Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 7.4.110.0

7.0.98.0 or later 7.0 releases

You can upgrade directly to 7.4.110.0

Note If you have VLAN support and VLAN mappings defined on H-REAP access points and are currently using a 7.0.x controller software release that is prior to 7.0.240.0, we recommend that you upgrade to the 7.0.240.0 release and then upgrade to 7.4.110.0 to avoid losing those VLAN settings.

7.1.91.0

You can upgrade directly to 7.4.110.0

7.2. or later 7.2 releases

You can upgrade directly to 7.4.110.0

Note If you have an 802.11u HotSpot configuration on the WLANs, we recommend that you first upgrade to the 7.3.101.0 controller software release and then upgrade to the 7.4.110.0 controller software release.

You must downgrade from the 7.4.110.0 controller software release to a 7.2.x controller software release if you have an 802.11u HotSpot configuration on the WLANs that is not supported.

7.3 or later 7.3 releases

You can upgrade directly to 7.4.110.0

CSCud47264

Symptom : Controller web GUI displays duplicate domain IP names, but the controller CLI displays them correctly. Use CLI

Condition : When the service provider domain name is more than 32 characters, the controller web GUI displays duplicate entries. This issue occurs in only the controller web GUI.

Workaround : Use controller CLI.

CSCud48146

Symptom : On the controller, when limiting the “Max Concurrent Logins for a user name” to 1, for example to avoid using the same username more than once for web authentication, there is a possibility to ignore this setting for 802.1x authentication by setting “max-login-ignore-identity-response” to the enabled state. The “max-login-ignore-identity-response” feature does not work as expected and the global “Max Concurrent Logins for a user name” still takes precedence.

Condition : Unknown.

Workaround : Increase the global “Max Concurrent Logins for a user name” to a desired number.

CSCud48620

Symptom : On a channel with high utilization and interference numbers, the RRM DCA algorithm might not change the channel when it should. As a result, the channel assignment for a few access points may be suboptimal, which can negatively impact performance.

Condition : If a channel change that is required to avoid the high utilization or interference has an adverse effect on the RF neighborhood, it might prevent the channel change. Release 6.0.182.0.

Workaround : Configure DCA back to aggressive mode.

CSCud57238

Symptom : The Cisco 602 OEAP’s Ethernet Counter stops incrementing after they reach the maximum value for a 32-bit signed integer (2147483647).

Note This does not affect the operation of the AP or the Ethernet traffic.

Condition : Unknown.

Workaround : Reset the counters by rebooting the Cisco 602 OEAP.

CSCue50917

Symptom : When a RAP loses its wired connection, the RAP fails to restore connectivity as a MAP through the radio backhaul. The mesh adjacency is correctly built to a nearby MAP, and the RAP gets an IP address and can even join its controller, but shortly afterwards a radio reset is observed which causes the RAP to disconnect. The RAP goes into a loop till the wired connectivity is restored. Error messages similar to the following are displayed on the RAP console:

Condition : Mesh deployment on the following controller software releases: 7.0.230.0, 7.2.x, 7.3.112.0

Workaround : None.

CSCud64396

Symptom : The controller might stop working if a Syslog server entry is being removed from the GUI when the server is unreachable.

Condition : Syslog server configured on the controller with TLS enabled.

The Syslog server entry is removed using the controller GUI while it is unreachable, but the controller still considers it to be “connected”, as per “TLS auth status” that can be seen by entering the show logging command on the controller CLI.

Workaround : None.

CSCud80390

Symptom : MAC flap on Layer 2 switch connected to the remote LAN port of Cisco 600 Series OEAP.

Condition : Wired computers plugged into the Layer 2 switch connected to the remote LAN port communicate with each other with only pings.

Workaround : Configure static ARP entries to prevent the MAC flap.

CSCud86140

Symptom : AP intermittently does not send probe response when there are other APs in the neighborhood on the same channel.

Condition : There need to be other APs or traffic on the same channel for this issue to occur.

Workaround : If the client hears probes from other surrounding APs, the client should be able to join another AP. Some NICs might prefer to hear probes from a specific AP. Even with the AP having the issue, eventually, the probe response might be transmitted after a few attempts.

CSCud89654

Symptom : On a local-switching-enabled 802.1X WLAN, if the clients associate with a local AP (not FlexConnect AP), after successful authentication, only url-redirect attributed is accepted by the controller, not url-redirect-acl attribute, which causes failures on redirection thereafter.

Condition : 802.1X WLAN with local switching enabled; Release 7.2 and later.

Workaround : Disable local switching on the WLAN. You will have to segregate the local AP from FlexConnect APs on different controllers, making it an impossible solution to mix them together on a single controller.

CSCud97325

Symptom : Cisco AP3600 and Cisco AP2600 send invalid frames sourced with address 0000.0104.xxxx. This might result in security warnings on the switch, such as the following:

Condition : This issue occurs when the primary or secondary controller is changed in the AP High Availability tab. This issue is observed with only Cisco Aironet 2600 and 3600 Series access points.

Workaround : None.

CSCue02826

Symptom : The 5-GHz radio on AIR-CAP1552E-N-K9 in the non-Bridge mode fails to enable if the controller is configured for Brazil (-T) Regulatory Domain.

Condition : Release 7.3.101.0.

Workaround : Use the Bridge mode in the AP.

CSCue09354

Symptom : Rogue AP does not get detected on the wired network when it is on non-native VLAN trunk to rogue detector AP.

Condition : Release 7.4.x; Rogue detector mode AP; Rogue AP not on Rogue Detector native VLAN.

Workaround : None.

CSCue18790

Symptom : Cisco AP1600, Cisco AP2600, and Cisco AP3600 might transmit management and control frames at maximum power, regardless of the configured power settings.

Condition : Cisco AP1600, Cisco AP2600, and Cisco AP3600.

Workaround : None.

CSCue32755

Symptom : Wireless clients are unable to associate with the mesh APs.

Condition : When the wired clients are not operational; clients are connected to the mesh AP with Ethernet bridging enabled.

Workaround : Reboot the mesh AP for the wired and wireless clients to associate.

CSCue42242

Symptom : When the controller detects more than 21 ad hoc rogues, the controller GUI shows only the first 20 entries (first page).

Condition : More than 21 ad hoc rogues detected.

On the controller GUI, choose Monitor > Rogue > Adhoc Rogues and click on Unclassified Adhoc or Custom Adhoc.

The first page shows correctly, but it is not possible to browse to the subsequent pages.

Workaround : On the controller CLI, enter the show rogue adhoc summary command.

CSCue55153

Symptom : Controller stops communicating with CAM with SNMPv3.

Condition :

1. Enable HA.

2. Add controller to CAM with SNMPv3 (should have an authorization and authentication passwords)

3. Failover from primary to secondary controller.

Workaround : Delete and add the controller in CAM again.

CSCuf35269

Symptom : The 802.11u domain is lost after a controller reboot.

Condition : Same domain name is used on two different WLANs. This is allowed on CLI, but configuration validation fails on boot.

Workaround : Reconfigure the domain, or use different domain names.

CSCuf74326

Symptom : Cisco Virtual Wireless Controller is given a valid license with an AP count. Installation of the controller is successful, and the show license summary command shows the license in use with the correct count. However, the homepage of the controller GUI shows “0 access points supported” and APs are denied association with the controller.

Condition : This issue occurs only when you provide a license file that contains only adder licenses and not the base feature.

Workaround : Request for a correct base feature AP count license file.

CSCug08277

Symptom : Cisco AP1260 might stop working in the function mvl_transmit_recover.

Condition : Cisco AP1260 using IOS version 12.4(23c)JA6 and controller version 7.0.235.3.

Workaround : None.

CSCug14709

Symptom : Controller does not take into account anymore if “airespace wlan-identifier” attribute is sent back in access-accept by the RADIUS server.

Condition : This issue occurs in Release 7.4, but was not present in Release 7.0.x.

Workaround : Use another mechanism to restrict SSID access.

CSCug15064

Symptom : Controller goes into maintenance mode with HA in enabled state.

Condition : HA in an enabled state; Cisco Flex 7500 and Cisco 8500 Series controllers in non-LAG scenario with backup port configured; primary port is not operational.

Workaround : None.

CSCug27084

Symptom : The standby controller in an HA pair could reboot in a loop if the HA role negotiation succeeds, but the configuration synchronization fails.

Condition : Low memory condition on the controller.

Workaround : Reboot the primary controller.

CSCug46616

Symptom : RRM group leader is not operational and does not do channel or power update.

Condition : This issue might occur if you have APs hearing each other when associated through a large set of controllers where RF group name is identical.

Workaround : Options are as follows:

• Limit the RF group size to 1000 APs. Place the APs accordingly and avoid salt and pepper deployment.
• If you already are in this state, you can restart the group leader election by entering these commands:

config advanced 802.11a group-mode restart (If RRM is in the 802.11a band) config advanced 802.11b group-mode restart (If RRM is in the 802.11b band)

CSCug49505

Symptom : Cisco AP3500 stops working.

Condition : LWAPP Rogue Monitoring process is on.

Workaround : None.

CSCug53945

Symptom : After a Cisco AP reboot, the radio which was disabled before Cisco AP reboot is somehow reenabled automatically. This occurs when the Cisco AP belongs to an RF profile.

Condition : Cisco AP joins nondefault AP group and the AP group has the RF profile.

Workaround : Disable radio on AP again after the reboot.

CSCug59937

Symptom : Controller reboot with traceback tpcv2ConstructApProfile.

Condition : TPCv2 in an enabled state.

Workaround : None.

CSCug82976

Symptom : Cisco APs that are configured with submode PPPoE are losing the submode configuration (Submode = Unconfigured) after moving from one controller to another or after rebooting the Cisco AP when associating with the second controller.

Condition : Reboot the PPPoE submode Cisco AP associated with the primary controller.

Workaround : None.

CSCuh05276

Symptom : Controller might trigger a reaper reset crash at “apfFindRogueApEntry” while adding rogue rules on the controller, due to a deadlock condition.

Condition : Adding rogue rules on the controller.

Workaround : None.

CSCuh14797

Symptom : In Export Anchor-Foreign scenario, in both Foreign to Foreign as well as fresh association to a Foreign, if packets are not reaching to Export Anchor due to network issues, then after three retries, there will not be any further exchange. The request will go to Export Anchor and the client will stay in that state until it moves out.

Condition : Network issues between mobility peers.

Workaround : None. Instead, fix the underlying connectivity issues.

CSCuh16870

Symptom : Client with static IP loses connectivity on session timeout.

Condition : This occurs only if the following set of conditions are met:

1. Interface that the client gets from the interface group does not match the interface corresponding to the static IP.

2. Client gets VLAN overridden with the following message:

This overriding is lost when PMK expires, and a new authentication takes place. This occurs even if the client is continuously sending traffic.

Workaround : Either disable interface groups or set to DHCP required state.

CSCuh26964

Symptom : During dynamic rf-group, an HA switchover controller stopped working.

Condition : While running dynamic rf-group between an HA Cisco WiSM2 controller and Cisco 5500 Series standalone controller, enter the show advanced 802.11a group command in the standalone controller CLI. On a forced switchover, the standby controller stopped working.

Workaround : None.

CSCuh35237

Symptom : Incorrect Data tracebacks and failure in response is observed in Cisco AP3600.

Condition :

1. An HA Cisco Flex 7500 Series Controller using Build 7.4.100.105 and a Cisco AP3600 in FlexConnect mode associated with it.

2. Schedule a reset in the active controller using 'reset system in 00:03:00 image no-swap reset-aps save-config’

3. At the scheduled time, the Cisco AP3600 gets a reset push from the controller. While the AP reboots, incorrect data tracebacks are observed in the Cisco AP and the Cisco AP stops working. Later, the Cisco AP associates with the controller.

Workaround : None.

CSCuh37728

Symptom : Cisco AP1600 prints tracebacks on the console at reboot after VLAN tagging is configured from the controller (using the config ap ethernet tag id vlan-id cisco-ap-name command).

Condition : Cisco AP1600 with data encryption enabled.

Traceback seen at the reboot following the VLAN tagging configuration from the controller.

Workaround : None.

CSCuh44430

Symptom : SE-Connect mode APs show up as Local mode in GUI after fallback because after the fallback the CleanAir Admin and Oper Status becomes “NA” instead of UP. The Network Spectrum Key is not available and it shows up as Local Mode in GUI. Spectrum Analyzer is unable to connect to the SE-Connect mode APs.

Condition : Reboot the controller and then let the SE-Connect APs associate with the controller.

Workaround :

1. Reboot the Cisco AP.

2. After the reboot, the Cisco AP shows correct Mode of “SE-Connect” and also Network Spectrum Key is available.

CSCuh89626

Symptom : Client displays the following message:

Condition : Cisco AP is operational, but the controller shows the Cisco AP as nonoperational.

Workaround : Disable the Cisco AP and then reenable it.

More Information : This issue is only observed after three or more days of continuously disabling and then enabling the radio state every minute on internal testing.

CSCui25877

Symptom : Radio PCI resets are observed on Cisco AP1600.

Condition : PCI resets on Cisco AP1600 with high load.

Workaround : None.

CSCui32908

Symptom : A Cisco AP stopped working and then rebooted.

Condition : Unknown.

Workaround : Unknown. Check any CDP events on the connected switch.

CSCug90218

Symptom : In the controller GUI, access points appear in an unknown state.

Condition: Unknown.

Workaround : Reboot the controller.

CSCug92421

Symptom : Controller reports many stale client entries.

Condition: Cisco Flex 7500 Series Wireless Controllers with Release 7.3.103.14 having many clients.

Workaround : None.

CSCug98625

Symptom : WebAuth redirect fails when local switching is enabled on a WLAN. Manual redirect and redirect with central switching works.

Condition: Local switching is enabled on a WLAN.

Workaround : Add a dummy interface on the controller with the IP address of the VLAN that is locally switched for the client. The VLAN IDs need not be the same, however, the IP addresses must be same. The VLAN must be trunked to the controller.

CSCuh02340

Symptom : CleanAir status appears as N/A even when the access point supports and enables CleanAir.

Condition: This issue occurs when the access points join a primary or secondary controller after the power goes down or a network problem arises.

Workaround : Disable or reenable the access point radio to recover the CleanAir status on the controller.

CSCuh03648

Symptom : Controller sends accounting updates with different framed IP address for an endpoint.

Condition: Central web authentication used with ISE and URL redirect is pushed.

Workaround : None.

CSCuh04548

Symptom : Client disconnects from its WLAN.

Condition: When you change the parameters of a WLAN, a client disconnects from another WLAN.

Workaround : None.

CSCuh10735

Symptom : RADIUS failover occurs when the controller sends RADIUS request packets with the same ID to the RADIUS server six times and receives no response from the RADIUS server.

Condition: Release 7.3.112.0.

Workaround : None.

CSCuh11730

Symptom : When a FlexConnect local switching access point roams using WGB, the following message appears on the access point console:

*May 22 11:24:34.559: capwap_ap_mgmt: delete mn 0d0d.0d0d.0d0d

*May 22 11:24:34.559: capwap_ap_mgmt: Deleting PMK for 0d0d.0d0d.0d0d

The station mac address is not present in the network neither as a wlan client, or wired WGB client.

Condition: This message appears on Release 7.4.x while using the debug capwap client mgmt command.

Workaround : None.

CSCuh16539

Symptom : When you disable the radio of a Cisco AP2600, the radio gets enabled after the access point reloads.

Condition: Release 7.4.x

Workaround : None.

CSCuh16842

Symptom : Client gets IPv6 address from a different VLAN. A sample message is given below:

Overriding interface of client from 'vlan20' to 'vlan30' within interface group 'vlan20-30'

Condition:

1. VLAN is in an interface group.

2. Client sends traffic from either a static IP address or a previously allocated IP address.

3. Client traffic does not match the assigned VLAN.

Workaround : Use DHCP required.

CSCuh17973

Symptom : When you start a calibration task using Prime Infrastructure 1.2 and 1.3, the task proceeds and at the end of the data collection the following message appears:

No data points collected when starting from location..

Condition: This message is displayed when there is no data in the controller calibration table.

Workaround : None.

CSCuh20357

Symptom : Cisco Services-Ready Engine (SRE) controller configured as a DHCP server shows reversed octet for the default gateway and DNS server values. For example, 4.3.2.1 instead of 1.2.3.4.

Condition: Cisco Wireless Controller on Cisco SRE using Release 7.4.x.

Workaround : Use an external DHCP server or downgrade the controller to a release that is earlier than Release 7.4.x.

CSCuh20385

Symptom : Unable to use the filter options for clients and access points when you use IE 10 to access the controller GUI. The filter popup box does not appear in the GUI.

Condition: Microsoft Internet Explorer 10.

Workaround : Switch the browser to compatibility view.

CSCuh20715

Symptom : Cisco 5508 controller with Release 7.3.101.0 stopped working on Reaper Reset: Task "LDAP DB Task 2" missed software watchdog.

Condition: Unknown.

Workaround : None.

CSCuh25790

Symptom : In an HA-enabled 5508 controller with 430 access points, when you perform predownload on all the access points, the controller does not reset.

Condition: High AP count and failed predownlaod.

Workaround : Reboot the controller using the reset system forced command.

CSCuh26716

Symptom : The show redundancy summary command shows the following output regardless of its real SKU.

Unit = Secondary - HA SKU

Condition: When you use the show redundancy summary command on:

• Secondary machine which is converted from a primary machine
• HA-SKU machine

Workaround : None.

CSCuh28190

Symptom : AP stopped working once and the log was found on the controller and TFTP server.

Condition: Unknown.

Workaround : None. Access point resets on its own.

CSCuh31410

Symptom : Access point radio resets during the FlexConnect state change.

Condition: Restore access point connectivity to controller.

Workaround : None.

CSCuh39893

Symptom : Controller on Release 7.3 or 7.4 fails to authenticate the One Time Password (OTP) users authenticating with TACACS+. The following debug output is displayed when you use the debug aaa tacacs enable command:

TPLUS_AUTHEN_STATUS_GETPASS

auth_cont get_pass reply: pkt_length=25

processTplusAuthResponse: Continue auth transaction

No auth response from: <SERVER IP>, retrying with next server

Preparing message for retransmit. Decrypting first

Forwarding request to <SERVER IP> port=4900

AUTH Socket closed underneath

No auth response from: <SERVER IP>, retrying with next server

Preparing message for retransmit. Decrypting first

Forwarding request to <SERVER IP> port=4900

AUTH Socket closed underneath

Exhausted all available servers for Auth/Author packet

Condition: This issue occurs in the following Condition:

1. Controller uses Release 7.3 or 7.4.

2. TACACS+ is used for management user authentication.

3. OTP is used for TACACS+. Static passwords are not affected.

Workaround :

Extend the TACACS+ management server timeout value by using the following commands:

config tacacs auth disable server-index

config tacacs auth mgmt-server-timeout server-index 10

config tacacs auth enable server-index

CSCuh41053

Symptom : When there is duplex mismatch between a Cisco Aironet 1140 Series Access Point port and an upper layer switch port, the following warning appears on the switch, controller, and access point:

duplex mismatch discovered

However, when the controller is upgraded to Release 7.4.x, the warning message is not logged to controller.

Condition: Controller with Release 7.4.x.

Workaround : None.

CSCuh44119

Symptom : Cisco 8510 controller does not update the config line after disabling DHCP proxy using the config dhcp proxy disable bootp-broadcast disable command.

Condition: Release 7.4.100.60.

Workaround : Manually enter the line in the config file or modify the configuration directly on the controller using the CLI or the GUI.

CSCuh45072

Symptom : Cisco 5508 controller in an HA configuration with two AAA servers sends TACACS+ authentication and authorization requests to different AAA servers. Users using TACACS+ account are unable to login to controller, as the controller sends authentication request to one AAA server, and authorization and accounting request is sent to another AAA server configured in the controller.

Condition: This issue occurs in the following Condition:

1. HA configured on the controller.

2. Users log onto the controller using TACACS+.

3. Two or more AAA servers are defined in the controller TACACS+ authentication and authorization server list.

Workaround : None.

CSCuh46996

Symptom : Wired clients behind a third party WGB device fail to get an IP address.

Condition:

• Third party bridge associates to an access point in H-REAP (FlexConnect) local switching mode.
• Controller is using release higher than Release 7.0.116.0.

Workaround : None.

CSCuh49135

Symptom : Beacon loss in Cisco AP1130.

Condition: Cisco AP 1130 in FlexConnect mode.

Workaround : None.

CSCuh50219

Symptom : In a mesh topology, RAP-MAP1- MAP2 (all are 1522 access points using 5 GHz backhaul), when MAP1 does not have an Ethernet bridge client then MAP2 connects to MAP1 and joins the controller. However, when MAP1 has an Ethernet bridge client then MAP2 fails to connect to MAP1 to join the controller. The authentication process between MAP2 and MAP1 is never completed in this case.

The issue also appears regardless of the radio used for backhaul (both 5 GHz and 2 GHz backhaul).

Condition: Only on 1520 series access points.

Workaround : None.

CSCuh51208

Symptom : On an HA pair, when the standby unit is active, the evaluation license remaining time warning is displayed.

Condition: Unknown.

Workaround : None. The HA controller continues to work as the local licenses are not used for access point join validation.

CSCue38133

Symptom : Controller sends a message that the APs should be moved to a primary controller, after 90 days of an AP joining the controller.

Condition: This occurs when a HA-SKU controller is used as a secondary controller in a N1 configuration and an AP has joined the controller.

Workaround : None.

CSCue51838

Symptom : Flash is not accessible for Cisco AP1520 or Cisco AP1550. The APs will continuously write the following flash error to the console:

Write of the Private File nvram:/lwapp_ap.cfg Failed *Feb 8 15:10:34.947: %LWAPP-3-CLIENTERRORLOG: Save LWAPP Config: error saving config file *Feb 8 15:10:35.115: Write of the Private File nvram:/lwapp_ap.cfg Failed *Feb 8 15:10:35.119: %LWAPP-3-CLIENTERRORLOG: Save LWAPP Config: error saving config file *Feb 8 15:10:40.211: and can generate one of these two error messages, when a "dir" command is done: opening flash:/ (Invalid argument) opening flash:/ (Device or resource busy)

Workaround : Reboot the Cisco AP.

CSCuf03454

Symptom : Controller fails intermittently.

Condition: Web pass through clients anchored from foreign controller to anchor controller.

Workaround : Reboot the controller.

CSCuf08099

Symptom : New AP801 on C1941, cannot enable the radios. The radios gets reset continuously, and IOS shows 802.11 driver process using 99 percent CPU. Reloading the AP or router does not change.

Condition: This occurs when AP801 joins controller using Release 7.4.x.

Workaround : None.

CSCuf60628

Symptom : When AP which is in FlexConnect local switching mode, fails over from primary controller to secondary controller, the client protocol displays 802.11b, instead of 802.11g.

Condition: This occurs in controller 7.3.112.0.

Workaround : None.

CSCuf61599

Symptom : Clients are unable to join.

Condition: This occurs in controller 7.3 5500 with FlexConnect and NAT/PAT AP IP.

Workaround : Enable data encryption.

CSCuf77488

Symptom : The FT and LT detection time for an alarm is ahead/later than the AP clock. This is causing a delay in NCS to detect the alarm.

LCAVIAX014-2AD1#show capwap am alarm 54
capwap_am_show_alarm = 54
<A id='139266813'>
<AT>54</AT>
<FT>2013/03/12 23:37:44</FT>
<LT>2013/03/12 23:38:07</LT>
<DT>2013/03/01 21:59:47</DT>
<SM>D0:57:4C:08:FB:B2-g</SM>
<SNT>1</SNT>
<CH>1</CH>
<FID>0</FID>
pAlarm.bPendingUpload = 0
LCAVIAX014-2AD1#
LCAVIAX014-2AD1#show clock
*21:59:18.983 UTC Tue Mar 12 2013


In Cisco NCS, you will not see the alarm until the actual AP time matches the time reported in the FT.

Condition: This occurs in controller 5508 7.0.235.3, AP3500 wIPS ELM mode, MSE 3350 on Release 7.0.201.204.

Workaround : None.

CSCuf93093

Symptom : The "Central Dhcp" and "nat-pat Flag" are enabled on WLAN. With this configuration, when a wireless client tries to associate with an AP, the AP IP address is duplicated to default gateway.

Condition: This occurs in controller 7.3.112.0.

Workaround : Disable “nat-pat Flag”.

CSCug19563

Symptom : WiSM2 secondary controller DP stops responding due to deadlock in HA configuration while it gets booted and synchronizes with the primary controller.

Condition: This occurs rarely when there are multiple reboot of controller in HA configuration. The controller recovers after reboot.

Workaround : None.

CSCug27515

Symptom : Clients on 802.11n rates gets disconnected or experiences data transfer issues when certain segment number orders are used.

Condition: When client leading segment number is lower than the window (lower order).

Workaround : For Apple devices, disable AQM in the Apple wireless driver. Disable A-MPDU. Also refer CSCug65693 for workaround.

CSCug32970

Symptom : Memory leak in EAP.

Condition: This issue occurs during excessive mesh AP Authentication.

Workaround : None.

CSCug34700

Symptom : Controller sends keep active alive as a wired packet instead of wireless.

Condition: When the controller sends the keep alive as a wired packet the ISE drops it because of license.

Workaround : Use passive keep alive instead of active.

CSCug38794

Symptom : WiSM2 stops responding and reboots (bcastReceiveTask 1332).

Condition: Unknown.

Workaround : None.

CSCug53680

Symptom : AP stops responding due to unexpected exception to CPUvector.

Condition: There is no outstanding trigger.

Workaround : None.

CSCug57216

Symptom : Ascom phone stops receiving voice packets.

Condition: 11n in use Voice traffic QoS markings are lost on downstream direction.

Workaround : Either fix QoS markings or disable 11n.

CSCug57545

Symptom : Clients are unable to connect to SNMP NAC SSID an displays the following error message:

Unable to process out-of-band login request from <MAC and IP Addr> [device-filter]. Cause: OOB client<MAC and IP Addr> not found.

Condition: This occurs after upgrade from controller 7.4.

Workaround : Enable NAC Alert Client Trap.

CSCug73660

Symptom : As per the data sheet, the 1600 AP should have 17dbm of tx power on 1 antenna and up to 22 on 3 antennas.

http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-1600-series/data_sheet_c78-715702.html

However, when you see the show controllers output, it shows that the power level 1 is 13dbm on 3 antennas (8dbm per antenna). Comparing show controllers output with 3600e, clearly shows that 1600AP has less tx power. Field tests also show it has a much smaller coverage area. This is on 2.4ghz. 5ghz power is meeting expectations. This was noted in -E reg domain. Also, on modifying the antenna gain has no effect at all on Tx power.

Condition: This occurs in controller 7.4.100 code. European regulatory domain in countries where the expected power level is 17.

Workaround: None.

CSCug74974

Symptom : Controller fails to redirect clients to the WebAuth/Passthrough page.

Condition: This occurs in controller 7.4.x. When clients begins the WebAuth/Passthrough process by going to a web page that has cached their credentials in a cookie (such as “remember me” at www.yahoo.com).

Workaround : Use a website that does not cache credentials in cookies. Clear the client's cookies for that particular website or all websites. Downgrade controller to controller 7.0/7.2/7.3.

CSCug80814

Symptom : The foreign controller does not respond to ARP from foreign export client to a local client being on the same VLAN.

Condition:

• Client1 associates with WLC1 (local)
• Client1 performs Layer 3 roam to WLC2 (WLC2: foreign / WLC1: anchor)
• Client2 associates with WLC2 (local)
• Initiate traffic, that is ping from Client1 to Client2

Workaround : None.

CSCug86995

Symptom : SRE controller gives an option to configure the “External NAT IP State” and “External NAT IP Address” in the management interface. AP placed in the public domain will not be able to join the SRE. This is because the controller discovery response includes only the controller private IP address. Moreover, the option of enabling or disabling only the ap-discovery nat ip is not available in CLI. “config network ap-discovery nat-ip-only enable/disable”.

Condition: Unknown.

Workaround : Do not place SRE-controller behind NAT even though the GUI allows you to configure it.

CSCug89084

Symptom : Clean Air sensor goes down and requires a reboot.

Condition: First found on monitor mode APs.

Workaround : Reboot the AP.

CSCub26289

Symptom : Controller changes the overlapping subnet interfaces IP addresses to all zeros without raising any visible alarm on GUI/CLI or any message on msglog/traplog or “show invalid-config”.

Condition: Controller had overlapping subnet interfaces prior to upgrade.

Workaround : Ensure that controller does not have overlapping interfaces before an upgrade.

CSCub63054

Symptom : When VLAN transparent feature is enabled on controller version 7.2, it does not pass VLAN tags. Span at end device shows all frames being placed on the native VLAN.

Condition: VLAN Transparent enabled.

Workaround : Disable VLAN Transparent and set the MAP Ethernet port as trunk.

CSCub96053

Symptom : Cisco AP3500 gets DFS events because of radar on a DFS channel associated with an Cisco 7925 IP phone. The frequency of DFS events are higher on weekday and business hours.

Condition: Controller Release 7.2.103.0.

Workaround : None.

CSCuc02814

Symptom : When broadcast SSD is disabled, the client is unable to associate with the controller.

Condition: Disable the broadcast SSID in controller. A client is unable to associate.

Workaround : A non-Cisco client is able to associate.

CSCuc19950

Symptom : Anchored SSIDs on controller release 7.3.101.0 incorrectly shows recently configured peer controllers in its anchor list after a reboot.

Condition: Controller Release 7.3.101.0 with existing anchored SSIDs.

Workaround : Manually go to the anchored SSID and remove the recently added peer controllers from its anchor list.

CSCuc42026

Symptom : On FlexConnect (H-REAP) access points with a WLAN setup for local switching and local authentication, not all of the client detail fields are populated when a client connects to the WLAN.

Condition: Unknown.

Workaround : Switch the client authentication from local to central.

CSCuc45005

Symptom : Controller stops working while running controller release 7.3.101.0.

Condition: Unknown.

Workaround : None

CSCuc51315

Symptom : Controllers stops working if you clear the AP join statistics.

Condition: This problem occurs only when you clear the AP join statistics (Monitor > Statistics > AP join Statistics > Clear)

Workaround : None

CSCuc65606

Symptom : Cisco 4400 Controller stops working in spamreceive in release 7.0.235.3

Condition: None.

Workaround : None.

CSCuc69522

Symptom : Client sending TCP SYN to a Multicast MAC for its gateway results in the controller not sending a TCP SYN ACK. TCP Handhsake does not complete and hence the client never generates HTTP traffic and is never redirected. Traffic is seen arriving at foreign and sending to anchor. The anchor ignores/drops the TCP SYN.

Condition: Controller Foreign/Anchor doing Central Web Authentication. When a client has a Multicast MAC address for gateway, this issue occurs. This is usually the result of having a load-balance/clustered node for the gateway of a client.

Workaround : Do not use Multicast MAC.

CSCuc70159

Symptom : Autonomous AP running software version 15.2 loses clock information after reboot.

Condition: Autonomous AP running software version 15.2. Clock information is lost even when “clock save interval” is configured. This is important for WGB situations where the AP must use certificate-based authentication (EAP-TLS, PEAP), and the certificate validation fails the time check.

Workaround : Perform the following:

1. Manually configure the clock after an AP reboot.

2. Configure SNTP for applications where AP is not operating as WGB with certificate-based authentication by entering this command on the AP console:

CSCuc81022

Symptom : The LAP1520 outdoor mesh APs gets false DFS triggers when in-band/off-channel (ch 124) weather RADAR signals are present and received above -20 dBm, causing network instability. A similar behavior was observed with off-band maritime radars operating in the 3.05 GHz band, but this can be addressed with Band-pass filters installed at the antenna port.

Condition: AIR-LAP152x outdoor mesh AP installed near a weather RADAR installation.

Workaround : New hidden CLI dfs-peakdetect added to address this issue.

CSCuc91441

Symptom : Some clients are not removed from the controller database after user idle timer is expired.

Condition: When 100 clients expire simultaneously because of user idle timeout, only 64/65 deauths are sent and 36/37 clients are not removed from the controller database.

Workaround : Manually remove the stale clients or reboot the AP that had these clients or reboot controller.

CSCuc93681

Symptom : Controller intermittently stops working.

Condition: Any controller running software versions from 7.0 through 7.4.

Workaround : None.

CSCuc98178

Symptom : If you remove the HSRP configuration, it leads the CAPWAP APs to keep sending data traffic to the old HSRP MAC while the control traffic is sent to the new correct gateway MAC.

Condition: Cisco AP3500 and HSRP gateway.

Workaround : Reboot AP.

CSCuc98518

$$IGNORE

Symptom : Guest LAN interface loses its guest LAN check box because of which the guest WLAN gets disabled.

Condition: Guest LAN interface loses its guest lan check box.

Workaround : Reenable the guest LAN check box on the guest LAN interface. Enable the guest WLAN and set the correct ingress interface.

CSCuc99675

Symptom : A Cisco AP802 may exhibit one of the following symptoms:

• when configured for FlexConnect mode, it may come back up in local mode
• the recovery (rcvk9w8) image attempts to download the full lightweight (k9w8)
• image via CAPWAP, but the AP resets after 15 minutes and repeats the process

Condition: Cisco AP802, lightweight IOS.

Workaround : Disable RBCP heartbeat fail to detect default reset that occurs after 15 minutes by entering the “service-module wlan-ap0 heart-beat reset disable” command on the router.

CSCud07983

Symptom : The local AAA sever of the controller shows the outer username of wireless user who authenticates using local EAP.

Condition: When using local EAP on the controller.

Workaround : Disable identity protection on the wireless client to use the same username for the inner and outer EAP username. For local EAP, inner username will be shown in the clients page or in show client detailed mac-addr

CSCud10611

Symptom : High number of client exclusions can prevent configuration changes from being applied to Access Points.

Condition: High number of client exclusions and access points joined the to controller.

Workaround : Disable client exclusion.

CSCud12582

Symptom : Client RADIUS authentication fails. The debug client command shows a message similar to this:

At the same time, the msglog shows a message similar to this:

The traplog shows a message like this:

Condition: Large scale deployments with multiple clients. RADIUS queues fill up and fail under heavy authentication/accounting load.

Workaround : Disable RADIUS accounting and authentication.

CSCud16495

Symptom : Cisco Flex 7510 Series Wireless LAN Controller stops working when it is part of a HA pair. After this, the controller reloads and becomes active.

Condition: Controller is part of an HA pair.

Workaround : None.

CSCud23342

Symptom : When a Cisco 1142 lightweight access point joins to a 2504 controller, the access point name that appears in the Wireless page is different from the name that appears in the Monitor > Statistics > AP Join page. Some access point MAC address characters are appended to the access point name, or multiple entries are created with different base radio MAC addresses.

Condition: Controller with 7.0.235.0 image.

Workaround : None.

CSCud26706

Symptom : After High Availability (HA) failover, the show redundancy peer-route summary command does not show any service port routes. This issue is applicable to Cisco 8500 Series Wireless LAN Controller.

Condition: The service port routes doesn't exist after High Availability (HA) failover.

Workaround : None.

CSCud33073

Symptom : mDNS snooping is enabled for FlexConnect local switching enabled WLAN after controller upgrade.

Condition: When you use controller release 7.3 with FlexConnect local switching enabled WLAN and upgrade it to 7.4.

Workaround : None.

CSCud34693

Symptom : LDAP Authentication occurs on a globally defined server listed outside the WLAN settings.

Condition: When there is a timeout of LDAP authentication on the configured WLAN LDAP server.

Workaround : Use 1 LDAP sever/OU for all users or use RADIUS authentication.

CSCud37443

Symptom : Clients are able to connect in b/g band even though Radio Policy for a SSID specifically set to “a only”.

Condition: Create a WLAN with radio policy set to “a only” Configure the phones/clients in b/g mode and they successfully connect.

Workaround : None.

CSCud41334

Symptom : The Ethernet bridged client of Mesh AP (MAP) does not work.

Condition: If the Ethernet bridged client (for example, a PC) has been plugged into the Ethernet port of a MAP before MAP joins the controller, then the client will not work. The issue is seen on a AP1140, AP3500 and AP3600 (all indoor mesh APs). The issue is not seen on AP1552 (outdoor mesh AP).

Workaround : Ensure that the bridged client is not plugged into the MAP Ethernet port, and then reload the MAP. Let MAP join the controller before plugging the client into the MAP Ethernet port. The client gets a valid IP address and should respond to pings.

CSCud44269

Symptom : AP sending ARP responses for a client in DHCP required state

Condition: Flex mode AP on controller release 7.3.101.0. DHCP is enabled on the WLAN. Roaming breaks for clients on Flex mode APs.

Workaround : Disable the DHCP REQD check box on the WLAN.

CSCuh52238

Symptom : Controller detects false positive Dynamic Frequency Selection Detections (DFS) owing to signals transmitted by Broadcom radios.

Condition: Client hardware triggers DFS detections o wing to signals transmitted by Broadcom radio.

Workaround : Usage of non-DFS channels.

CSCuh53168

Symptom : While performing a device synchronization operation from Cisco NCS (SNMP query operation), Cisco controller returns a noSuchName value.

Condition: Telnet is enabled (occasionally seen).

Workaround : None.

CSCuh54815

Symptom : WPA2 with TKIP and WPA with AES is not supported in standalone mode, local-auth in connected mode, and CCKM fast-roaming in connected mode.

Condition: Occurs only when the WLAN is configured as:

– Flexconnect Local Switching and Local Authentication.

– WPA-PSK with AES encryption.

Workaround : Disable local authentication or u se WPA2-PSK with AES or WPA-PKS with TKIP.

CSCuh55653

Symptom : AIR-CT5508-K9 unexpected reboot happens in Cisco controller 7.4.x software version with "apfMsConnTask_5" task suspended.

Condition: Crash happens under normal condition without any changes in hardware or software configuration or network topology.

Workaround : None.

CSCuh56264

Symptom : Client disassociated from fast transition roam due to key failure. This issue occurs only when both PMF and FT are supported.

Condition: Client has negotiated both PMF and FT capabilities with the access point.

Workaround : Disable PMF or FT.

CSCuh65005

Symptom : When the client is not authenticated by RSA/RADIUS server using webauth, Cisco controller places the client in RUN state. This issue is caused by the usage of two factor authentication.

Condition: Unknown.

Workaround : Non-usage of two factor authentication. Cisco controller does not support two factor authentication.

CSCuh69558

Symptom : While enabling a AAA over-ride in the WLAN during foreign controller-interface mapping on a guest access configuration, the anchor controller uses the default interface configuration to assign IP address to the client if the AAA server does not send any interface details.

Condition: Unknown.

Workaround : None.

CSCuh70825

Symptom : Cisco MAP gateway becomes unreachable using ICMP and displays memory allocation failures.

Condition: 1552UE MAP with IP camera connected.

Workaround : Reboot the access point.

CSCuh71233

Symptom : The 3600 AP running in FlexConnect mode stops working with the following decode:

Condition: Unknown.

Workaround : None.

CSCuh72474

Symptom : Controller marks an interface in a group as dirty even when a response is received from the DHCP server. This issue is observed when some clients insist on requesting an IP unlisted in the connected interface range in a flood. The controller forwards the DHCP NAK responded by the DHCP server when a request is made. However, the interface will still be marked as dirty.

Condition: Unknown.

Workaround : None.

CSCuh76898

Symptom : When an access point is in FlexConnect Local Switching mode with disabled VLAN support, client communication is lost when access point switches over from one controller to another.

Condition: Unknown.

Workaround : None.

CSCuh78753

Symptom : When an access point is in FlexConnect mode and has continuous association/re-association of clients with flapping WAN connection, access point may crash at the following decode:

Condition: Access point is in FlexConnect mode and has continuous association/re-association of clients with flapping WAN connection.

Workaround : None.

CSCuh86976

Symptom : Cisco NCS SNMP polling hangs as Cisco controller hangs while performing a SNMPwalk on the bsnMeshNeighsTable table for the Cisco controller 6.0.199.4.

Condition: SNMPwalkon bsnMeshNeighsTable.

Workaround : None.

CSCuh86993

Symptom : When an access point receives authentication request from a client that database is about to be freed/deleted, the access point should not respond with auth response for a disabled BSSID.

Condition: Unknown.

Workaround : None.

CSCuh87571

Symptom : Image upgrade fails in a high availability environment even when the standby is up and running. The standby HOT does not display any image download activity.

Condition: Occurs on AP 5508/Wism2 high availability environment.

Workaround : Reset the system and retry the image download.

CSCuh92835

Symptom : While trying to change Layer2 and Layer3 policies on any two similar WLAN, an error message "WLAN with duplicate SSID and Layer2 security policy found."is displayed.

Condition: Occurs on AP 5508/WiSM2 high availability environment.

Workaround : Perform the following workaround:

1. Change WLAN configuration from the CLI. You must disable both the WLANs from the GUI and enable the WLANs again after you complete the configuration again.

2. Delete the existing WLAN and re-create another WLAN using the GUI.

CSCuh93838

Symptom : WebAuth redirect fails when a FlexConnect access point joins the Cisco controller using the IP address from the DHCP server after a reload. A reload occurs when the FlexConnect AP with static IP address has lost connectivity to Cisco controller and the default gateway.

Condition: Unknown.

Workaround : Reload the FlexConnect access point.

CSCuh94259

Symptom : While enabling an mDNS profile on an interface group, an error "Active WLAN using interface group. Disable WLAN first" is displayed when an interface group is already mapped to a WLAN or an access point.

Condition: Usage of mDNS gateway on interface group.

Workaround : Ensure that you remove, add, and enable mDNS on the interface group before further use.

CSCuh94366

Symptom : Clients are unable to connect to receive DHCP information post upgrade.

Condition: Usage of mDNS gateway on interface group.

Workaround : Usage of other VLANs.

CSCuh97457

Symptom : Controller displays incompatibility behavior on Cisco controller incompatibility behavior on Change-of-authorization ( CoA) for RFC 3576 implementation and shows the debug output error 'RFC-3576 Disconnect-Request' which indicates that session identification attributes are invalid.

Condition: Change-of-authorization (CoA) on the controller.

Workaround : When the three AVP pair attributes are sent, the controller accepts the disconnect request Calling-Station-ID MAC address of device (lower case works) Service-Type Login-user Called-Station-ID (upper case MAC of AP SSID separated by colons).

CSCuh99194

Symptom : Wireless Clients are not denied association when it re-associates.

Condition: The maximum number of clients per access point radio is configured on each Cisco AP1142.

Workaround : None.

CSCui01948

Symptom : The “SNMP operation to Device failed. Table too large, possible agent loop.” error message is displayed on monitoring access points on Cisco Prime Infrastructure 1.3.

Condition: SSID is set to FlexConnect local switching and access point set to local AP mode.

Workaround : None.

CSCui02779

Symptom : Cisco OEAP fails to connect when a failover occurs from LDPE to Non LDPE controller when in a high availability setup.

Condition: Unknown.

Workaround : None.

CSCui03652

Symptom : SIP client sometimes associate access points over CAC voice max-bandwidth.

Condition: Unknown.

Workaround : None.

CSCui05324

Symptom : Clients are unable to associate to the access point radio. The access point continues to beacon, but when the client sends an 802.11 authentication frame, the access point fails to respond with an authentication response. This issue occurs when the use of the current transmit queues is equal to the limit - the radio is unable to transmit.

Condition: Unknown.

Workaround : You must perform the following workaround:

1. Write a script that goes out to each access point and monitors the usage of the radio transmit queues. If a radio is found whose transmit queue utilization is nearing its limit, then issue the following command:

2. Manually reset the AP's impacted radio.

CSCui08633

Symptom : Access point information in an access point group does not match when verified in GUI and CLI.

Condition: Unknown.

Workaround : Perform an upgrade.

CSCui09037

Symptom : Client IP on controller does not get updated after executing the 7.3.101.0 upgrade.

Condition: WLAN is used for mobile device, H-REAP local switching, but the DHCP server is central.

Workaround : Synchronization will happen after some time.(20-30 minutes).

CSCui10841

Symptom : The access point arranges a bandwidth for SIP phone, though not on the phone.

Condition: Unknown.

Workaround : None.

CSCsv54436

Symptom : While trying to connect Wireless LAN (WLAN) controller through SSH, the connection fails. If retried immediately from the same system to controller, the connection succeeds.

Condition:

The SSH connection is made from a different Layer 3 network. The issue is found in the Cisco 4400 and 2106 Series Controllers.

Workaround : Retry SSH connection.

CSCsy66246

Symptom : An 802.11n AP does not downshift rates for retries when low latency MAC is enabled. The AP sends three retransmissions but the data rate for retransmissions is the same as the data rate at which the initial packet was sent.

Condition: Using an 802.11n AP with low latency MAC enabled.

Workaround : Do not enable low latency MAC.

CSCtn52995

Symptom : H-REAP reached a maximum limit on the association ID for AP.

Condition:

1. Client 1 is associated to the controller with AID as 1 on SSID x.

2. Cl ient 1 sends 802.11 auth frame on ssid y, at this point AID as 1 is freed at the AP. Auth frames are not honored at the controller, so controller is not informed.

3. No association frame arrives from client 1 at SSID 2.

4. Client 2 associates to the AP and gets AID as 1.

5. AP updates the controller about client 2 and AID as 1, at this point the controller adds duplicate entries and increments the count (controller already has client 1 AID =1).

6. Counter is getting incremented and reaching 256. It is due to the network conditions in which the 802.11 authentication frames are sent (sometimes on a different WLAN) but is not followed by association frames.

Workaround : None.

CSCtq32444

Symptom : When a port in a LAG goes down and then comes up, the controller does not send an UP trap through SNMP.

Condition: Distribution ports are configured in a LAG and an SNMP trap receiver is configured.

Workaround : Use the show traplog command to view traplog on controller for the UP trap.

CSCtw67184

Symptom : While booting up the controller, you might view the following message on the attached monitor or on the serial console:

All the disks from your previous configuration are gone. If this is an unexpected message, then please power off your system and check your system and check your cables to ensure all disks are present.

Press any key to continue or C to load the configuration utility.

When the Space key is pressed, the system could not boot from the disk.

Condition: The controller might have passed through an accidental power interruption. Upon reboot, the RAID card could not find its configuration in the flash memory and therefore it could not boot.

Workaround : When you encounter the situation, you must enter into the RAID management tool called WebBIOS. There are two versions of the tool available:

• One that uses extensive menus and requires an attached monitor.
• Another one that is completely based on the command-line interface (CLI). The CLI version can be accessed from the serial console. The prompt appears right after the message. Enter into the CLI version of the WebBIOS utility by pressing Ctrl-Y and then entering the following command: -CfgForeign -Import -a0.

CSCtx68850

Symptom : After upgrading to the controller (release 7.2), when trying to connect the controller through SSH, the connection fails randomly, the prompt for username is displayed, and then SSH session gets closed from the controller side.

Condition: Unknown.

Workaround : Try connecting several times.

CSCty84682

Symptom : AP is not forwarding Multicast data and IGMP querier messages.

Condition: Upon fresh reload of an AP.

Workaround : Perform shut or no shut on the WLAN.

CSCub14556

Symptom : If you use the clear ap config CLI command or the clear all config option under the Set to Factory Defaults page in the GUI on an indoor AP that has been configured for mesh (bridge) mode, the AP remains in bridge mode.

Condition: An indoor AP that has been configured for mesh.

Workaround : You can perform one of the following ways:

• Remove the IOS_STATIC_AP_MODE environmental variable from the AP. This can be done on the console by reloading the AP, escaping into the bootloader, and entering the bootloader command: ap: unset IOS_STATIC_AP_MODE.
• Copy flash:env_vars from the AP to a TFTP server, edit the file to remove the IOS_STATIC_AP_MODE line, and copy the file back. Then, clear the AP config. When the AP reboots, it should be back to factory defaults.

CSCub87374

Symptom : APs may not be able to join controller (with release 7.2 or 7.4) and the controller indicates the limit for maximum APs supported is reached.

Condition: Controller indicates the limit for maximum APs supported is reached when it has not been reached as indicated in the show license capacity command.

Workaround : Reboot the controller with evaluation license.

CSCuc68995

Symptom : A wireless webauth client is unable to authenticate to the network. When the client opens a browser window, the window is blank.

Using the debug web-auth redirect command, the messages similar to the following appears:

*webauthRedirect: Oct 15 18:43:19.470: #EMWEB-6-REQUEST_IS_NOT_GET_ERROR:

webauth_redirect.c:1055 Invalid request not GET on client socket 72

or

*webauthRedirect: Oct 10 16:36:30.715: %EMWEB-3-PARSE_ERROR: parse error after reading. bytes parsed = 0 and bytes read = 189

Condition: The HTTP GET from the client is arriving at the controller in multiple TCP segments.

Workaround : Either reconfigure your network or the client's TCP/IP stack, or the both to ensure that the HTTP GET arrives in a single segment.

CSCuc80103

Symptom : WiSM2 is unreachable and unable to ping. All APs are dropped from the controller, and unable to ping the Management interface's gateway (through console) at the time of failure. Failure condition will recover on it's own typically within minutes.

Condition: Cisco WiSM2 using Release 7.3.101.0.

Buffer pool leak messages are printed within the msglog around the time of the failure:

*broffu_SocketReceive: Oct 20 07:31:15.291: #BROFFU-0-DP_BUFFER_POOL_LOW_DETECTED: broffu_fp_dapi_cmd.c:5060 Warning: DP Early PacketBuffer low detected. DP1 PacketBuffer=26105(<?26200) WQE=102318(<?26200)

*broffu_SocketReceive: Oct 20 07:31:15.291: #BROFFU-0-DP_BUFFER_POOL_LOW_DETECTED: broffu_fp_dapi_cmd.c:5060 Warning: DP Early PacketBuffer low detected. DP0 PacketBuffer=26025(<?26200) WQE=102322(<?26200)

Workaround : Downgrade the controller to its prior release.

CSCuc94860

Symptom : If you configure the MAC filtering RADIUS compatibility mode from GUI choosing Security > AAA > MAC Filtering > RADIUS Compatibility Mode or using CLI with the config macfilter radius-compat command as Cisco ACS or Free RADIUS, the WLAN controller sends access-request packet with all bit zero Message Authenticator attribute.

Condition: When configured the MAC Filtering RADIUS Compatibility Mode as Cisco ACS or Free RADIUS .

Workaround : Choose Other (default value).

CSCud14147

Symptom : WLAN controller calculates an incorrect message authenticator value for RFC3576 CoA requests from some RADIUS servers such as PacketFence NAC.

Condition: Controller with releases 7.2.110.0 or 7.3.101.0.

Workaround : None.

CSCud16984

Symptom : Access points are assigned to channels with lower maximum powers.

Condition: Varying power levels in different channels of the new access points. The controller detects more neighbors with high RSSIs on channels with higher power.

Workaround : None.

CSCud56753

Symptom : In a VMWare ESX cluster, when migrating a vWLAN controller from one host to another via vMotion, the vWLAN controller management may become unreachable for 15-30 seconds which may causes APs to transition to standalone mode temporarily and prevent centrally switched WLANs from communicating.

Condition: A virtual controller's management interface is configured with a dot1q VLAN tag communicating through a virtual switch network configured with VLAN (4095 ALL) in promiscuous network. VMware network can be configured to "Notify Switches" causing RARP to be sent on VM's tagged interface for updating neighbors with CAM table seamlessly during vMotion transition. This is transparent to the VM. In the vWLAN controller deployment; hosts cannot know the vWLAN controller’s management or other interface dot1q tags so RARP is delivered untagged. This prevents CAM tables from learning of MAC update on proper VLAN ID and therefore a loss of communication to the vWLAN controller.

Workaround : Communication is established as soon as the vWLAN controller generates traffic through the new host after a vMotion event. No known workaround.

CSCud57046

Symptom : Client entry is seen on multiple controllers even when not anchored to the controller or part of its mobility group.

Condition: Not known.

Workaround : None.

CSCud57784

Symptom : In the Cisco 5508 Series Wireless Controller, when the MAC Filtering authentication is enabled from the GUI using the following procedure, client authentication fails.

1. Choose Security > AAA > RADIUS > Authentication to open the RADIUS Authentication page. Define more than one RADISU servers.

2. Choose Security > AAA > MAC Filtering and set the RADIUS Compatibility Mode as Free RADIUS.

3. In the WLAN setting, select the MAC Filtering check box, select the Authentication server that you have selected. The index number of the server is 1.

4. Choose S ecurity > AAA > RADIUS > Authentication. Delete the Radius server which has index number 1.

5. In the WLAN setting, select Authentication server which has index number other than 1.

Condition: None specified.

Workaround : From the WLAN controller GUI, choose Security > AAA > RADIUS > Authentication, and define a dummy radius server which has index 1.

CSCud68413

Symptom : A Cisco controller functioning as a DHCP server with large DHCP scopes may stop servicing DHCP client requests.

Condition: WLAN controller with release 7.2.110.0.

Workaround : Reload the WLAN controller.

CSCud84109

Symptom : When adding a new 3600 AP to the WLAN controller with multiple countries, the AP may select a country in a different regulatory domain than that of the AP.

Condition: With a AIR-CAP3602I-A-K9 joining a controller with countries in regulatory domains for -A and -N. The AP selects the country in the -N regulatory domain.

Workaround : Select the correct country and enable the AP admin state.

CSCui12365

Symptom: The Cisco 5508 Wireless LAN Controller fails to respond when a client moves from PMIP enabled wireless controller to non PMIP enabled wireless controller if fast SSID is enabled.

Condition: Fast SSID is enabled. The controller is deployed with a with mix of PMIP and normal WLANs in use.

Workaround: Disable Fast SSID.

CSCui13401

Symptom: After multiple 802.1x failures, the client is never excluded when the controller uses the 7.2.115.2 software version.

Condition: Client repeatedly fails when 802.1x authentication is used.

Workaround: None

CSCui15077

Symptom: The controller fails to respond when the AAA server pushes the Cisco AV pair when the url-redirect-acl is longer than 32 characters.

Condition: The error occurs when the url-redirect-acl name is longer than 32 characters.

Workaround: Use url-redirect-acl names of less than 32 characters.

CSCui15110

Symptom: After adding a WLAN to an AP group, the WLAN properties cannot be edited on the AP VLAN mapping page when the AP is in flex mode.

Condition: WLAN is disabled before being added to the AP group.

Workaround: Perform the following steps:

1. Enable the WLAN before adding to AP group.

2. Add another enabled WLAN.

3. Reload AP.

CSCui16011

Symptom: Configuration import of ASCII and HEX commands for PSK do not work as expected. Clients fail to authenticate.

Condition: This happens when the configuration contains ASCII and HEX commands in un-encrypted format for PSK.

Workaround: Use an encrypted format when you upload the configuration for PSK.

CSCui18377

Symptom: Cisco Aironet 1242 Access Point generates tracebacks and coredump after the controller upgrades to 7.4.100.60. Additionally, the radios also reset as shown in the log below:

Condition: The Cisco Aironet 1242 Access Point generates tracebacks and coredumps when upgraded to the Cisco WLC software version 7.4.100.60

Workaround: None.

CSCui19817

Symptom: Cisco Aironet 2600 Access Points fail to perform location calibration when using either the linear or by data points methods. Location calibration works for other models of access points.

Condition: When location calibration is performed when there are Cisco Aironet 2600 Series Access Points as part of the deployment.

Workaround: None.

CSCui20773

Symptom: BCAST queue is filled up displaying the following error:

Condition: Wireless clients send the IGMP report as soon as the query is sent by the Cisco WLC causing a Spike in Bcast queue. The spike is for very brief moment to cause queue to go full.

Ideally for each query, clients should send report within 10 seconds. So throttling would happen. But in some cases, if the application does not do backoff (it sends as soon as query is received) a Bcast queue full message is displayed.

Workaround: Increase IGMP query interval and timeout. If the queue is full and the IGMP query is not processed on first try, the stream will still not be affected until no report is received over the timeout value.

CSCui22463

Symptom: Cisco WLC fails to respond when software version 7.4.103.6 is used.

Condition: The Cisco WLC fails to respond when mDNS snooping enabled on software version 7.4.103.6.

Workaround: Disable mDNS snooping.

CSCui22736

Symptom: Unable to use debug pm pmk command.

Condition: Unable to use the debug pm pmk

Workaround: None

CSCui23134

Cisco WLC fails to respond with the task spamPacketDumpHandleIntraRoamCase

Symptom: Cisco WLC fails to respond with the task spamPacketDumpHandleIntraRoamCase

Condition: The Cisco WLC fails to respond when the ap packet-dump command is used.

Workaround: Do not use ap packet-dump feature.

CSCui23580

Symptom: RAP loses static Channel on 5 GHZ and 2.4GHZ channel get set to static when configured for auto.

Condition: When the RAP is configured with the following values:

RAP-1 - Set to Channel 100. 2.4 GHZ = Auto

RAP-2 - Set to Channel 161. 2.4 GHZ = Auto

Both RAPs are initially joined with wired connection to the Cisco WLC.

When RAP-1 eth link is lost/goes down, it joins over wireless backhaul through RAP-2. When eth connection is available RAP-1 joins over eth and gets set to channel 161 (remembers previous parents channel info) and 2.4 GHZ gets set to static channel 11.

Workaround: RAP eth connection is never lost. If eth connection is lost, RAP should not join another RAP.

cscue50917

Symptom: When a RAP loses its wired connection it fails to restore connectivity as a MAP through the radio backhaul.

The mesh adjacency is correctly build to a nearby MAP and the RAP gets an IP address and can even join its WLC, but shortly afterwards a radio reset is observed which causes the RAP to disconnect.

The RAP never settles down (it keeps on looping) till the wired connectivity is restored.

Sample error messages on RAP console:

Virtual-Dot11Radio0 forwarding

Virtual-Dot11Radio0 going down

Condition: Mesh deployment on the following software versions: 7.0.230.0 / 7.2.104.31 / 7.3.112.0

Workaround: None.

CSCug23281

Symptom: 802.11 statistics do not update in Cisco AP1600 in Monitor mode.

Condition: On the AP console, enter the show int dx statistics command. The statistics are not updated.

Workaround: None.

CSCug18190

Symptom:After clearing and reloading the configuration, if HA is configured, the MAC addresses differ on the active and standby mobility controllers when the show mobility summary command is executed.

Condition: Configuration clear.

Workaround: This does not happen on normal operation, unless a full configuration wiped and reconfiguration process is done, and HA is reestablished.

CSCue26844

Symptom: Cisco WLC controller fails to respond and resets the spectrumNMSPTask

Condition: Cisco WLC fails to respond under normal conditions. Conditions unknown.

Workaround: None.

CSCug26521

Symptom: Cisco WLC running the software version 7.4 in DHCP Proxy mode misses the option 255 in DHCP request packet, resulting in packets being dropped during inspection.

Condition: Release 7.4.

Workaround: Set format to ASCII by running the following command:

CSCtw92430

Symptom : In an HA scenario, when the default management gateway is broken, the standby or active controller goes into maintenance mode and never comes out of that mode even after the connection is restored.

Condition :

1. Configure an HA pair and configure a standby and active controller.

2. Shut down the management default gateway and ensure that one controller goes into maintenance mode after a reboot.

3. After some time, restore the management gateway connection and try to make the controller in maintenance mode come back to the corresponding mode after the connection is restored.

4. The controller always remains in the maintenance mode until a manual reboot is performed and the status is shown to be in negotiation.

Workaround : Perform a manual reboot of the controller.

CSCuc72493

Symptom: The APs disjoin after the switchover if the Cisco 8500 WLC has 6000 APs and 64000 clients on the full load.

Condition: This happens when the Cisco 8500 controller is fully loaded.

Workaround: None.

CSCtc16222

Symptom: The following messages are displayed on Cisco WiSM2:

Condition: The error message is displayed when using WiSM2 using 7.3.101.0 wireless controller software version.

Workaround: None.

CSCuj13054

Symptom: Cisco WiSM2 stopped working after an upgrade from Release 7.3.101.0 to 7.4.110.0

Condition: Cisco WiSM2; upgrade.

Workaround: None.

CSCuh50505

Symptom: Cisco WiSM2 stopped working and rebooted.

Condition: TPCv2 is in enabled state.

Workaround: Disable TPCv2.

CSCug83271

Symptom: Cisco Virtual Wireless LAN Controllers fail to correctly implement Virtual CPU Access Control Lists that have been configured to restrict access to the private virtual management address.

Condition: Cisco Virtual Wireless LAN Controllers running WLC Release 7.4 are affected.

Workaround: None.

Further Problem Description : This issue does not allow an attacker to bypass any forms of authentication. An attacker that did access the private virtual management interface would need to provide valid credentials to gain access to the device.

CSCuj64462

Symptom: On the WLC or PI GUI, CleanAir operational status for one or more Cisco Aironet series access points shows 'Down' as operational status with reason 'CleanAir internal error [5]'. On the console log for the access point, there are messages such as the following:

The event log shows repeated radio resets with reason code 37 (Radio IDB Reset):

Condition: Occurs only with CleanAir capable Cisco Aironet Access Points such as the 3500, 2600, and 3600 series APs.

Workaround: None.

CSCuj84379

Symptom: Controller stops working and then reboots.

Condition: Ad hoc rogue detection is in enabled state.

Workaround: Disabling ad hoc rogue detection is a potential workaround.

On the controller GUI, choose Security > Wireless Protection Policies > Rogue Policies > General, and set Detect and report Ad-Hoc Networks to disabled state.

CSCuj25911

Symptom: Messages similar to the following may be seen in the msglog:

Another symptom is that the WLC might stop working when the RRM profile is changed:

Condition: Unknown.

Workaround: None.

CSCue42242

Symptom : When the Cisco WLC detects more than 21 ad hoc rogues, the web GUI shows only the first 20 entries (first page).

Conditions : Path on the web GUI: Monitor > Rogue > Adhoc Rogues and click on “Unclassified Adhoc” or “Custom Adhoc”.

The first page shows correctly, but it is not possible to browse to the subsequent pages.

Workaround : Use the show rogue adhoc summary command on the CLI.

CSCub89883

Symptom : System is unresponsive in different tasks after guest LAN is enabled.

Conditions :

• Guest LAN
• Cisco 5500 Series WLC using 7.2 or later releases
• IPv6 traffic from clients

Workaround : Disable guest LAN or disable IPv6.

CSCuf56192

Symptom : Unable to delete an mDNS profile.

Conditions : When the mDNS profile is mapped to an interface and the interface is deleted.

Workaround : Before deleting the interface, detach the profile and then delete the interface.

CSCuj58556

Symptom : Cisco AP disconnects from primary and moves to secondary WLC because of memory allocation.

Conditions : Unknown.

Workaround : Reboot the Cisco AP.

CSCui73764

Symptom : Cisco 1240 and 1130 Series APs—DHCP does not work with FlexConnect and VLAN Native 2.

Conditions :

• FlexConnect local switching
• Cisco 1240 or 1130 Series APs
• Cisco WLC Release 7.4.121.0 or earlier releases
• VLAN Native 2
• User unable to get IP address and to connect to the network

Workaround : Change the native VLAN to an unexpectedly higher number, so no WLAN will ever get mapped to a bridge group number that high.

Further Problem Description : Telnet to the FlexConnect mode AP. Example: VLAN3 is the native VLAN on the FlexConnect mode AP. The AP is correctly mapped to bridge group 1. The WLAN that does not work is the one that is mapped to VLAN2. VLAN2 is mapped to bridge group 3 (see below). This is the instance where the issues is encountered. It can be any WLAN-VLAN-Native VLAN combination.

CSCuc78713

Symptom : Wireless clients cannot receive broadcast packets after broadcast key rotation.

Conditions : Dynamic WEP; Release 7.0.235.0, 7.2.110.0, and 7.3.101.0.

Workaround : Enter the config advanced eap bcast-key-interval 86400 command in the middle of the night and then change security setting to WPA2.

CSCtk58442

LC needs force reset option to recover if stuck in sw download state.

CSCto02968

“New Memory leak sshpm, on sshencode. line 252”

CSCtt47397

Cisco AP3500 watchdog crashes at random with CPU Hog while under light load.

CSCtx61744

OEAP600 low TCP throughput less than 50Mbps for personal SSID

CSCua97184

Aggr Sched Cat 1: AP crashes due to function pointer corruption

CSCub24389

AP crash in spamProcessCertPayload

CSCub26654

AP3600/3500 DFS false detect

CSCub88183

Controller stopped working at emWeb instruction: ewaFormSubmit_login_callback

CSCub89883

Controller stopped working on multiple tasks, high CPU, after enabling guest-lan

CSCuc02149

Local switching 3600 drops IP6to4 TCP SYN ACK packets received from LAN

CSCuc03576

ARP problems with MAPs

CSCuc06605

Radio reset: SF3 radio 'tx jammed'[BZ 809]

CSCuc07384

Web access issue on SRE with 7.2 code

CSCuc32120

"AP: %SYS-2-INTSCHED: 'idle' at level 0, interrupts -Process: CAPWAP CL"

CSCuc52952

75Dup service ip add error messages on 6500 for WiSM2 in HA setup

CSCuc84338

1550 AP showing up in Local mode instead of MAP or RAP mode

CSCuc95993

AP send out ARP request for different subnet IP address

CSCuc99037

RRM queues running full on 7.3

CSCud04882

LAP1142's display of Active Power levels is incorrect

CSCud04901

LAP1550 excessive DFS detection for in-band/off-channel weather radar

CSCud10200

CAP1552 local mode not obeying 30 min channel blocked list after DFS event

CSCud12437

DHCPv6 sollicits are sent over the air while they shouldn't

CSCud16350

"OEAP WPA2 issue, stuck at - wpaState to HANDSHAKE_AT_AP"

CSCud22588

Cleanup : mmListen:Failed to release a mutual exclusion object

CSCud23648

Controller stopped working on Release 7.3.101.0

CSCud33577

FlexConnect APs stuck in limbo when DHCP server is unreachable

CSCud39329

Load 7.3.50.17 - Controller 5500 stopped working --Task SXP SOCK

CSCud41398

"AP sometimes fails to hear BA from clients, causing BA timeouts [BZ 786]"

CSCud58247

License storage issues

CSCud62969

AP1600 not deferring NDP and Rogue containment with high traffic

CSCud63437

HA controller stopped working on reboot

CSCud65237

Encryption key corruption on BA ack with wrong ID

CSCud70484

Updating NB/WB spur suppression for 2600/3600 AP

CSCud83441

7.4 changes radius callStationIdType from radio to eth mac

CSCud84135

AP without default route lacks IP connectivity to other subnets

CSCud87439

AP1242 in H-REAP mode crashed with traceback pointing to CAPWAP bindings

CSCud89663

Some WLANs disabled after reboot

CSCud93574

Memory Leak on Anchor controller for client auth trap.

CSCud95613

Cisco WiSM2 stopped working after upgrading to 7.4.x only when high traffic load

CSCud97830

Telnet Access to controller lost

CSCud97983

AP1142 crashing after upgrading to 7.4.x

CSCud99466

Debug leaking due to lack of mac address for APF

CSCue00164

Standby controller continuous crash when a mesh joined to Active

CSCue00375

Failure observed in SNMP for AP CAPWAP retransmit change push

CSCue01983

3600 sends continuous corrupted deauth frames when in WIPS + 7.4

CSCue02475

Failure observed during Web-auth rediect

CSCue02707

HA redundancy does not failover to standby when powercycled

CSCue02718

HA redundancy does not failover to standby when removing ETH cable

CSCue03301

Power level:2 in 2.4GHz on 3602I/2602I APs is stated invalid

CSCue04153

DP failure because of DP Exception on 7.4.110.0

CSCue04528

Controller failure task: osapiBsnTimer SNMPTask

CSCue08313

AP failure due to chunk corruption; periodic client disconnects

CSCue08660

"High CPU on mobility task, crash on mmlisten"

CSCue08874

TX power level changes are reset after AP reboot (11nAP)

CSCue13108

TPC in 7.4 reduces transmit power to lower than expected values

CSCue14501

WSSI interference triggers DCA to change channels on serving radios

CSCue17421

RRM AP Neighbor list is not synced to HA Standby after switchover

CSCue19334

Failure in DHCP Socket Task nfaSyncMsgSendToTask dhcpSendRaw

CSCue26907

Controller failure in SrDoSnmp

CSCue26960

Pmalloc trailer failure - sshmp-integer-core.c

CSCue30626

Insufficient output by 'show 802.11a/b cleanair air-quality summary'

CSCue32955

Wired guest not getting IP address on controller

CSCue33125

"Unable to enable ""bootp-broadcast"" with HA SSO configured"

CSCue33222

Controller failure on 7.4.110.0 with mDNS service enabled

CSCue34072

Controller leaking memory for task:mmlisten

CSCue34763

Clients hit Idle timeout after successful authentication

CSCue49141

Controller: Failure with w/iappSocketTask reason

CSCue53220

Controller drops wireless to wireless client traffic with source UDP/16666

CSCue54977

rf-profile configuration not shown in show run-config commands

CSCue55191

"Memory leak in mm_listen.c, line 8826"

CSCue55397

Failure to create AP bundle during controller upgrade

CSCue56731

RF group state is HA standby on the active after failover

CSCue58727

Reaper reset controller due to mutex issue in spectrumRadSlotAQEnableGet

CSCue62225

HA: IGMP/MLD join goes out of standby controller

CSCue62388

"AP reloads with DOT11-3-NO_BEACONING ""Not Beaconing for too long"""

CSCue66168

Sanity check is not performed and both controllers stay Active

CSCue67286

"MSE: Need auto archive log feature, log full brings down MSE services"

CSCue68272

Standby does not take over when active is powered down

CSCue71856

AP not send traffic indication to client in power saving mode in time

CSCue75015

TPC on demand functionality not working with HA.

CSCue77449

MSE out of memory while adding APs to floor.

CSCue80531

dBm value is zero for AP802

CSCue83558

WiSM2 crash due to Task Name: apfMsConnTask_6

CSCue84694

AP does not clear L2 MGID info after Dynamic Interface Change

CSCue87238

Controller failure: Silent crash on 5508 running 7.4.103.4 without any crashlogs

CSCue87961

Unable to access controller GUI using management via wireless on 7.4

CSCue89182

Unable to upgrade from previous cco to phos via GUI

CSCue90110

Clients not removed from AP after HA failover

CSCue91018

SSID column in raw report from controller shows wrong data

CSCue92521

Controller 5508 crash due to memory corruption in task name spamApTask6

CSCue92971

"fixes for: reporting times, location corner cases and analytic services"

CSCue93244

HA 5500 controller stopped working due to memory corruption during AAA initialization

CSCue99040

7500 and WiSM2 High Availablity issue

CSCuf02268

HA will not even pair with 80ms RTT

CSCuf03309

Small packet drop on wism2 + DTLS scenario

CSCuf15633

"emWEB task controller Crash observed when execute ""config wlan delete"""

CSCuf20330

Mobility control path is down between 8500(HA)-8500

CSCuf21360

A-Pair stuck in image download state

CSCuf30537

CalledStation Id should use MAC Address per CalledStationID change

CSCuf38824

1552E: Flash fills up and cannot join as flash cannot be written to...

CSCuf43147

All ap clears the L2 MGID when wlan intf mapping deleted frm 1 apg.

CSCuf48138

getTagLocationlistfortelemetry api returns null

CSCuf61780

"1600, 2600, 2600 aIOS permits only 7 dBm power setting"

CSCuf65468

RRM misbehaving on BGL Alpha HA OEAP controller

CSCuf80340

Virtual controller: Web authentication feature is broken in virtual controller

CSCuf86303

"DP heartbeat lost, crash at longevity testbed"

CSCuf93738

Save config is not updating startup config with new AP group int mapping

CSCuf93777

AP radio Core dump: Transmitter seems to have stopped

CSCug04801

After a few Failover None of the Clients get authenticated

CSCug06084

Controller crashed - Task Name: SNMPTask

CSCug08318

"New 7500 M3 Hardware Version, unable to scale to 6000 APs "

CSCug10935

ACL is not inherited when controller switched over

CSCug10985

HA - Standby ctrl reboots twice due to mobility related XML mis-match

CSCug16101

CAPWAP background config save fixes/optimization

CSCug16473

HA Standby controller 7.4.110.0 FUS 1.7.0.0 DP failure crash loop

CSCug20166

'Network interrupt loop detected'; does not show AP traceback

CSCug21037

Standby Crashing when Active tries to transfer images in a particular sc

CSCug21715

AP is not able to boot with recovery image

CSCug22648

"WSSI not supported in -S, -N reglatory Domains (possibly more)"

CSCug23395

Secondary 5500 controller has went to hung up state

CSCug25517

L2roam entry not initialized in HA standby controller

CSCug27985

5500 controller failure during upgrade after kitchen sink stress with mem @ 79%util

CSCug28397

No beacon is sent from AP1600 for bake-off image

CSCug29258

FlexConnect ACL is not retaining after AP reboot in standalone

CSCug37360

"back out CSCuc3599, devshell over telnet"

CSCug41333

AP 1142 DATA_KEEPALIVE_ERR When DTLS Enabled - Not Staying Connected

CSCug42677

Controller crashes when applying CPU ACL in HA

CSCug45057

Radio disabled due to inline power on 7.4.100.6

CSCug46718

New client 802.11 auth fails 3600 or 2600 AP on 2.4GHz band after time

CSCug50611

Central DHCP Processing WLAN not getting added to Flexconnect AP

CSCug52338

2504 Traceback errors after image upgrade

CSCug54108

AP memory leak - %SYS-2-MALLOCFAIL: Memory allocation failed

CSCug57376

WISM2 : HA : - AP disconnects the Active and rejoins post switchover

CSCug59452

AP 1524PS/AG crashing while doing clear config

CSCug64750

ARP request unicast is dropped on anchor scenario

CSCug65454

WiSM2 crashes Reason: Reaper Reset Task:dtlArpTask

CSCug65693

Macbook client disconnect on alpha_ac

CSCug66578

Crashinfo files continue to grow on AP without being cleaned

CSCug69212

HA pair broken & config disappeared for WiSM2 running version 7.4.100.9

CSCug70229

Web-authentication with static ip client fails in Export Anchor

CSCug73771

All the rogue config params are lost on the AP in the following scenario

CSCug74738

Controller-GUI Radius Response Time shows Centi-Seconds when it's really msecs

CSCug75833

Crash of SXP core when trying to delete configured SXP connection

CSCug81582

WiSM-2 crash Task Name: apfMsConnTask_7 Reason: System Crash

CSCug86804

Controller 7.4 crash on tplusTransportThread

CSCug89547

Controller console hung after serial timeout if any show cli output in buffer

CSCug90440

Controller: Observing double 'client authenticated' Trap logs

CSCug91572

FlexConnect AID leak

CSCug93826

Instrumentation for reaper task

CSCug94941

7500 primary controller crashed while start image transfer

CSCug96183

Controller Crash Task Name: emWeb Reason: System Crash (HA)

CSCug97390

L2 mgids are getting deleted in APs after HA switchover

CSCug99623

APs disconnect on software download in a HA Pair

CSCuh01030

Aggr_Sched Stack Corruption (infinite loop in timer_send path)

CSCuh01250

7500 controller crash at task emweb

CSCuh01980

HTTPS to HA controller fails after reload as it misses Web Admin key

CSCuh02439

Missing reset interrupt level for flex ext. webauth

CSCuh03740

Rogue transient threshold computation is wrong in AP

CSCuh11295

HA messages showing in console during boot

CSCuh12262

Wired Client behind Universal WGB does not get an ip

CSCuh12457

HA Primary controller (Cisco Flex 7500 controller) reboots with gateway reachability issue

CSCuh15491

Aggr_Sched_Stack Corruption

CSCuh19146

AP SSO active controller crash at emWeb Task

CSCuh23819

ipv6 webauth not working if wlan is mapped to dynamic interface

CSCuh29693

Controller crash on 7.3.112.0 if you make any config change

CSCuh29695

Sys Crash seen on New Act on S/Wover at acDtlsPlumbDataPlaneKeys

CSCuh33173

APs are not properly detecting RRM measurements

CSCuh41842

Intra controller roaming with Webauth broken

CSCuh44600

RRM changing txpower when interval timer not expired

CSCuh47735

Aggr_Scheduler_Crash - FWD_TRACE_L function (freed dtx in cpq)

CSCuh48729

3600 AP hang on network interrupt loop

CSCuh52660

AP602 OEAP using invalid channels for E domain

CSCuh54131

Stand-by controller Reloading when power down the Active controller

CSCuh55612

OEAP: Evora WLAN client can't connect since client database is full

CSCuh55895

Controller: WiSM2 crashed when CNA began device discovery

CSCuh63491

"With RF profile created, certain clients are not able to join "

CSCuh67141

OEAP600 frequently disconnecting when joined to controller with HA pair

CSCuh81757

ap3500 crash with TLB Miss in sig_channel_stats()

CSCuh87654

AP 3600 fails to generate coredump

CSCuh98417

One-way audio issue seen on spectralink 8400