Release Notes for Cisco IOS Release 15.2(8)E3

Cisco IOS Release 15.2(8)E3 runs on these platforms:

  • Cisco 2500 Series Connected Grid Switches (CGS2520)

  • Cisco Connected Grid Ethernet Switch Module (CGR2010 ESM)

  • Cisco Embedded Service 2020 Series Switches (ESS2020)

  • Cisco Industrial Ethernet 2000 Series Switches (IE2000)

  • Cisco Industrial Ethernet 2000U Series Switches (IE2000U)

  • Cisco Industrial Ethernet 4000 Series Switches (IE4000)

  • Cisco Industrial Ethernet 4010 Series Switches (IE4010)

  • Cisco Industrial Ethernet 5000 Series Switches (IE5000)

These release notes include important information about Cisco IOS Release 15.2(8)E3 and any limitations, restrictions, and caveats that apply to the release. Verify that these release notes are correct for your switch:

For a complete list of documentation for the platforms associated with this release, see Related Documentation.

You can download the switch software from this site (registered Cisco.com users with a login password):

http://software.cisco.com/download/navigator.html

Note: The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.

New Features in Cisco IOS Release 15.2(8)E3

The following new feature is supported in Cisco IOS Release 15.2(8)E3.

Data Wipe

The Cisco IE2000, IE4000, IE5000, IE4010, and Cisco Connected Grid Router WAN Interface Card (GRWIC) switches utilize persistent storage to maintain system software images, switch configuration, software logs, and operational history. Each of these areas can contain customer specific information, including details about network architecture and design, as well as potential target vectors for would-be attackers. Customers desire a comprehensive method to securely erase or wipe this identifiable information when removing products due to RMA, upgrade/replacement, or system end-of-life.

The goal is to provide a customer friendly method to ensure data is sufficiently erased to mitigate, limit, and hinder data recovery attempts. The Data Wipe feature provides a solution that evaluates the storage devices present on the system, determines the best option for data wipe based on those device types, and performs the necessary actions with little or no user involvement.

Device Manager Localization

Online help for the Device Manager is available in the following languages for the IE 2000, IE 2000U, IE 4000, IE 4010 and IE 5000 switches:

  • Chinese (Traditional) (code: 2052)

  • Chinese (Simplified) (code: 1028)

  • (Default): English (code: 1033)

  • French (code: 1036)

  • German (code: 1031)

  • Japanese (code: 1041)

  • Spanish (LATAM) (code: 9226)

Express Setup Requirements

This section summarizes the hardware and software requirements for the Windows platform.

For a listing of Express Setup documentation, see Table 3 Methods for Assigning IP Information, page 8.

Hardware

  • 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor

  • 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)

  • 16 GB available hard disk space (32-bit) or 20 GB (64-bit)

Software

  • PC with Windows 7, Windows 10, or Mac OS 10.6.x

  • Web browser (Internet Explorer 10.0 or 11.0, or Firefox 48.x and above) with JavaScript enabled

  • Straight-through or crossover Category 5 or 6 cable

Express Setup verifies the browser version when starting a session, and it does not require a plug-in.

Upgrading the Switch Software

Finding the Software Version and Feature Set

The Cisco IOS image is stored as a bin file in a directory that is named with the Cisco IOS release. A subdirectory contains the files needed for web management. The image is stored on the compact flash memory card.

You can use the show version privileged EXEC command to see the software version that is running on your switch. The second line of the display shows the version.

You can also use the dir filesystem: privileged EXEC command to see the directory names of other software images stored in flash memory. For example, use the dir flash: command to display the images in the flash memory.

Deciding Which Files to Use

The upgrade procedures in these release notes describe how to perform the upgrade by using a combined tar file. This file contains the Cisco IOS image file and the files needed for the embedded device manager. You must use the combined tar file to upgrade the switch through Express Setup. To upgrade the switch through the command-line interface (CLI), use the tar file and the archive download-sw privileged EXEC command.

Table 2 lists the filenames for this software release.

Note: If you download the IP services image and plan to use Layer 3 functionality, you must use the Switch Database Management (SDM) routing template. To determine the currently active template, enter the show sdm prefer privileged EXEC command. If necessary, enter the sdm prefer global configuration command to change the SDM template to a specific template. For example, if the switch uses Layer 3 routing, change the SDM template from the default to the routing template. You must reload the switch for the new template to take effect.

Table 1. Cisco IOS Software Image Files

File Name

Description

cgs2520-ipserviceslmk9-tar.152-8.E3.tar

CGS 2520 IP services image file

cgs2520-lanbaselmk9-tar.152-8.E3.tar

CGS 2520 LAN base image file

c2020-universalk9-tar.152-8.E3.tar

ESS 2020 universal image file

ie2000-universalk9-tar.152-8.E3.tar

IE 2000 universal image file

ie2000u-ipserviceslmk9-tar.152-8.E3.tar

IE 2000U IP services image file

ie2000u-lanbaselmk9-tar.152-8.E3.tar

IE 2000U LAN base image file

grwicdes-ipserviceslmk9-tar.152-8.E3.tar

ESM IP services image file

grwicdes-lanbaselmk9-tar.152-8.E3.tar

ESM LAN base image file

ie4000-universalk9-tar.152-8.E3.tar

IE 4000 Universal image file

ie4010-universalk9-tar.152-8.E3.tar

IE 4010 Universal image file

ie5000-universalk9-tar.152-8.E3.tar

IE 5000 Universal image file

Archiving Software Images

Before upgrading your switch software, make sure that you archive copies of both your current Cisco IOS release and the Cisco IOS release to which you are upgrading. Keep these archived images until you have upgraded all devices in the network to the new Cisco IOS image and verified that the new Cisco IOS image works properly in your network.

Cisco routinely removes old Cisco IOS versions from Cisco.com. See Product Bulletin 2863 for information:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6969/ps1835/prod_bulletin0900aecd80281c0e.html

You can copy the bin software image file on the flash memory to the appropriate TFTP directory on a host by using the copy flash: tftp: privileged EXEC command.

Note: Although you can copy any file on the flash memory to the TFTP server, it is time consuming to copy all of the HTML files in the tar file. We recommend that you download the tar file from Cisco.com and archive it on an internal host in your network.

You can also configure the switch as a TFTP server to copy files from one switch to another without using an external TFTP server by using the tftp-server global configuration command.

Upgrading a Switch by Using the CLI

This procedure is for copying the combined tar file to the switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.

Note: Make sure that the compact flash card is in the switch before downloading the software.

To download software, follow these steps:

  1. Use Table 2 on page 5 to identify the file that you want to download.

  2. Download the software image file. If you have a SMARTnet support contract, go to this URL, and log in to download the appropriate files:

    http://software.cisco.com/download/navigator.html

    For example, to download the image for an IE 2000 switch, select Products > Switches > Industrial Ethernet Switches > Cisco Industrial Ethernet 2000 Series Switches, then select your switch model. Select IOS Software for Software Type, then select the image you want to download.

  3. Copy the image to the appropriate TFTP directory on the workstation, and make sure that the TFTP server is properly configured.

    For more information, see the “Assigning the Switch IP Address and Default Gateway” chapter in the applicable document for your switch as listed in Table 3.

  4. Log into the switch through the console port or a Telnet session.

  5. (Optional) Ensure that you have IP connectivity to the TFTP server by entering this privileged EXEC command:

    Switch# ping tftp-server-address

    For more information about assigning an IP address and default gateway to the switch, see Table 3.

  6. Download the image file from the TFTP server to the switch.

    If you are installing the same version of software that currently exists on the switch, overwrite the current image by entering this privileged EXEC command:

    Switch# archive download-sw /overwrite /reload tftp://location /directory /image-name.tar

    The command above untars/unzips the file.The system prompts you when it completes successfully.

    • The /overwrite option overwrites the software image in flash memory with the downloaded one.

    If you specify the command without the /overwrite option, the download algorithm verifies that the new image is not the same as the one on the switch Flash device. If the images are the same, the download does not occur. If the images are different, the old image is deleted, and the new one is downloaded. If there is not enough space to install the new image and keep the current running image, the download process stops, and an error message displays.

    • The /reload option reloads the system after downloading the image unless the configuration has been changed and not saved.

    • For // location, specify the IP address of the TFTP server. or hostname.

    • For /directory/image-name.tar, specify the directory and the image to download. Directory and image names are case sensitive. The directory is for file organization and it is generally a tftpboot/user-ID path.

    This example shows how to download an image from a TFTP server at 198.30.20.19 and to overwrite the image on the switch:

    Switch# archive download-sw /overwrite tftp://198.30.20.19/image-name.tar

    You can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option. If there is not enough space to install the new image and keep the current running image, the download process stops, and an error message displays.

Upgrading IOS and FPGA on the Ethernet Switch Module (ESM)

This procedure is for copying the combined tar file to the switch. You copy the file to the switch from a TFTP server and extract the files. You can download an image file and replace or keep the current image.

To download software, follow these steps:

  1. Refer to Deciding Which Files to Use to identify the file that you want to download.

  2. Download the software image file. If you have a SMARTnet support contract, go to the URL below and log in to download the appropriate files.

    http://software.cisco.com/download/navigator.html

    For example, to download the image for a Connected Grid 10-Port Ethernet Switch Module Interface Card, select Products > Cisco Interfaces and Modules > Connected Grid Modules > Connected Grid 10-Port Ethernet Switch Module Interface Card. Select IOS Software for Software Type, then select the image you want to download.

    Copy the image to the appropriate TFTP directory on the workstation, and make sure that the TFTP server is properly configured. For more information, see the “Assigning the Switch IP Address and Default Gateway” chapter in the applicable document listed in Table 3 Methods for Assigning IP Information, page 8.

  3. Copy the image to the appropriate TFTP directory on the workstation, and make sure that the TFTP server is properly configured.

  4. Log in to the switch through the console port or a Telnet session.

  5. (Optional) Ensure that you have IP connectivity to the TFTP server by entering this privileged EXEC command:

    Switch# ping tftp-server-address
  6. Download the image file from the TFTP server to the switch.

    If you are installing the same version of software that currently exists on the switch, overwrite the current image by entering this privileged EXEC command:

    Switch# archive download-sw /overwrite tftp: //location /directory /image-name.tar

    The command above untars/unzips the file.The system prompts you when it completes successfully.

    • The /overwrite option overwrites the software image in flash memory with the downloaded one.

    If you specify the command without the /overwrite option, the download algorithm verifies that the new image is not the same as the one on the switch Flash device. If the images are the same, the download does not occur. If the images are different, the old image is deleted, and the new one is downloaded. If there is not enough space to install the new image and keep the current running image, the download process stops, and an error message displays.

    • The /reload option reloads the system after downloading the image unless the configuration has been changed and not saved.

    • For // location, specify the IP address of the TFTP server. or hostname.

    • For /directory/image-name.tar, specify the directory and the image to download. Directory and image names are case sensitive. The directory is for file organization and it is generally a tftpboot/user-ID path.

    This example shows how to download an image from a TFTP server at 198.30.20.19 and to overwrite the image on the switch:

    Switch# archive download-sw /overwrite tftp://198.30.20.19/image-name.tar

    You can also download the image file from the TFTP server to the switch and keep the current image by replacing the /overwrite option with the /leave-old-sw option. If there is not enough space to install the new image and keep the current running image, the download process stops, and an error message displays.

  7. After the download and the untar are complete, power cycle the CGR2010.

Installation Notes

You can assign IP information to your switch using the methods shown in Table 3.

Table 2. Methods for Assigning IP Information

Method

Platform

Document

Express setup program

IE2000

Cisco IE 2000 Switch Hardware Installation Guide

ESM

Connected Grid Ethernet Switch Module Interface Card Getting Started Guide

IE4000

Cisco IE 4000 Switch Hardware Installation Guide

IE4010

Cisco IE 4010 Switch Hardware Installation Guide

IE5000

Cisco IE 5000 Hardened Aggregator Hardware Installation Guide

CLI-based setup program

ESS2020

Cisco Embedded Service 2020 Series Software Configuration Guide

IE2000

Cisco IE 2000 Switch Hardware Installation Guide

IE2000U

Cisco IE 2000U Switch Hardware Installation Guide

CGS2520

Cisco CGS 2520 Hardware Installation Guide

ESM

Cisco CGS 2520 Hardware Installation Guide

Note: The Cisco CGS 2520 Hardware Installation Guide serves as CLI-based Setup reference for the ESM.

IE4000

Cisco IE 4000 Switch Hardware Installation Guide

IE4010

Cisco Industrial Ethernet 4000, 4010 and 5000 Switch Software Configuration Guide

IE5000

Cisco IE 5000 Hardened Aggregator Hardware Installation Guide

DHCP-based autoconfiguration

ESS2020

Cisco Embedded Service 2020 Series Software Configuration Guide

IE2000

Cisco IE 2000 Series Switch Software Configuration Guide

IE2000U

System Management Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches

CGS2520

CGS 2520 Switch Software Configuration Guide

ESM

Cisco Connected Grid Ethernet Switch Module Interface Card Software Configuration Guide

IE4000

Cisco Industrial Ethernet 4000 Series Switch Software Configuration Guide

IE4010

Cisco Industrial Ethernet 4000, 4010 and 5000 Switch Software Configuration Guide

IE5000

Cisco IE 5000 Hardened Aggregator Hardware Installation Guide

Manually assigning an IP address

IE2000

Cisco IE 2000 Series Switch Software Configuration Guide

IE2000U

System Management Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches

CGS2520

CGS 2520 Switch Software Configuration Guide

ESM

Cisco Connected Grid Ethernet Switch Module Interface Card Software Configuration Guide

IE4000

Cisco Industrial Ethernet 4000 Series Switch Software Configuration Guide

IE4010

Cisco Industrial Ethernet 4000, 4010 and 5000 Switch Software Configuration Guide

IE5000

Cisco IE 5000 Hardened Aggregator Hardware Installation Guide

Documentation Updates

  • On all IoT switches: As part of tightening security, enable secret 0, will automatically be converted to authentication type ‘9’ in Cisco IOS release 15.2(7)E3 and later. When ‘Type 9’ encryption is enabled on low-end platforms (CGS2520, IE 2000, and IE 2000U), Device Manager users will experience an approximate delay of two minutes before the Device Manager pages open.

    To workaround this issue, Device Manager users on low-end platforms are advised to configure authentication type ‘5’ using the CLI command: enable algorithm-type md5 secret <password>.

  • Existing Cisco IOS software checks the SPI flash manufacturer ID before it uses the SPI flash to store the FPGA bitstream. The new SPI Flash component used on the new CGR 2010 Grid Router WAN interface Card (GRWIC) units does not work with old Cisco IOS releases.

    To address this issue, a CLI utility is introduced in Cisco IOS Release15.2(8)E that you can use to download any given FPGA bitstream image to SPI flash on the CGR 2010 Grid Router WAN interface Card (GRWIC). This utility allows you to continue to run a qualified old Cisco IOS version on the new GRWIC units, after you run 15.2(8)E and use the utility to manually program the FPGA bitstream matching the old Cisco IOS version. See details on using the utility in the next section.

    For information about the CGR 2010, see Cisco Connected Grid Router 2010 Software Configuration Guide.

Using the FPGA Upgrade Utility for GRWIC Modules

Follow these steps to reload a new GRWIC module with an old Cisco IOS image matching the old FPGA file.

  1. Load the 15.2(8)E3 image on the GRWIC that has the new SPI Flash component.

  2. Enter
    fpga_upgrade flash <filename>
    to program the new SPI flash of the new GRWIC with the user specified FPGA file at the specified path as shown in the following example:
    Switch#fpga_upgrade?
    flash: File to be upgraded
    nvram: File to be upgraded
    obfl0: File to be upgraded
    Switch#fpga_upgrade flash:grwicdes-ipservicesk9-mz.152-4.EA5/fpga
    System will reload after the FPGA upgrade/downgrade.
    Do you want to proceed? [yes/no]: yes
    FPGA Multiboot: new image size 0x00212B68
    FPGA Multiboot: new image version 0x00030700
    FPGA Multiboot: new image date 10-4-2013 (0x000A27DD)
    Checking for FPGA upgrade.. (flash:grwicdes-ipservicesk9-mz.152-4.EA5/fpga)
    FPGA Multiboot: running image rev: 0x00030800
    FPGA Multiboot: running image date: 0x000C67E2
    Upgrading/downgrading FPGA from 0x00030800 to 0x00030700
    Erasing sectors...................................
    Writing fpga image.................................
    System is resetting..
    Received FPGA upgrade request for module GRWIC-D-ES-2S-8PC on slot 0
    Current Running Image:
    Release Status: Official Release Image
    Major Version: 3
    Minor Version: 8
    Debug Version: 0
    Version Date: 2018-12-12
    Upgrade Image:
    Release Status: Official Release Image
    Major Version: 3
    Minor Version: 7
    Debug Version: 0
    Version Date: 2013-10-4
    FPGA image upgrade for slot 0 succeed!!!
    Current Running Image:
    Release Status: Official Release Image
    Major Version: 3
    Minor Version: 7
    Debug Version: 0
    Version Date: 2013-10-4
    Using driver version 3 for media type 1
    Base ethernet MAC Address: 54:a2:74:3e:02:80
    Xmodem file system is available.
    The password-recovery mechanism is enabled.
    Initializing Flash...
    mifs[2]: 13 files, 1 directories
    mifs[2]: Total bytes : 1806336
    mifs[2]: Bytes used : 886272
    mifs[2]: Bytes available : 920064
    mifs[2]: mifs fsck took 1 seconds.
    mifs[3]: 188 files, 24 directories
    mifs[3]: Total bytes : 63092736
    mifs[3]: Bytes used : 54162944
    mifs[3]: Bytes available : 8929792
    mifs[3]: mifs fsck took 26 seconds.
    ...done Initializing Flash.
    done.
  3. After the FPGA upgrade/downgrade for the old Cisco IOS (the required IOS version) is completed, load the old Cisco IOS as shown in the following example:

    switch#conf t
    switch(config)#boot system
    flash:/grwicdes-ipservicesk9-mz.152-4.EA5/grwicdes-ipservicesk9-mz.152-4.EA5.bin
    switch(config)#end
    switch#wr mem
    switch#reload

Caveats

Cisco Bug Search Tool

The Bug Search Tool (BST), which is the online successor to Bug Toolkit, is designed to improve the effectiveness in network risk management and device troubleshooting. The BST allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.

To view the details of a caveat listed in this document:

  1. Access the BST (use your Cisco user ID and password) at https://tools.cisco.com/bugsearch/.

  2. Enter the bug ID in the Search For: field

Open Caveats

Table 3. Open Caveats in Cisco IOS Release 15.2(8)E3

Bug ID

Headline

CSCvu66982

Delay in loading WebUI on Low-end Devices when type 9 encryption is enabled (IE2000, IE3000)

CSCwd59337

No Logging Message seen with "sh platform software factory-reset secure log" cli for RA3K Platform

CSCwe03663

IE5k stacked switch missing SFPs in show inventory output in 15.2(8)E2

Resolved Caveats

Table 4. Resolved Caveats in Cisco IOS Release 15.2(8)E3

Bug ID

Headline

CSCvx66003

On IE5000 with GPS, Time Error Spikes when Returning from Holdover

CSCwc59934

IE5000: PTP packets failed to transmit over different vlans on trunk links

CSCwc76404

IE5000 IRIG clock shown as 'other' in cli output

CSCwc88085

IE2000: SNMP OID wrong for PSU2 after reboot

Related Documentation

Table 5. Related Documentation

Device or Feature

Related Documents

Cisco 2500 Series Connected Grid Switches

http://www.cisco.com/go/cgs2520

Cisco Embedded Service 2020 Series Switches (ESS 2020)

http://www.cisco.com/c/en/us/support/switches/embedded-service-2020-series-switches/tsd-products-support-series-home.html

Cisco Ethernet Switch Module (ESM) for CGR 2010

http://www.cisco.com/go/cgr2000

Cisco Industrial Ethernet 2000 Series Switches

http://www.cisco.com/go/ie2000

Cisco Industrial Ethernet 2000U Series Switches

http://www.cisco.com/go/ie2000u

Cisco Industrial Ethernet 4000 Series Switches

http://www.cisco.com/go/ie4000

Cisco Industrial Ethernet 4010 Series Switches

http://www.cisco.com/go/ie4010

Cisco Industrial Ethernet 5000 Series Switches

http://www.cisco.com/go/ie5000

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2022 Cisco Systems, Inc. All rights reserved.