About the Release Notes

This release notes document describes what is new or changed in this release, instructions to upgrade to this release, and open and resolved caveats for this release. Unless otherwise noted, in this document, Cisco Wireless Controllers are referred to as controllers, and Cisco lightweight access points are referred to as access points or APs.

Content Hub

Explore the Content Hub, the all-new product documentation portal in which you can use faceted search to locate content that is most relevant to you, create customized PDFs for ready reference, benefit from context-based recommendations, and much more.

Get started with the Content Hub at https://content.cisco.com/ to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.

Revision History

Table 1. Revision History

Modification Date

Modification Details

October 30, 2018

Open Caveats—Added CSCvh65876, CSCvi97023, CSCvj95336, CSCvi49059, CSCvh21953

Resolved Caveats—Added CSCvf66680, CSCvf66696, CSCve64652, CSCvf66723

July 24, 2018

Added the CIMC Utility Upgrade for 5520 and 8540 Controllers section.

March 13, 2018

Supported Cisco Access Point Platforms section—Added information about support for Integrated Access Point on Cisco 1100 Integrated Services Router.

January 29, 2018

Key Features Not Supported in Cisco Virtual WLC—Modified information about FlexConnect central switching.

Supported Cisco Wireless Controller Platforms

The following Cisco Wireless Controller platforms are supported in this release:

  • Cisco 3504 Wireless Controller

  • Cisco 5520 Wireless Controller

  • Cisco 8540 Wireless Controller

  • Cisco Virtual Wireless Controller (vWLC) on the following platforms:

    • VMware vSphere Hypervisor (ESXi) Version 5.x and 6.x

    • Hyper-V on Microsoft Servers 2012 and later versions


      Support introduced in Release 8.4.
    • Kernel-based virtual machine (KVM)


      Support introduced in Release 8.1. After KVM is deployed, we recommend that you do not downgrade to a Cisco Wireless release that is earlier than Release 8.1.
  • Cisco Wireless Controllers for High Availability for Cisco 3504 WLC, Cisco 5520 WLC, and Cisco 8540 WLC.

  • Cisco Mobility Express Solution

Supported Cisco Access Point Platforms

The following Cisco AP platforms are supported in this release:

  • Cisco Aironet 700 Series Access Points

  • Cisco Aironet 700W Series Access Points

  • Cisco AP803 Integrated Access Point

  • Integrated Access Point on Cisco 1100 Integrated Services Router

  • Cisco Aironet 1700 Series Access Points

  • Cisco Aironet 1800 Series Access Points

  • Cisco Aironet 1810 Series OfficeExtend Access Points

  • Cisco Aironet 1810W Series Access Points

  • Cisco Aironet 1815 Series Access Points

  • Cisco Aironet 1830 Series Access Points

  • Cisco Aironet 1850 Series Access Points

  • Cisco Aironet 2700 Series Access Points

  • Cisco Aironet 2800 Series Access Points

  • Cisco Aironet 3700 Series Access Points

  • Cisco Aironet 3800 Series Access Points

  • Cisco ASA 5506W-AP702

  • Cisco Aironet 1530 Series Access Points

  • Cisco Aironet 1540 Series Access Points

  • Cisco Aironet 1560 Series Access Points

  • Cisco Aironet 1570 Series Access Points

  • Cisco Industrial Wireless 3700 Series Access Points


For information about Cisco Wireless software releases that support specific Cisco access point modules, see the "Software Release Support for Specific Access Point Modules" section in the Cisco Wireless Solutions Software Compatibility Matrix document.

What's New in Release

This section provides a brief introduction to the new features and enhancements introduced in this release.


For complete listing of all the documentation published for Cisco Wireless Release 8.6, see the Documentation Roadmap: https://www.cisco.com/c/en/us/td/docs/wireless/doc-roadmap/doc-roadmap-release-86.html


From this release onwards, the following controllers and APs are not supported:

  • controllers not supported:

    • Cisco 2504 Wireless Controller

    • Cisco 5508 Wireless Controller

    • Cisco Flex 7510 Wireless Controller

    • Cisco 8510 Wireless Controller

    • Cisco WiSM2

  • Cisco Aironet APs not supported:

    • Cisco Aironet 1600 Series AP

    • Cisco Aironet 2600 Series AP

    • Cisco Aironet 3500 Series AP

    • Cisco 3600 Series AP

    • AP802 Integrated AP

    • Cisco Aironet 1550 Series AP


The New Mobility feature is not supported in Release 8.6 and later releases.

Cisco Wave 2 AP Features

  • AP 802.1X supplicant feature supported in Cisco Wave 2 APs—In the 802.1X authentication scenario between an AP and a Cisco switch, the AP acts as an 802.1X supplicant and is authenticated by the switch using Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) with anonymous Protected Access Credentials (PAC) provisioning. From this release, this feature is available in Cisco Wave 2 APs too.

    For more information, see the "AP 802.1X Supplicant" section in the Cisco Wireless Controller Configuration Guide.

    For more information about IEEE 802.1X port-based authentication, see the "Configuring IEEE 802.1X Port-Based Authentication" chapter in the 802.1X Authentication Services Configuration Guide, Cisco IOS Release 15E.

  • Upgrade Cisco AP and WLC software using Rolling AP Upgrade—In Cisco Prime Infrastructure 3.3, you can upgrade Cisco AP and WLC software using the Rolling AP Upgrade feature. To prevent APs from rebooting simultaneously, you can instead add APs to upgrade groups. The AP upgrade groups reboot sequentially in the order of your preference.

    For more information, see the "Upgrade Controller Software using Rolling AP Upgrade" section in the Cisco Prime Infrastructure 3.3 User Guide.

  • Spectrum Intelligence on Cisco Aironet 18x0 and 1540 Series APs—In this release, Spectrum Intelligence is supported in Cisco Aironet 18x0 and 1540 Series APs.

    For more information, see the "Configuring Spectrum Intelligence" section in the Cisco Wireless Controller Configuration Guide.

  • CMX FastLocate on Cisco Aironet 2800 and 3800 Series APs—In this release, CMX FastLocate is supported in Cisco Aironet 2800 and 3800 Series APs. For more information about CMX FastLocate, see the CMX FastLocate Deployment Guide.

Custom NAS-ID for RADIUS Accounting Using Downloadable RADIUS AVP

Prior to this release, the NAS-ID field contained the configured NAS-ID or system name if they are not set on WLAN for inclusion in RADIUS accounting messages. In this release, the NAS-ID field is enhanced so that you can configure some key parameters such as the AP name and AP IP address for the RADIUS accounting messages.

In the controller GUI, choose Security > AAA > RADIUS > Downloaded AVP > Acct AVP to view the downloaded new RADIUS attribute.

This enhancement has the following advantages:

  • Flexibility per WLAN to choose NAS ID field subtypes

  • Easy to configure, store, upload, and download

  • Download when a new WLAN is created; controller reboot is not required

  • RADIUS AVP file in the controller can be uploaded and is persistent across reboot

For more information, see the "Custom NAS-ID for RADIUS Accounting Using Downloadable RADIUS AVP" section in the Cisco Wireless Controller Configuration Guide.

Multisession ID Support

Prior to this release, audit-session-id was shared across mobility peers along with pairwise master key (PMK). Whenever PMK cache is not created, for example for client security such as open authentication or web authentication, the audit-session-id is not shared. In central web authentication (CWA), the AAA server depends on the audit-session-id to identify the authenticated clients. If controller uses a new audit-session-id for authentication, the AAA server forces the client for reauthentication. In this release, a multisession ID is introduced to be used in the RADIUS server, to support intercontroller client roaming in case of open + MAC filtering with CWA.

For more information, see the "Multisession ID" section in the Cisco Wireless Controller Configuration Guide.

Minimum Interval Setting for Volume Metering

Prior to this release, the minimum RADIUS accounting interval that you could configure was 180 seconds. In this release, the minimum interval that you can configure is 60 seconds. controller honors the Acct-Interim-Interval AVP from RADIUS and sends the accounting interim update at the configured interim interval.

For more information, see the "Timers" chapter in the Cisco Wireless Controller Configuration Guide.

Securing Network Protocols

  • Securing the password fields—The maximum number of characters that you can use for the password fields of the following is now set to 127:

    • Administrator user

    • Local network user

    • Local management user

    • RADIUS (authentication, accounting, and DNS) shared secret

    • TACACS+ (authentication, accounting, authorization, and DNS) shared secret

    • IPSec shared secret

    • LDAP bind

    • Local EAP

    • SXP


    If you want to downgrade from Release 8.6 to Release 8.5 or an earlier release, ensure that you have a management user account password that is less than or equal to 24 characters to be compatible with the earlier releases. Else, during the downgrade and before you can reboot the controller, you will be prompted with the following message:

    "Warning!!! Please Configure Mgmt user compatible with older release"

  • NTP Version 4—NTP Version 4 is supported in this release. NTP Version 4 supports both IPv4 and IPv6 servers. For more information, see the "Network Time Protocol Setup" chapter in the Cisco Wireless Controller Configuration Guide.

  • SSH vulnerability addressed—Prior to this release, connections were allowed without requiring a username and password. After a connection is set up, a Telnet connection to the local host is initiated. In this release, this vulnerability is addressed, wherein a username and a password are required to allow a connection.

EoGRE Enhancements

  • EoGRE deployment with multiple TGW—Prior to this release, controller used to send keepalive pings to all the tunnel gateways (TGWs) configured on controller. In this release, keepalive pings are sent only to those TGWs that are mapped to the WLANs that are in enabled state.

    When a WLAN is disabled or deleted in controller, periodic keepalive pings are stopped to the TGW that is mapped to the WLAN.

  • DHCP Option 82 for EoGRE Tunnel in Cisco Wave 2 APs—In this release, DHCP Option 82 for EoGRE Tunnel is supported in Cisco Wave 2 APs.

Diagnostic Support Bundle

Some commonly collected diagnostic information of various types can be made available in a single bundle that you can upload from controller. The diagnostic information that can you can include in the bundle are core files, crash files, show run-config and config commands, msglog, and traplog.

For more information, see the "Uploading Diagnostic Support Bundle" section in the Cisco Wireless Controller Configuration Guide.

Mesh Leaf Node Support on IR829 AP803 and IW3700 Series APs

Support is added to IR829 AP803 and IW3700 Series APs to configure mesh APs with lower performance to work only as a leaf node, to prevent the wireless backhaul performance from being downgraded.

For more information, see the "Configuring Mesh Leaf Node" section in the Cisco Wireless Controller Configuration Guide.

Software Release Types and Recommendations

Table 2. Release Types

Release Type



Maintenance Deployment (MD)

Software releases that provide bug-fix support and ongoing software maintenance. These releases are categorized as Maintenance Deployment (MD)

These are long-living releases with ongoing software maintenance.

Provides you with a software release that offers stability and long support duration with periodic maintenance releases (MRs).

Early Deployment (ED)

Software releases that provide new features and new hardware platform support in addition to bug fixes. These releases are categorized as Early Deployment (ED).

These are short-lived releases.

Allows you to deploy the latest features and new hardware platforms or modules.

For detailed release recommendations, see the Guidelines for Cisco Wireless Software Release Migration Bulletin at: http://www.cisco.com/c/en/us/products/collateral/wireless/8500-series-wireless-controllers/bulletin-c25-730741.html

Table 3. Upgrade Path to Cisco WLC Software Release

Current Software Release

Upgrade Path to Software

You need to upgrade to Release prior to upgrading to Release or later.


You can upgrade directly to Release

Upgrading Cisco WLC Software Release

This section describes the guidelines and limitations that you need to be aware of when you are upgrading the Cisco WLC software and the procedure to upgrade to this release.

Guidelines and Limitations

  • In Release 8.6, FlexConnect local switching ARP cache is enabled by default. Therefore, if you upgrade to Release 8.6 from an earlier release, FlexConnect local switching ARP cache, if disabled, is enabled automatically.

    If you downgrade from Release 8.6 to an earlier release, FlexConnect local switching ARP cache is disabled. If required, you must manually enable the feature on the corresponding earlier release.

  • In Release 8.6, the maximum number of characters for a management user account password is changed to 127 characters. If you want to downgrade from Release 8.6 to Release 8.5 or an earlier release, ensure that your management user account password is less than or equal to 24 characters to be compatible with the earlier releases. Else, during the downgrade, before you can reboot Cisco WLC, you will be prompted with the following message:

    "Warning!!! Please Configure Mgmt user compatible with older release"
  • In Release 8.6 and later releases, legacy clients that require RC4 or 3DES encryption types are not supported in Local EAP authentication.

  • If you are using Release 8.4 and want to upgrade to a later release, it is necessary that you upgrade to Release and then move to a later release.


    This restriction is applicable only to Release 8.4 and not any other release.
  • The filenames of Cisco Aironet 1700, 2700, 3700, and IW3702 AP software images have been changed from ap3g2-x to c3700-x format. Therefore, if you are upgrading to Release 8.5 or a later release from Release 8.3 or an earlier release, these APs will download the image twice and reboot twice.

  • The AAA database size is increased from 2048 entries to 12000 entries for these Cisco WLCs: Cisco 5520 and 8540. Therefore, if you downgrade from Release 8.6 to an earlier release that does not include this enhancement, you might lose most of the AAA database configuration, including management user information. To retain at least 2048 entries, including management user information, we recommend that you follow these downgrade instructions and back up the configuration file before proceeding with the downgrade:

    1. From Release 8.6, downgrade to one of the following releases, which support 2048 database size and include the enhancement.

      • Release or a later 8.5 release

      • Release 8.4

      • Release or a later 8.3 release

      • Release or a later 8.2 release

      • Release or a later 8.0 release

    2. Downgrade to a release of your choice.

  • This release supports additional configuration options for 802.11r FT enable and disable. The additional configuration option is not valid for releases earlier than Release 8.4. If you downgrade from Release 8.6 to Release 8.2 or an earlier release, the additional configuration option is invalidated and defaulted to FT disable. When you reboot Cisco WLC with the downgraded image, invalid configurations are printed on the console. We recommend that you ignore this because there is no functional impact, and the configuration defaults to FT disable.

  • If you downgrade from Release 8.6 to a 7.x release, the trap configuration is lost and must be reconfigured.

  • If you have an IPv6-only network and are upgrading to Release 8.4 or a later release, ensure that you perform the following activities:

    • Enable IPv4 and DHCPv4 on the network—Load a new Cisco WLC software image on all the Cisco WLCs or perform a predownload of AP images on the corresponding Cisco WLCs.

    • Reboot Cisco WLC immediately or at a preset time.

    • Ensure that all Cisco APs are associated with Cisco WLC.

    • Disable IPv4 and DHCPv4 on the network.

  • After downloading the new software to the Cisco APs, it is possible that a Cisco AP may get stuck in an upgrading image state. In such a scenario, it might be necessary to forcefully reboot Cisco WLC to download a new image or to reboot Cisco WLC after the download of the new image. You can forcefully reboot Cisco WLC by entering the reset system forced command.

  • It is not possible to download some of the older configurations from Cisco WLC because of the Multicast and IP address validations. See the "Restrictions on Configuring Multicast Mode" section in the Cisco Wireless Controller Configuration Guide for detailed information about platform support for global multicast and multicast mode.

  • If you upgrade from Release to a later release, the config redundancy mobilitymac mac-addr command's setting is removed. You must manually reconfigure the mobility MAC address after the upgrade.

  • If you are upgrading from Release or 8.0.15x.0 to a later release and also have the multiple country code feature configured, the feature configuration is corrupted after the upgrade. For more information, see CSCve41740.

  • If you are upgrading from a 7.4.x or an earlier release to a release later than 7.4, the Called Station ID type information is mapped to the RADIUS Accounting Called Station ID type, which, by default, is set to apradio-mac-ssid. You can configure the RADIUS Authentication Called Station ID type information by using the config radius auth callStationIdType command.

  • When a client sends an HTTP request, the Cisco WLC intercepts it for redirection to the login page. If the HTTP GET request that is intercepted by the Cisco WLC is longer than 2000 bytes, the Cisco WLC drops the packet. Track CSCuy81133 for a possible enhancement to address this restriction.

  • We recommend that you install Cisco Wireless Controller Field Upgrade Software (FUS), which is a special AES package that contains several system-related component upgrades. These include the bootloader, field recovery image, and FPGA or MCU firmware. Installing the FUS image requires special attention because it installs some critical firmware. The FUS image is independent of the runtime image. For more information about FUS and the applicable Cisco WLC platforms, see the Field Upgrade Software release notes listing.

  • When downgrading from one release to another, you might lose the configuration from your current release. The workaround is to reload the previous Cisco WLC configuration files that are saved in the backup server, or to reconfigure Cisco WLC.

  • It is not possible to directly upgrade to this release from a release that is earlier than Release

  • When you upgrade Cisco WLC to an intermediate release, wait until all the APs that are associated with Cisco WLC are upgraded to the intermediate release before you install the latest Cisco WLC software. In large networks, it can take some time to download the software on each AP.

  • You can upgrade to a new release of the Cisco WLC software or downgrade to an earlier release even if FIPS is enabled.

  • When you upgrade to the latest software release, the software on the APs associated with Cisco WLC is also automatically upgraded. When an AP is loading software, each of its LEDs blinks in succession.

  • We recommend that you access the Cisco WLC GUI using Microsoft Internet Explorer 11 or a later version, or Mozilla Firefox 32 or a later version.

  • Cisco WLCs support standard SNMP MIB files. MIBs can be downloaded from the software download page on Cisco.com.

  • The Cisco WLC software is factory installed on your Cisco WLC and is automatically downloaded to the APs after a release upgrade and whenever an AP joins a Cisco WLC. We recommend that you install the latest software version available for maximum operational benefit.

  • Ensure that you have a TFTP, HTTP, FTP, or SFTP server available for the software upgrade. Follow these guidelines when setting up a server:

    • Ensure that your TFTP server supports files that are larger than the size of Cisco WLC software image. Some TFTP servers that support files of this size are tftpd32 and the TFTP server within Cisco Prime Infrastructure. If you attempt to download the Cisco WLC software image and your TFTP server does not support files of this size, the following error message appears:

      TFTP failure while storing in flash

    • If you are upgrading through the distribution system network port, the TFTP or FTP server can be on the same subnet or a different subnet because the distribution system port is routable.

  • The Cisco WLC Bootloader stores a copy of the active primary image and the backup image. If the primary image becomes corrupted, you can use the Bootloader to boot with the backup image.

    With the backup image stored before rebooting, choose Option 2: Run Backup Image from the Boot Options menu to boot from the backup image. Then, upgrade with a known working image and reboot Cisco WLC.

  • You can control the addresses that are sent in the Control and Provisioning of Wireless Access Points (CAPWAP) discovery responses when NAT is enabled on the Management Interface, using the following command:

    config network ap-discovery nat-ip-only {enable | disable}

    The following are the details of the command:

    enable —Enables use of NAT IP only in a discovery response. This is the default. Use this command if all the APs are outside the NAT gateway.

    disable —Enables use of both NAT IP and non-NAT IP in a discovery response. Use this command if APs are on the inside and outside the NAT gateway, for example, Local Mode and OfficeExtend APs are on the same Cisco WLC.


    To avoid stranding of APs, you must disable AP link latency (if enabled) before you use the disable option in the config network ap-discovery nat-ip-only command. To disable AP link latency, use the config ap link-latency disable all command.
  • Do not power down Cisco WLC or any AP during the upgrade process. If you do this, the software image might get corrupted. Upgrading Cisco WLC with a large number of APs can take as long as 30 minutes, depending on the size of your network. However, with the increased number of concurrent AP upgrades supported, the upgrade time should be significantly reduced. The APs must remain powered, and Cisco WLC must not be reset during this time.

  • To downgrade from this release to Release 6.0 or an earlier release, perform either of these tasks:

    • Delete all the WLANs that are mapped to interface groups, and create new ones.

    • Ensure that all the WLANs are mapped to interfaces rather than interface groups.

  • After you perform the following functions on Cisco WLC, reboot it for the changes to take effect:

    • Enable or disable LAG

    • Enable a feature that is dependent on certificates (such as HTTPS and web authentication)

    • Add a new license or modify an existing license


      Reboot is not required if you are using Right-to-Use licenses.\
    • Increase the priority of a license

    • Enable HA

    • Install the SSL certificate

    • Configure the database size

    • Install the vendor-device certificate

    • Download the CA certificate

    • Upload the configuration file

    • Install the Web Authentication certificate

    • Make changes to the management interface or the virtual interface

  • From Release 8.3 or a later release, ensure that the configuration file that you back up does not contain the < or > special characters. If either of the special characters is present, the download of the backed up configuration file fails.

Upgrading Cisco WLC Software (GUI)


Step 1

Upload your Cisco WLC configuration files to a server to back up the configuration files.

We highly recommend that you back up your Cisco WLC configuration files prior to upgrading the Cisco WLC software.
Step 2

Follow these steps to obtain Cisco Wireless software:

  1. Browse to Cisco Software Central at: https://software.cisco.com/download/navigator.html.

  2. Click Software Download.

  3. On the Download Software page, choose Wireless > Wireless LAN Controller.

    The following options are displayed. Depending on your Cisco WLC platform, select one of these options:

    • Integrated Controllers and Controller Modules

    • Mobility Express

    • Standalone Controllers

  4. Select the Cisco WLC model number or name.

  5. Click Wireless LAN Controller Software.

  6. The software releases are labeled as described here to help you determine which release to download. Click a Cisco WLC software release number:

    • Early Deployment (ED)—These software releases provide new features and new hardware platform support as well as bug fixes.

    • Maintenance Deployment (MD)—These software releases provide bug fixes and ongoing software maintenance.

    • Deferred (DF)—These software releases have been deferred. We recommend that you migrate to an upgraded release.

  7. Click the filename <filename.aes>.

  8. Click Download.

  9. Read the Cisco End User Software License Agreement and click Agree.

  10. Save the file to your hard drive.

  11. Repeat steps a through j to download the remaining file.

Step 3

Copy the Cisco WLC software file <filename.aes> to the default directory on your TFTP, FTP, or SFTP server.

Step 4

(Optional) Disable the Cisco WLC 802.11 networks.

For busy networks, Cisco WLCs on high utilization, and small Cisco WLC platforms, we recommend that you disable the 802.11 networks as a precautionary measure.
Step 5

Choose Commands > Download File to open the Download File to Controller page.

Step 6

From the File Type drop-down list, choose Code.

Step 7

From the Transfer Mode drop-down list, choose TFTP, FTP, or SFTP.

Step 8

In the IP Address field, enter the IP address of the TFTP, FTP, or SFTP server.

Step 9

If you are using a TFTP server, the default value of 10 retries for the Maximum Retries field, and 6 seconds for the Timeout field should work correctly without any adjustment. However, you can change these values, if required. To do so, enter the maximum number of times the TFTP server attempts to download the software in the Maximum Retries field and the amount of time (in seconds) for which the TFTP server attempts to download the software, in the Timeout field.

Step 10

In the File Path field, enter the directory path of the software.

Step 11

In the File Name field, enter the name of the software file <filename.aes>.

Step 12

If you are using an FTP server, perform these steps:

  1. In the Server Login Username field, enter the username with which to log on to the FTP server.

  2. In the Server Login Password field, enter the password with which to log on to the FTP server.

  3. In the Server Port Number field, enter the port number on the FTP server through which the download occurs. The default value is 21.

Step 13

Click Download to download the software to the Cisco WLC.

A message indicating the status of the download is displayed.

Ensure that you choose the File Type as Code for both the images.
Step 14

After the download is complete, click Reboot.

Step 15

If you are prompted to save your changes, click Save and Reboot.

Step 16

Click OK to confirm your decision to reboot the Cisco WLC.

Step 17

If you have disabled the 802.11 networks, reenable them.

Step 18

To verify that the Cisco WLC software is installed on your Cisco WLC, on the Cisco WLC GUI, click Monitor and view the Software Version field under Controller Summary.

CIMC Utility Upgrade for 5520 and 8540 Controllers

The AIR-CT5520-K9 and AIR-CT8540-K9 controller models are based on Cisco UCS server C series, C220 and C240 M4 respectively. These controller models have CIMC utility that can edit or monitor low-level physical parts such as power, memory, disks, fan, temperature, and provide remote console access to the controllers.

We recommend that you upgrade the CIMC utility to Version 3.0(4d) that has been certified to be used with these controllers. Controllers that have older versions of CIMC installed are susceptible to rebooting without being able to access FlexFlash, with the result that the manufacturing certificates are unavailable, and thus SSH and HTTPS connections will fail, and access points will be unable to join. See: CSCvo33873.

The CIMC 3.0(4d) images are available at the following locations

Table 4. CIMC Utility Software Image Information


Link to Download the CIMC Utility Software Image

Cisco 5520 Wireless Controller


Cisco 8540 Wireless Controller


For information about upgrading the CIMC utility, see the "Updating the Firmware on Cisco UCS C-Series Servers" chapter in the Cisco Host Upgrade Utility 3.0 User Guide:


Updating Firmware Using the Update All Option

This section mentions specific details when using CIMC utility with Cisco 5520 or 8540 controllers. For general information about the software and UCS chassis, see Release Notes for Cisco UCS C-Series Software, Release 3.0(4) at:


Table 5. Open Caveats for Release 3.0(4d)

Caveat ID



After upgrading CIMC to 3.04d, only after power reset, UCS-based controller is coming up.


Not able to logon to the CIMC GUI with the username and password that are configured from the controller.

Table 6. Resolved Caveats for Release 3.0(4d)

Caveat ID



Symptom: The system will stop working or reboot during OS operation with PROCHOT, MEMHOT, and DMI Timeout-related events reported in the System Event Log (SEL).

Conditions: C220-M4 or C240-M4

Workaround: No workaround is available.

This bug fix changes the default BIOS option for ASPM (Active State Power Management) from 'L1 only' to 'Disabled', and the ASPM setting can no longer be modified. This change was made to help increase system stability and eliminate some system crash scenarios.


Symptom: The system will stop working or reboot during OS operation with PROCHOT, MEMHOT, and DMI Timeout-related events reported in the System Event Log (SEL).

Conditions: C220-M4 or C240-M4

Workaround: No workaround is available.

This bug fix changes the BIOS option "Package C-State limit" default value from C6 Retention to C0/C1 to help increase system stability and eliminate some crash scenarios.

Once upgraded, reset the BIOS settings to default or manually change Package C-State limit to C0/C1.

Interoperability with Other Clients

This section describes the interoperability of Cisco WLC software with other client devices.

The following table describes the configuration used for testing the client devices.

Table 7. Test Bed Configuration for Interoperability

Hardware/Software Parameter

Hardware/Software Configuration Type


Cisco WLC

Cisco 5520 Wireless Controller

Access Points

AIR-CAP3802E-B-K9, AIR-AP1852E-B-K9, AIR-CAP3602E-A-K9


802.11ac, 802.11a, 802.11g, 802.11n (2.4 GHz / 5.0 GHz)




ACS 5.3, ISE 2.2, ISE 2.3

Types of tests

Connectivity, traffic (ICMP), and roaming between two APs

The following table lists the client types on which the tests were conducted. Client types included laptops, handheld devices, phones, and printers.

Table 8. Client Types

Client Type and Name



Intel 6300
Intel 6205
Intel 7260
Intel 7265
Intel 3160
Intel 8260
Broadcom 4360
Dell 1520/Broadcom 43224HMS
Dell 1530 (Broadcom BCM4359)
Dell 1560
Dell 1540
Samsung Chromebook 55.0.2883.103
HP Chromebook 55.0.2883.103
MacBook Pro OSX 10.11.6
MacBook Air old OSX 10.11.5
MacBook Air new OSX 10.11.5
Macbook Pro with Retina Display OSX 10.12
Macbook New 2015 OSX 10.12.4


HP Color LaserJet Pro M452nw


Apple iPad2 iOS 10
Apple iPad3 iOS 10
Apple iPad mini with Retina display iOS 10
Apple iPad Air iOS 10
Apple iPad Air 2 iOS 11
Apple iPad Pro iOS 11
Samsung Galaxy Tab Pro SM-T320 Android 4.4.2
Samsung Galaxy Tab 10.1- 2014 SM-P600 Android 4.4.2
Samsung Galaxy Note 3 - SM-N900 Android 5.0
Microsoft Surface Pro 3 Windows 8.1
Driver: 15.68.3093.197
Microsoft Surface Pro 2 Windows 8.1
Driver: 14.69.24039.134
Microsoft Surface Pro 4 Windows 10
Driver: 15.68.9040.67
Google Nexus 9 Android 6.0.1
Google 10.2" Pixel C Andriod 7.1.1
Toshiba Thrive AT105 Android 4.0.4

Mobile Phones

Cisco 7926G CP7925G-
Cisco 7925G-EX CP7925G-
Cisco 8861 Sip88xx.10-2-1-16
Cisco-9971 sip9971.9-4-1-9
Cisco-8821 sip8821.11-0-3ES2-1
Apple iPhone 4S iOS 10.2.1
Apple iPhone 5 iOS 10.2.1
Apple iPhone 5s iOS 10.2.1
Apple iPhone 5c iOS 10.3.1
Apple iPhone 6 iOS 10.3.1
Apple iPhone 6 Plus iOS 10.3.1
Apple iPhone 6s iOS 10.2.1
Apple iPhone 7 iOS 11.0.3
Apple iPhone X iOS 11.1.2
HTC One Android 5.0
OnePlusOne Android 4.3
OnePlus3 Android 6.0.1
Samsung Galaxy S4 T-I9500 Android 5.0.1
Sony Xperia Z Ultra Android 4.4.2
Nokia Lumia 1520 Windows Phone 8.10.14219.341
Google Nexus 5 Android 6.0.1
Google Nexus 5X Android 8.0.0
Google Pixcel Android 7.1.1
Samsung Galaxy S5-SM-G900A Android 4.4.2
Samsung Galaxy S III Android 4.3
Samsung Galaxy S4 Android 5.0.1
Samsung Galaxy S5 Android 4.4.2
Samsung Galaxy S6 Android 7.0
Samsung Galaxy S7 Android 7.0
Samsung Galaxy Nexus GTI9200 Android 4.4.2
Samsung Galaxy Mega SM900 Android 4.4.2
LG G4 Android 5.1
Xiaomi Mi 4c Android 5.1
Xiaomi Mi 4i Android 6.0.1

Key Features Not Supported in Controller Platforms

This section lists the features that are not supported on the different controller platforms:


In a converged access environment that has controllers running AireOS code, High Availability Client SSO and native IPv6 are not supported.

Key Features Not Supported in Cisco 3504 WLC

  • Cisco WLAN Express Setup Over-the-Air Provisioning

  • Mobility controller functionality in converged access mode

  • VPN Termination (such as IPsec and L2TP)

Key Features Not Supported in Cisco 5520 and 8540 WLCs

  • Internal DHCP Server

  • Mobility controller functionality in converged access mode

  • VPN termination (such as IPsec and L2TP)

  • Fragmented pings on any interface

Key Features Not Supported in Cisco Virtual WLC

  • Cisco Umbrella

  • Domain-based ACLs

  • Internal DHCP server

  • Cisco TrustSec

  • Access points in local mode

  • Mobility/Guest Anchor role

  • Wired Guest

  • Multicast


    FlexConnect locally switched multicast traffic is bridged transparently for both wired and wireless on the same VLAN. FlexConnect APs do not limit traffic based on IGMP or MLD snooping.
  • FlexConnect central switching in large-scale deployments


    • FlexConnect central switching is supported in only small-scale deployments, wherein the total traffic on controller ports is not more than 500 Mbps.

    • FlexConnect local switching is supported.

  • Central switching on Microsoft Hyper-V deployments

  • AP and Client SSO in High Availability

  • PMIPv6

  • Datagram Transport Layer Security (DTLS)

  • EoGRE (Supported in only local switching mode)

  • Workgroup bridges

  • Client downstream rate limiting for central switching

  • SHA2 certificates

  • controller integration with Lync SDN API

  • Cisco OfficeExtend Access Points

Key Features Not Supported in Access Point Platforms

Key Features Not Supported in Cisco Aironet 1540, 1560, 1800i, 1810 OEAP, 1810W, 1815, 1830, 1850, 2800, and 3800 Series APs

For detailed information about feature support on Cisco Aironet Wave 2 APs, see:


Table 9. Key Features Not Supported in Cisco Aironet 1540, 1560, 1800i, 1810 OEAP, 1810W, 1815, 1830, 1850, 2800, and 3800 Series APs

Operational Modes

  • Autonomous Bridge and Workgroup Bridge (WGB) mode

  • Mesh mode


    Supported on 1540 and 1560 APs.

  • Flex + Mesh

  • LAG behind NAT or PAT environment


  • Full Cisco Compatible Extensions (CCX) support

  • Rogue Location Discovery Protocol (RLDP)

  • Telnet

  • Internet Group Management Protocol (IGMP)v3


  • CKIP, CMIC, and LEAP with Dynamic WEP

  • Static WEP for CKIP

  • WPA2 + TKIP

    WPA +TKIP and TKIP + AES protocols are supported.

Quality of Service

Cisco Air Time Fairness (ATF)

FlexConnect Features

  • Bidirectional Rate Limiting

  • Split Tunneling

  • PPPoE

  • Multicast to Unicast (MC2UC)

  • Traffic Specification (TSpec)

    • Cisco Compatible Extensions (CCX)

    • Call Admission Control (CAC)

  • VSA/Realm Match Authentication

  • Link aggregation (LAG)

  • SIP snooping with FlexConnect in local switching mode


For Cisco Aironet 1850 Series AP technical specifications with details on currently supported features, see the Cisco Aironet 1850 Series Access Points Data Sheet.

Key Features Not Supported in Cisco Aironet 1800i, 1810 OEAP, and 1810W Series APs

Table 10. Key Features Not Supported in Cisco Aironet 1800i, 1810 OEAP and 1810W Series APs

Operational Modes

Mobility Express

FlexConnect Features

Local AP authentication

Location Services

Data RSSI (Fast Locate)

Key Features Not Supported in Cisco Aironet 1830, 1850, and 1815 Series APs

Table 11. Key Features Not Supported in Cisco Aironet 1830, 1850, and 1815 Series APs

Operational Modes

Mobility Express is not supported in Cisco 1815t APs.

FlexConnect Features

Local AP Authentication

Location Services

Data RSSI (Fast Locate)

Key Features Not Supported in Mesh Networks

  • Load-based call admission control (CAC). Mesh networks support only bandwidth-based CAC or static CAC.

  • High availability (Fast heartbeat and primary discovery join timer).

  • AP acting as supplicant with EAP-FASTv1 and 802.1X authentication.

  • AP join priority (Mesh APs have a fixed priority)

  • Location-based services

Key Features Not Supported in Cisco Aironet 1540 Mesh APs

  • Dynamic Mesh backhaul data rate.


    We recommend that you keep the Bridge data rate of the AP as auto.
  • Background scanning

  • Noise Tolerant Fast Convergence

  • Flex+Mesh

Key Features Not Supported on Cisco Aironet 1560 Mesh APs

  • Noise Tolerant Fast Convergence

  • Flex+Mesh


Open Caveats

Table 12. Open Caveats

Caveat ID Number



802.11b inconsistent probe response; band select enabled; 2.4 GHz


3700 APs in FlexConnect mode stop working


SNMP issue: Txpowerlevel returns null with Cisco WLC Version 8.3.13x.0 and 8.4 at times (including 8.2.161)


Cisco Wave 2 AP sends RADIUS message directly even if Local Authentication is disabled


Webauth logout fails after standalone; connected


Active Cisco WLC stopped working with Task Name: SNMPTask


Cisco 2800 and 3800 APs send block ACK packets using disabled data rates


DHCPv6 stateless not working


New Mobility member status shows as Unknown when editing mobility member IP address


Dynamic interface template fails to apply on WLC with opt82 setting


3800 AP in Sniffer mode: 802.11 acks, RTS, CTS, QoS Null packets do not get captured


3800 AP in Sniffer mode: AP does not fill BAR Request Type, BAR Control, SSC, FCS in BAR and BA packets


1700 AP continuous radio reset due to incorrect tx inprog


1815 AP does not send all traffic after period under load


FIQ/NMI Reset AP2800 PC __pci_bus_size_bridges+0x274/0x768 LR warn_slowpath_common+0x58/0x94


Cisco WLC unable to timeout clients; stale client entries


EoGRE domain: not able to edit from GUI


3702 AP: 5-GHz radio constantly flapping


Not able to create IPSec profile


Cisco WLC anchor commands are missing from the backup


SXP connection stay off after disable/enable SXP


WLC "in sync" with NTP while authentication is ignored with invalid keys


1532I AP fails to receive DHCP address randomly


1810W AP Kernel Panic crash is at _ZN17ContentHashFilter11clear_staleEv+0x1ac/0x1d0 [elts_meraki]


Cisco WiSM2 stops working for task name spamApTask3


3700 AP Tx jammed radio unresponsive


EoGRE client de-autheenticated when AP moved from Standalone to Connected Mode


Cisco Aironet 1700, 2700, and 3700 AP log incorrect PHY in sniffer mode for 11ac


Deleting one SSID will affect another SSID created on the same radio interface


PMTU change to 1500 from a lesser value is not reflected in AP


2802 XOR Operational State is Down/Admin Enabled while 802.11a is Up


tb20-vWlc-esxl-80—Clients lost the right override VLAN after AP moves from Standalone mode


1530 AP WGB stops working on associating with root


Cisco 7510 WLC running Release stops working with TaskName:spamApTask7


Cisco 3504 WLC: AP cannot join controller when directly connected to GigE Port 1


SNMP walk on bsnMeshNodeTable returns no data for IW3700 AP in Flex+Bridge Mode


Adding "switchport voice vlan x" causes wired phone not to pull an IP address


Cisco WLC stops working sometime when client switches between FT-enabled SSID and CCKM SSIDs


DHCP Proxy enabled and removing DHCP Server Info from Dynamic interface disables WLAN


AP: cmd timeout AP radio unresponsive in due to rxHang


FTP download fails on Cisco WLC when using untagged interfaces on different ports


5520 WLC stops working: Task Name: nmspTxServerTask


SNMPTask (module:k_mib_cisco_lwapp_local) causing memory leak in 16B buffer


3800 AP unresponsive, Kernel panic - not syncing: Fatal exception in interrupt


IW3702 WGB one way broadcast traffic on 5 GHz (but good in 2.4 GHz) in a mesh network 1572 AP


1542 AP not joining WLC with Costa Rica (CR) Country


3802 AP not forwarding client traffic


ERROR-MeshSecurity: Processing EAPOL from CAWAWP, Mesh mode is not started


FlexConnect AP's WLAN-VLAN mapping's inheritance is lost when a WLAN is deleted from AP group


Cisco WLC stops working on task: sntpReceiveTask


Client global IPv6 not correctly mapped to MAC address under certain condition


Cisco Wave 2 APs in FlexConnect do not forward DHCP NAK to wireless client


Cisco WLC unable to timeout clients; stale client entries


2800 AP is not able to process the ARP response


1530 LAP drop EAP identity packets sent by Cisco WLC random and cause EAP negotiation to fail


Cisco WLC stops working multiple times


debug disable-all command does not disable debugs for FlexConnect group client debugging


TrustSec not workingEnvironment Data download failing with 3504 WLC


HA—config service statistics command is not synced


1830 AP triggered FW assert for radio failure (beacons stuck)


Wave 1 APs in sniffer mode show incorrect TID in captured traffic


NMSP drops seen with high density deployments


aIOS and FlexConnect standalone failure on FT-dot1x authentication or M3 RSN IE


Cisco Wave 2 AP drops TCP retransmit from server


False radar detection on AP1832 with 40-MHz CW


3800 AP not handling DSCP tags properly


WLC RFID queue breached with more than 4000 tags.


1852/1832 SI: WLC config file does not contain the SI/CleanAir enable/disable state for network/AP


HA osapi_file.c:1030 Failed to open the file, %OSAPI-3-SOCK_SEND_FAILED: [SA]osapi_support


FIQ-NMI related Kernel Panic on 3802E AP


Cisco WLC mDNS secure printer service response missing TXT record with mdns snooping enabled


Cisco WLC stops working endlessly when updating OUI file


run-config commands do not include TPC version


1810W AP stops working with kernel panic


AP 1832/1852 Kernel Panic at __kmalloc_poolid+0xb8/0x16c


WLAN session timeout does not default to dot1x reauth timeout when WebAuth is enabled via GUI


CAP 2800/3800: command timeout at 0x8000 in FW


Cisco WiSM2 stops working on Dot1x_NW_MsgTask due to Dynamic VLAN feature handling for AP702W


AP syslog and AP mgmtuser configs lost on reordered config download


Server status in the show cloud-services cmx summary command shown as "Server Error"


System unresponsive randomly on running mesh commands


Local EAP profiles changed not retained after apply


Cisco WLC suggested to 5 GHz for Cisco Wave 2 APs but they are staying on 2.4 GHz without auto alignment


2802E AP with Radio1 unresponsive


Cisco 3504 WLC unresponsive when using mGig port


The SPAM QUEUES of the WLC are getting breached.


Cisco WLC stops working with SNMP operation with FlexConnect ACL


IPv6 rogue clients are shown as unknown


WQE size constantly increasing, error messages


Cisco WLC emweb unresponsive at commandConfigSpamApAntennaMonitor


1852 and 1832 AP—AP data traffic stall in HD environment


1562 AP reports incorrect power level to WLC


smr4: TxFSM stuck on Radio 0 with new signature


AP: Sending EAP packets unencrypted at session timeout


3800 and 2800 AP: FIQ/NMI reset seen on .98 image and .102


CAP 1815W Sniffer Mode AP beacons allows clients to join and blackhole traffic


WLC SSH/Telnet exits with 1542D Mesh AP with show mesh neigh summary command.


COS AP: false beacon stuck issue due to no beacon updates in wcp message Host Triggered Radio Crash


COS AP: Client shows as connected but unable to pass any traffic


Cisco Aironet 1560, 1800, 2800 and 3800 Series Access Point Denial of Service Vulnerability


Cisco Wireless LAN Controller Software GUI Privilege Escalation Vulnerability


[FALL WLC BUNDLE] NO CVE Cisco Wireless LAN Controller Privilege Escalation Vulnerability


Cisco Wireless LAN Controller Cross-Site Scripting Vulnerability


Cisco Wireless LAN Controller Software Information Disclosure Vulnerability

Resolved Caveats

Table 13. Resolved Caveats

Caveat ID Number



Cisco Wave 2 APs - "CAPWAP preferred mode" gets displayed as "Not configured"


AP803 failed to send auth/reasso to new AP while roaming


WLC Monitoring Gui: Unable to clear top WLANs statistics


AP3700: Tx util values are not changed


Wireless client fails to receive Multicast traffic when 802.1X is enabled


FRA Probe suppression does not work for pre-association client


Cisco 1832 AP drops the CAC SIP 486 packet


System stopped working on PMIPV6_Thread_0 during creation of LMA entry


Client CCX version for the same client differs for each of the APs


8.5 mgmt gw is not reachable after connecting device on MDA port


SNMP trapflag adjchannel-rogueap config not retaining during upload/download


AP2800 sending announce as 0 in Reassociation response in FlexConnect Mode in FT and adaptive FT


Local policy ACL does not apply when intf group mapped to WLAN and DHCP addr assign is disabled


3802:Unable to update property /soc/gop/mac0:local-mac-address, err=FDT_ERR_NOSPACE


CAP 3800 sending deauth to connected clients when CAPWAP flaps.


1850 Flex mode AP not prioritizing packets based on QoS Map


Assoc req forwarded to WLC after max clients on ap radio in flex local switching


WPS signature is getting disabled upon upload or download


Dashboard UI :- filtering the Accesspoint field with "is Null " and "is not null" is leading to hung


Foreign WLC leaks IPv6 and IPv4 multicast client traffic out of EoIP tunnel


WLC allowing blank as avc profile name


Observed traceback on Cisco 1570 AP when changing AP mode to FlexConnect from Flex+Bridge


AVC profile showing incorrect characters for an entry after upgrade


GUI shows label as "AVC Based Reanchor" while configuring in Selective-Roam


WGB HSR 802.11v neighbor report error message when Infrastructure MFP is enabled


Ascom phones stop transmitting voice durning call


WLC Dual Band radios showing incorrect suggested mode


Cisco 8.5 release: AP is not joining the Cisco WLC after image upgrade


Not able to add TACACS+ server from GUI


CTS SXP connection flap seen between CAT6K and WLC


Korean/ Japanese character support in LocalEapProfiles


Cisco 8.5 release: Cisco XOR radio configured to Sensor mode using GUI has operational state down


Cisco WLC and ME: RADIUS fail-over does not work when retransmit timeout is not set to default value


Sleeping client entry not getting created after idle timeout


AP is not joining the controller when for first time IP is changed from DHCP to static


Cisco Access Point 802.11r Fast Transition Denial of Service Vulnerability


Cisco 702w AP radio resets with reason code 71


Micro-Macro transition configuration should be limited to within the defined range


Unable to change "Back-up Primary Controller name" from GUI


Macro to micro transition threshold is not configurable on Mobility Express


Configuration backup shows the time instead of the NAT IP


After config upload/download event, netuser start time resets to invalid value.


Cisco 3700 AP: radio d1 reset: Tx jammed


IPsec profile should be none on disabling IPsec under SNMP communities and Trap Receiver


Clients failed to get connected to the Cisco AP in Flex mode with message as AID already in use


Clients fails to connect to AID with message as All AID are in use when the AP is in Local mode


WLC power supply issues not showing up on 360 page


[8.5] show inventory displaying incorrect output for AP802


Traceback observed in Cisco WLC while something is fetched for Flex ACL with AVC


WGB traffic disruption on missed beacons and no scan or roam


Bridging interface mode get reset to 'access' when configure MeshAP from GUI


Find button goes disable in successive search for AP filter page


Show run-config no-ap is missing AP Group and RF profile configuration


Cisco Wave 2 APs: Flex standalone mode: EoGRE clients are dropped in Local AP VLAN


Cisco Wave1 APs sends RA periodically when EoGRE tunnel profile is added to the AP


WLC FEW: flooding logs with "Updating MS IPv6[1] Addr" logs


Virtual IP address changes to after rebooting


'WL_IOCTL_SET_MGMT_SEND failed for apr1v0 error Bad address' messages on AP followed by Radio reset


Cisco 3800 AP drops P2P information element after adding 802.11u or HotSpot support on a WLAN.


CONFIG WIZARD: after ap group & rf profile mapping add/del command, not able to execute any command


Repeated CDP-4-DUPLEX_MISMATCH is observed when 1852 and 3802 APs are connected to Cisco 3850 switch.


8.5: cmdtimeout when xor in sensor mode, band mismatch errors


Cisco 3504 WLC is not generating a crash file.


The Mobility Group Members is not able to modified


Cisco WLC not sending delete payload to AP on exclusion client manual deauth


Cisco 2800/3800 AP cannot use the RX-SOP


Reason for channel change is shown as none and noise/energy/interfere as 0 for the dual band radio


Target assert XXXXXXXX WAITING FOR STOP EVENT on Cisco 1810 AP


Channel assignment leader shows junk value on standby WLC


8.5 Incorrect prompt after executing any CLI with (y/n) option


[5520] Setting an IPv6 address for primary-base on an AP from WLC cuts off last characters after ::


Cisco Wave 2 AP specific backup RADIUS server configuration lost post CAPWAP reset or AP reload


Cisco Wave2 AP reboots with watchdogd-reason CAPWAP on associating avc profile under FlexConnect grp


Black-list timer is showing as blacklist due to be cleared but still the blocked list timer remaining


cLApEthernetIfMacAddress is not showing AP MAC address


dca min-metric not getting logged on TACACS+


"Missing 802.1X or client control block" Errors in WLC Message Logs


Cisco WiSM2 stopped working with emWeb in build


Dual band radio on AP2800 does not go down after changing the country code from IN to US on AP


GUI does not show the 5-Ghz radio after changing the country code on CAP 2800, 3800 from IN to US


"show wlan" command is not working properly


CAP 2800, 3800 sniffer mode logs wrong PHY and data rates for 802.11ac


ME: SUBNET_MISMATCH_IP_ADD_ON_MSCB mismatches while registering IP address x.x.x.x


Invalid domain name after ap reset


External Server IP address accepts broadcast and Loopback address


Wrong values of coverage exception &coverage level in RF Profile in uploaded config and tech support


RF grouping off in WLC respond join command with incorrect reason code: 1


Flash on lightweight IOS APs gets corrupted


Tunnel Gateway (TGW) in Cisco 3802 AP comes up only after the Heartbeat interval expires


AP continuously reboots with "Process sync_log gone"


Cisco Wave 2 AP unable to process VLAN NAME ID mapping TLV payload


Cisco WLC fails to respond neighbor request for WLAN id greater than 255

CSCvf17133"config dhcp address-pool test" hits "Invalid scope specified."


Cisco 2800, 3800 APs running release: wifi0 resets multiple times


Mismatch in enabling IPv6 multicast address in WLC UI and CLI


AVC in disabled state under WLAN AVC mapping on enabling from console


Kernel panic stopped working in Cisco 1542 AP


When WLC adaptive/fastlane is disabled, the CCX IE is missing in probe response Wave 2 APs


AP Name is truncated in client detail for Nearby AP statistics attribute


Mobility statistics is getting updated wrongly for L3 roam


cLApEthernetIfType is shown as other instead of a correct value


cLApEthernetIfCdpEnabled shows true when cdp is disabled on the ap interface


Member active WLC showing wrong allowed channel list after switchover


Duplicate entries allowed as SNMP community entries with read only and read write - HA synch failing


AP adder license is taking effect only after a reboot on the Cisco 3504 WLC.


WLC shows radio role as NA and channel and power as blank for slot 2 installed modules


Error reason is not provided when user try to delete Out of Box AP group


Hotspot getting enabled with open security in WLC


AP 1850 radar detection in high density client enviornment


Limit stations in CAPWAP discovery response is giving wrong data


Identity PSK does not work when order of PSK mode and PSK key are interchanged


In Cisco 2800/3800 and Cisco 1562 APs, the Watchdog reset is observed (capwapd stopped working)


WLC - exit is not working after 'advanced fra revert all auto' command execution in config mode


Flooding "Invalid checkpoint client ID (0)" message on Standby WLC


CAPWAP_HA-3-AP_TEMP_DB_ADD_ERR in standby WLC when changing CAPWAP mode continuously


8.6: 5760 WLC Crash by SNMPTask


Redundant MAC address is used by standby-wlc for GW and peer RMI


Showing wrong AP model name in Popup message


Cisco 3802AP on release [cmd mismatch] wifi0: Host Cmd:0x9201 F/W Cmd:0x8001 Last:0x801d


8.3MR3: is valid for netflow monitor but not for GUI and error message is incorrectly showing on UI


DCA assigns channels out of DCA channel list


WLC- Previous AP field is set by the last disassoc frame sent up from the STA not the last roam


32 Split Tunnel--char chopped to 31;Edit serves as Add;Error incorrect;Gateway can be removed


Cisco 7510 WLC running reloads unexpectedly while running airewave director debug


Cisco 3800 AP in a constant reboot loop


"FRA Enabled Learn More" navigation link is not working under Best practices


Cisco 1560-Mesh: Fixed backhaul rate issues.


Implement CCA, RX-SOP thresholds for Marvell autonomous IOS


WLC shows COF and Suggested mode as none with FRA enable after HA Failover


Continuous FIQ/NMI reloads unexpectedly for 3802 AP when XOR is in sensor mode


WLC GUI displays incorrect number of fastlane clients


capwapd no heartbeat during waiting for uplink IP address


Wireless to Wireless multicast failure on Cisco 2800, 3800 APs with WPA-PSK-TKIP


Cisco Wave 2 APs: losing flex-avc-profile config if one out of 2 WLAN disabled


CAP 1810 reported timeout communicating to controller on data plane


Text view of Dual band radio does not display Rx neighbors


Error in mapping QoS role during the creation of local net users


On an 1810W AP, multicast fails to pass on the LAN port when switchport configured for 1000M speed


NDP on 2800/3800 not transmitting at Correct Power on 802.11b/g/n Channels


WLC: Jamaica Country does not add -E Regulatory Domain support for Outdoor APs


WIPS engine gets disabled on 2800 after AP reboot


Clients QoS level changes automatically to silver from gold during local authentication


HA SSO - Apply Config failed on Standby, Reason:5


CAP 3800 rebooted after rejoining WLC (upgrade) due to watchdog reset with "wcpd" as reason.


WLC pushing truncated wIPS profile to APs


Issue 'no bvi-vlanid' on WGB does not cast IAPP message to refresh BVI VLAN id on AP


WLC returns extension channels for XOR in 2.4GHz or Monitor Mode


SNMP get or walk on device for bsnAPBridgingSupport returns ENABLE for Cisco 2800, 3800 APs


Remote LAN with 1810w in FlexConnect mode not showing client IP


WLC DP core 0 hung due to RML interrupt handler


Cisco 1262 autonomous AP drops ARP requests


1542-Mesh: Fixed backhaul rate configuration does not work


CAPWAPd reloads unexpectedly after enabling CAPWAP payload debug


new Cisco 1562 AP reloads unexpectedly due to: FIQ/NMI reset


Enabling DHCP option 82 on EoGRE profile is not updated in GUI


Cisco 3504 WLC reloads unexpectedly during external webauth redirection with MAX length URL


Hexdump of packet observed in apf task


SNMP:Junk characters instead of server IP when image download is initiated from Prime Infrastructure


Clients unable to connect when CCKM and FT802.1X are enabled together


Cisco 1532 AP cannot use static IP address when configured as mesh AP (MAP)


Guest User role cannot be called properly on the Cisco 2504 WLC platform


Issues with 1562s MAP taking a long time to join RAP


Cisco Wireless LAN Controller - standby WLC reloads unexpectedly at HA Config Sync Task


Certain sequence causes Unexpected displays, 32 char name chopped to 31 Interface Group


Ceiling not working if DSCP sent is higher than metal policy of WLAN


RTU license count taking over Smart Account count


XOR radio does not move to 5GHz/Monitor bands after being marked redundant


Crete-Mesh: Client not always authorized after reset


Ethernet daisy chain IW3702 GE1 1Gbps reload same time when configured speed 100 & duplex full


Cisco Controller reloads unexpectedly on "config bleBeaconwhiteList add"


8.3MR3:2800/3800 AP cannot handle Probe Limit Interval up to 64000ms required from CSCvb91652


SNMPv3 same user adding accepted silently but actually not able in CLI but ok for UI


802.11v BSS Transition Preferred Candidate List Not Included with Radio Policy Set to 802.11a Only


Cisco WLC reloads unexpectedly due high CPU usage by SNMP task


WLC reaper not creating proper crash file


WLC randomly marks wireless management frames with DSCP CS0 instead of CS6


AP show CLIs seen having previously joined controller CAPWAP tunneled WLAN entries


CONTROLLER->PMIPv6->LMA with 128 char shown incorrectly in GUI/CLI, out of range ERROR issue


On 1810 APs warning msg throwing while configuring Tx Power for Radio "B"


Summary is showing 7500 Interferers on 2.4GHz but Interferers is showing nothing


Buff Leak on ap console when in FlexConnect mode


"AP 1388 doe not exist anymore on the system" pops when back on Dual band page


EoGRE AP bytes and packets stats are vice-versa in AP and WLC with Wave 1 AP on both CLI and GUI


Cisco WLC Control And Provisioning of Wireless Access Points Information Disclosure


Cisco WLC Control &amp; Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability


Cisco Wireless LAN Controller Directory Traversal Vulnerability


CLI can provision up to 394 characters while GUI/error help message showing max 63 characters


System reloads unexpectedly as Reaper Reset:Task wipsTask taking too much CPU


EoGRE DHCP82 "show flexconnect dhcp option82" issues


IOS AP should send Flex client del instead of MN delete for Flex local auth clients delete


3702 NOS Dual-Band setting for CleanAir back silently, many 1601336064s shown in Detail page


Dataplane reloads unexpectedly when using EoGRE tunnel


Node ptr_meshFileCfg.cfg.convMethod value = 3 is out of range for min = 0 and max = 2 upgrade


Aironet2802 marking upstream client traffic with incorrect DSCP values when WMM is disabled


Cisco 3504 WLC factory default license issue


Kernel Panic seen on 1542 Mesh APs


Infra IPv6 AP drops off from the WLC every 4 to 12 hours


AP not blocking all channels in set to WLC when radar is detected on one of the channels in 80MHz


Rogue APs getting contained or containment pending automatically on the WLC


CAP 3600 dropping over DTLS tunnel with Cisco 8540 WLC


CAP 1832 kernel panic


Cisco 2800, 3800 APs: radio0 reloads unexpectedly in longevity due to 3rd party FW issue(s)


"debug client" sometimes reports wrong BSSID in (Re)association message


APs can no longer join the WLC; CAPWAP-3-DTLS_DB_ERR


INTERFERERS Table loading issue for 2.4 GHz,5 GHz


Cisco 2800/3800 AAA override VLAN does not work for native VLAN.


AP LAG fails using LACP with non-Cisco switches


Trapflags do not sync for HA SSO


CAP 3800 stops working: selipc causing double free


CAP 1562 unable to pass multicast joins from RAP to MAPs


WLC fails to send complete IPv6 client information to Prime Infrastructure


WLC debug client, flooding logs with " iapp ipv6" logs


VLAN override on RLAN with FlexConnect Local Switching does not work


Client moving to RUN state from webauth reqd after reassoc request


WLC detects IDS Signature attack even if Signature Processing is disabled


Cisco 3700 AP: radio d1 reset: Tx jammed, probably beacon was not really sent by Hw


AP loses config and NAND disk error messages are seen on console


Cisco 1810WAP: Kernel Panic- crash files shows PC is at 0x4 LR is at ieee80211_free_node+0x264/0x4b4


Primary Secondary Tertiary controller IPV6 address not retain post reload


Buff Leak on AP when AP changes channel


1815w Kernel Panic PC wlan_channel_frequency+0x10/0x18 LR acfg_get_client_info+0x84/0x264


Cisco 3800 AP reloads unexpectedly while running code


Cisco 2800,3800 APs in Sniffer mode - frequent kernel panics observed


Cisco 5508 WLC reloads unexpectedly during AP join failure


Clients behind 3rd Party WGB fail DHCP post upgrade to


CAP 1832 reloads unexpectedly due to kernel panic


OpenDNS information is lost when primary AP fails over to the new one


AP3802E- on reloads unexpectedly due to watchdog reset(with reason: out to reboot with r)


Cisco 1850 radio firmware reloads unexpectedly at 0x009A4859


CAP 1800 kernel panic pc @Kfree


AP1532 stops working on client connection to WLAN profile with EoGRE tunnel


3802 chatter: IOCTL_SET_MGMT_SEND failed for apr0v0 error Operat


IPv4 traffic drops with "Packet needs to be fragmented but DF bit is set" and MTU mismatch


Deauth reason pulled from association response code wrongly


Unable to add LSC CA Certificate on Cisco WLC GUI


Debug fastpath command cause the 8540/8510 WLCs to stop working


AP3800: Low throughput due to packet drops in AP in both fragmented and non-fragmented packets


Observed "buf leak" message on corsica FlexConnect mode APs


WLC- is flagging Misc_Reason 0x9 as an Invalid Apple Reason Code but displays proprietary failure


AP MAC:SSID:AP Group attribute is not present in Accounting called station ID GUI list


CAP 1562 is dropping downlink unicast messages, making connectivity difficult across mesh link


The client RSSI/SNR is shown as unavailable when connected to 2800/3800 APs.


CIAM Alert: GNU dnsmasq DNS Reply Heap Buffer Overflow Vulnerability


"show ap network-diagnostics" does not work for 1815 AP when in FlexConnect OEAP mode


Rogue client on friendly rogue contained with 'valid client on rogue AP' auto contain enabled


WLC management VLAN zero in kernel causing reachability issues


AP 3800,2800 and .61 when AP is in flex mode, AP reloads unexpectedly due hostapd process


Unable to change Antenna Band Mode to 1562E AP


8.6: 2802 Kernel panic PC@AccumulateScanResults


Dataplane watchdog timeout due to NBAR max flows exceeded


Cisco 1815T AP LAN3 not coming up when a client is directly connected


Cisco 3504 WLC not communicating to Smart Licensing Cloud Server


AP: Client disconnected due to idle timeout wrongly kicking in when client is going to power save