Guidelines and Limitations
- Support for Dynamic WEP is reintroduced in Cisco Wave1 APs in this release.
- WLAN-AP group association functionality:
– Functionality prior to Release 220.127.116.11—If a WLAN was added to an AP group prior to Release 18.104.22.168, the RF radio policy is set to All after an XML upload/download. This is because the default value of RF policy was not added. This issue was addressed through CSCud37443. However, this corrects only the newly created WLAN-AP group associations and not the previous ones. Therefore, if you have configured a WLAN-AP group association prior to Release 22.214.171.124, you must remove the WLAN from the AP group and add it again in Release 126.96.36.199 or a later release.
– Change in functionality with Release 188.8.131.52—The RF radio policy is by default set to None for all WLAN-AP group associations created in Release 184.108.40.206. Any previous WLAN-AP group associations that are carried over will continue to be set to All unless a WLAN is removed from the AP group and added again.
– If you have configured a WLAN radio policy for an AP group and are upgrading from Release 7.6 or an earlier release to an 8.0 release, the WLAN radio policy configuration is not retained. You will have to manually reconfigure the AP group WLAN radio policy. This issue is not encountered in any of the later releases. That is, if you are upgrading from a Release 8.0 to a later release, the WLAN radio policy configuration for an AP group is retained. This issue is addressed through CSCul59089.
Note The XML upload/download for AP group RF radio policy and WLAN radio are available only from Release 8.0.
- Cisco WLC Release 220.127.116.11, which is configured for new mobility, might revert to old mobility after upgrading to Release 7.6 or later, even though Release 7.6 supports new mobility. This issue occurs when new mobility, which is compatible with the Cisco 5760 Wireless Controller and the Cisco Catalyst 3850 Series Switch, are in use. However, old mobility is not affected.
The workaround is as follows:
a. Enter the following commands:
Primary Boot Image.................. 18.104.22.168
Backup Boot Image................... 22.214.171.124 (default) (active)
b. After the reboot, press Esc on the console, and use the boot menu to select Release 7.6.
c. After booting on Release 7.6, set back the primary boot, and save the configuration by entering the following command:
Note Mobility epings are not available when New Mobility is enabled.
Note If you downgrade from a Cisco WLC release that supports new mobility to a Cisco WLC release that does not support new mobility (for example, Release 7.6 to Release 7.3.x) and you download the 7.6 configuration file with new mobility in enabled state, the release that does not support new mobility will have the new mobility feature in enabled state.
- If you downgrade from Release 126.96.36.199 to a 7.x release, the trap configuration is lost and must be reconfigured.
- If you have ACL configurations in the Cisco WLC and downgrade from a 7.4 or a later release to a 7.3 or an earlier release, you might experience XML errors on rebooting the Cisco WLC. However, these errors do not have any impact on any functionality or configurations.
- If you are upgrading from a 7.4.X or an earlier release to a later release, the Called Station ID type information is mapped to the RADIUS Accounting Called Station ID type; the RADIUS Authentication Called Station ID type, by default, is set to ap-macaddr-ssid. You can configure the RADIUS Authentication Called Station ID type information by using the config radius auth callStationIdType command.
- When FlexConnect access points (known as H-REAP access points in the 7.0.x releases) that are associated with a Cisco WLC that has all the 7.0.x software releases prior to Release 188.8.131.52 upgrade to Release 184.108.40.206, the access points lose the enabled VLAN support configuration. The VLAN mappings revert to the default values of the VLAN of the associated interface. The workaround is to upgrade from Release 220.127.116.11 or a later 7.0.x release to Release 18.104.22.168.
- We recommend that you install Release 22.214.171.124 of Cisco Wireless Controller Field Upgrade Software (FUS), which is a special AES package that contains several system-related component upgrades. These include the bootloader, field recovery image, and FPGA/MCU firmware. Installing the FUS image requires special attention because it installs some critical firmware. The FUS image is independent of the runtime image. For more information, see http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.html.
Note The FUS image installation process reboots the Cisco WLC several times and reboots the runtime image. The entire process takes approximately 30 minutes. We recommend that you install the FUS image in a planned outage window.
Note If you are using a Cisco 2500 Series controller and you intend to use the Application Visibility and Control (AVC) and NetFlow protocol features, you must install Release 126.96.36.199 of Cisco Wireless Controller Field Upgrade Software (FUS). This is not required if you are using other controller hardware models.
Note FUS 2.0 upgrade is required for those WLCs with PIC version 1.0.19 and are impacted by CSCuu46671.
- On Cisco Flex 7500 Series WLCs, if FIPS is enabled, the reduced boot options are displayed only after a bootloader upgrade.
Note Bootloader upgrade is not required if FIPS is disabled.
- If you have to downgrade from one release to another, you might lose the configuration from your current release. The workaround is to reload the previous Cisco WLC configuration files saved on the backup server, or to reconfigure the Cisco WLC.
- It is not possible to directly upgrade to Release 188.8.131.52 release from a release that is earlier than Release 184.108.40.206.
- You can upgrade or downgrade the Cisco WLC software only between certain releases. In some instances, you must first install an intermediate release prior to upgrading to Release 220.127.116.11. Table 6 shows the upgrade path that you must follow before downloading Release 18.104.22.168.
If you upgrade from a release that is prior to Release 7.5 directly to Release 7.6.X or a later release, the predownload process on Cisco AP2600 and AP3600 fails. After the Cisco WLC is upgraded to Release 7.6.X or a later release, the new image is loaded on Cisco AP2600 and AP3600. After the upgrade to a Release 7.6.X image, the predownload functionality works as expected. The predownload failure is only a one-time failure, which is limited to the predownload process.
Table 6 Upgrade Path to Cisco WLC Software Release 22.214.171.124
Upgrade Path to 126.96.36.199 Software
You can upgrade directly to 188.8.131.52.
You can upgrade directly to 184.108.40.206.
You can upgrade directly to 220.127.116.11.
- When you upgrade the Cisco WLC to an intermediate software release, you must wait until all of the access points that are associated with the Cisco WLC are upgraded to the intermediate release before you install the latest Cisco WLC software. In large networks, it can take some time to download the software to all access points.
- You can upgrade to a new release of the Cisco WLC software or downgrade to an earlier release even if Federal Information Processing Standard (FIPS) is enabled.
- When you upgrade to the latest software release, the software on the access points associated with the Cisco WLC is also automatically upgraded. When an access point is loading software, each of its LEDs blinks in succession.
- We recommend that you access the Cisco WLC GUI using Microsoft Internet Explorer 9 or a later version or Mozilla Firefox 17 or a later version.
Note Older browsers, for example Microsoft Internet Explorer 8, might fail to connect over HTTPS because of compatibility issues. In such cases, you can explicitly enable SSLv3 by entering the config network secureweb sslv3 enable command.
- Cisco WLCs support standard SNMP Management Information Base (MIB) files. MIBs can be downloaded from the Software Center on Cisco.com.
- The Cisco WLC software is factory installed on your Cisco WLC and is automatically downloaded to the access points after a release upgrade and whenever an access point joins a Cisco WLC. We recommend that you install the latest software version available for maximum operational benefit.
- Ensure that you have a TFTP, FTP, or SFTP server available for the software upgrade. Follow these guidelines when setting up a server:
– Ensure that your TFTP server supports files that are larger than the size of Cisco WLC software Release 18.104.22.168. Some TFTP servers that support files of this size are tftpd32 and the TFTP server within the Prime Infrastructure. If you attempt to download the 22.214.171.124 Cisco WLC software and your TFTP server does not support files of this size, the following error message appears:
“TFTP failure while storing in flash.”
– If you are upgrading through the distribution system network port, the TFTP or FTP server can be on any subnet because the distribution system port is routable.
- When you plug a Cisco WLC into an AC power source, the bootup script and power-on self test is run to initialize the system. During this time, press Esc to display the bootloader Boot Options menu. The menu options for the Cisco 5500 Series WLC differ from the menu options for the other Cisco WLC platforms.
Bootloader menu for Cisco 5500 Series WLC:
Please choose an option from below:
3. Change active boot image
6. Manually update images
Please enter your choice:
Bootloader menu for other Cisco WLC platforms:
Please choose an option from below:
3. Manually update images
4. Change active boot image
Please enter your choice:
Enter 1 to run the current software, enter 2 to run the previous software, enter 4 (on a 5500 series Cisco WLC), or enter 5 (on another Cisco WLC platform) to run the current software and set the Cisco WLC configuration to factory defaults. Do not choose the other options unless directed to do so.
Note See the Installation Guide or the Quick Start Guide pertaining to your Cisco WLC platform for more details on running the bootup script and power-on self test.
- The Cisco WLC bootloader stores a copy of the active primary image and the backup image. If the primary image becomes corrupted, you can use the bootloader to boot with the backup image.
With the backup image stored before rebooting, choose Option 2: Run Backup Image from the boot menu to boot from the backup image. Then, upgrade with a known working image and reboot the Cisco WLC.
- You can reduce the network downtime using the following options:
– You can predownload the AP image.
– For FlexConnect access points, use the FlexConnect AP upgrade feature to reduce traffic between the Cisco WLC and the AP (main site and the branch). For more information about the FlexConnect AP upgrade feature, see the Cisco Wireless Controller FlexConnect Configuration Guide.
Note Predownloading Release 126.96.36.199 on a Cisco Aironet 1240 access point is not supported when upgrading from a previous Cisco WLC release. If predownloading is attempted on a Cisco Aironet 1240 access point, an AP disconnect will occur momentarily.
- Do not power down the Cisco WLC or any access point during the upgrade process; otherwise, you might corrupt the software image. Upgrading a Cisco WLC with a large number of access points can take as long as 30 minutes, depending on the size of your network. However, with the increased number of concurrent access point upgrades supported, the upgrade time should be significantly reduced. The access points must remain powered, and the Cisco WLC must not be reset during this time.
- If you want to downgrade from Release 188.8.131.52 to Release 6.0 or an earlier release, perform either of these tasks:
– Delete all the WLANs that are mapped to interface groups, and create new ones.
– Ensure that all the WLANs are mapped to interfaces rather than interface groups.
- After you perform these functions on the Cisco WLC, you must reboot the Cisco WLC for the changes to take effect:
– Enable or disable link aggregation (LAG)
– Enable a feature that is dependent on certificates (such as HTTPS and web authentication)
– Add a new license or modify an existing license
– Increase the priority for a license
– Enable the HA
– Install the SSL certificate
– Configure the database size
– Install the vendor-device certificate
– Download the CA certificate
– Upload the configuration file
– Install the Web Authentication certificate
– Make changes to the management interface or the virtual interface
– For TCP MSS to take effect
Upgrading to Cisco WLC Software Release 184.108.40.206 (GUI)
Step 1 Upload your Cisco WLC configuration files to a server to back them up.
Note We highly recommend that you back up your Cisco WLC configuration files prior to upgrading the Cisco WLC software.
Step 2 Follow these steps to obtain the 220.127.116.11 Cisco WLC software:
a. Click this URL to go to the Software Center:
b. Choose Wireless from the center selection window.
c. Click Wireless LAN Controllers.
The following options are available:
– Integrated Controllers and Controller Modules
– Standalone Controllers
d. Depending on your Cisco WLC platform, select one of these options.
e. Click the Cisco WLC model number or name.
The Download Software page is displayed.
f. Click a Cisco WLC software release number. The software releases are labeled as follows to help you determine which release to download:
- Early Deployment (ED) —These software releases provide new features and new hardware platform support as well as bug fixes.
- Maintenance Deployment (MD) —These software releases provide bug fixes and ongoing software maintenance.
- Deferred (DF) —These software releases have been deferred. We recommend that you migrate to an upgraded release.
g. Click a software release number.
h. Click the filename ( filename.aes).
i. Click Download.
j. Read the Cisco End User Software License Agreement and click Agree.
k. Save the file to your hard drive.
l. Repeat steps a. through k. to download the remaining file.
Step 3 Copy the Cisco WLC software file ( filename.aes) to the default directory on your TFTP, FTP, or SFTP server.
Step 4 (Optional) Disable the Cisco WLC 802.11a/n and 802.11b/g/n networks.
Note For busy networks, Cisco WLCs with high utilization, or small Cisco WLC platforms, we recommend that you disable the 802.11a/n and 802.11b/g/n networks as a precautionary measure.
Step 5 Choose Commands > Download File to open the Download File to Controller page.
Step 6 From the File Type drop-down list, choose Code.
Step 7 From the Transfer Mode drop-down list, choose TFTP, FTP, or SFTP.
Step 8 In the IP Address text box, enter the IP address of the TFTP, FTP, or SFTP server.
Step 9 If you are using a TFTP server, the default values of 10 retries for the Maximum Retries text field, and 6 seconds for the Timeout text field should work correctly without any adjustment. However, you can change these values if desired. To do so, enter the maximum number of times that the TFTP server attempts to download the software in the Maximum Retries text box and the amount of time (in seconds) that the TFTP server attempts to download the software, in the Timeout text box.
Step 10 In the File Path text box, enter the directory path of the software.
Step 11 In the File Name text box, enter the name of the software file ( filename.aes).
Step 12 If you are using an FTP server, follow these steps:
a. In the Server Login Username text box, enter the username to log on to the FTP server.
b. In the Server Login Password text box, enter the password to log on to the FTP server.
c. In the Server Port Number text box, enter the port number on the FTP server through which the download occurs. The default value is 21.
Step 13 Click Download to download the software to the Cisco WLC.
A message appears indicating the status of the download.
Step 14 After the download is complete, click Reboot.
Step 15 If you are prompted to save your changes, click Save and Reboot.
Step 16 Click OK to confirm your decision to reboot the Cisco WLC.
Step 17 For Cisco WiSM2 on the Catalyst switch, check the port channel and re-enable the port channel if necessary.
Step 18 If you have disabled the 802.11a/n and 802.11b/g/n networks in (Optional) Disable the Cisco WLC 802.11a/n and 802.11b/g/n networks., re-enable them.
Step 19 To verify that the 18.104.22.168 Cisco WLC software is installed on your Cisco WLC, click Monitor on the Cisco WLC GUI and view the Software Version field under Controller Summary.