release
•Related Documentation
New Features, Supported Hardware and Software
For a complete table of features, platforms, and IOS images supported in the TrustSec 2.1 release, see the Cisco TrustSec 2.1 Product Bulletin at the following URL:
http://www.cisco.com/en/US/netsol/ns1051/index.html
See also, the Matrix of Cisco TrustSec-Enabled Infrastructure at the following URL:
http://www.cisco.com/en/US/solutions/ns170/ns896/ns1051/trustsec_matrix.html
Cisco TrustSec How-To Documents
For TrustSec 2.1, a series of "How-to" configuration documents replace the validated deployment and configuration scenarios. Find all Cisco TrustSec "How-To" documents at the following URL:
http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns744/landing_DesignZone_TrustSec.html
TrustSec 2.1 Configuration How-to Guide topics are as follows:
•Introduction
•Planning and Pre-Deployment Checklist
•ISE Base Configuration: ISE Bootstrapping
•Adding ID Stores and Creating Authentication
•Global Switch Configuration
•Base configuration for the Wireless LAN Controller
•Phased Deployment Overview
•Monitor Mode
•Migrating from Monitor Mode
•Low Impact Mode
•Closed Mode
•ISE Profiling Services
•ISE Base Configurations: Promiscuous VMware
•Central Web Authentication
•User Authentication and Authorization to Multiple Active Directory Domains
•ISE Deployment Type and Guideline
•Using Certificates to Differentiate Access
•On-boarding and Provisioning
•Server to Server Segmentation using Security Group Access
•Deploying EAP Chaining with AnyConnect NAM and Cisco ISE
•Failed Authentications & Authorizations
Caveats - TrustSec 2.1 General Availability 2012 Release
Open Caveats
Cisco ASA 5500 Series Adaptive Security Appliances
Release notes for the Cisco ASA 5500 Series Adaptive Security Appliances:
http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html
|
|
|
|
CSCtx87698 |
OS |
8.0(4) |
Simple show commands cause cpu hog from ci/console processes. |
CSCty58660 |
OS |
8.0(86) |
SXP-Core call Stack and cpu-hog for 102K IP-SGT binding in three context |
Cisco Identity Services Engine (Cisco ISE)
Release notes for the Cisco Identity Services Engine (ISE):
http://www.cisco.com/en/US/products/ps11640/prod_release_notes_list.html
Note Cisco TrustSec is referred to as SGA, and CTS in Cisco ISE release notes.
|
|
|
|
CSCty67513 |
TrustSec |
1.1 |
OOB SGA PAC download issues with FF and IE browsers. |
CSCty61980 |
TrustSec |
1.1 |
Can not get OOB SGA PAC for Network Devices after upgrade |
Cisco Catalyst 6500 Series Switches
Release notes for Catalyst 6500 Series switches:
http://www.cisco.com/en/US/products/hw/switches/ps708/prod_release_notes_list.html
|
|
|
|
CSCth18596 |
Dot1x |
15.0(1)SY |
MF: Perf 6K: Authentication sessions failing after clearing sessions |
CSCtz76189 |
Dot1x |
12.2(33)SXJ2 |
Consistent EAP Timeouts during dot1x TrustSec perf tests on Sup720 |
CSCua34922 |
Dot1x |
12.2(50)SY2 |
Ports unable to allow traffic after authorization during TrustSec perf. |
Cisco Nexus 7000 Series Switches
Release notes for Nexus 7000 Series switches:
http://www.cisco.com/en/US/products/ps9402/prod_release_notes_list.html
|
|
|
|
CSCtt06094 |
CTS |
5.2 |
CTS links bundled into L3 port channel, the port will reauthen every 30s |
CSCtz51047 |
CTS |
5.2 |
RBACL programming is missing from hardware |
Cisco Wireless LAN Controller
Release notes for the Cisco Wireless LAN Controller:
http://www.cisco.com/en/US/products/ps10315/prod_release_notes_list.html
|
|
|
|
CSCtx92968 |
Security |
7.2.110.0 |
WLC SXP peering with ASA after long (random) delay |
CSCtz07676 |
Security |
7.2.110.0 |
Controller failed to bring up SXP connection with N7k. |
CSCty53754 |
Security |
7.2.110.0 |
WLC not sending SGT info to the sxp peer switch after roaming |
Related Documentation
Cisco IOS Software Documentation