Added links to Virtual Assistance and Cisco Business Dashboard (CBD) Product Web Page
What's New
GUI
Added in GUI to the Virtual Assistance and to the CBD Product Web page:
- As icons on the Mast page.
- As Other Resources hyperlinks on the Getting Started page.
CBD Probe Version
The CBD probe version was updated to 2.6.1.20231011 (from version 2.6.0.20230314 in release 3.3.
OpenSSL Version Upgrade
OpenSSL version was upgraded to version OpenSSL 1.1.1w (from version OpenSSL 1.1.1q in release 3.3).
Updates TLS Ciphers List
The following CBC based ciphers are no longer supported in release 3.4
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA
Therefore the list of supported ciphers in release 3.4 is:
TLS 1.2 ciphers:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1)
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1)
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1)
- TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 3072)
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_128_GCM_SHA256
TLS 1.3 ciphers: - TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384
Resolved Issues
CSCwc24759
The Global PoE Power consumption does not match the per port calculation is displayed in CLI and GUI.
CSCwe92236
In some cases binding to port fails for an ACL that containing multiple rules with TCP/UDP port range.
CSCwf13332
Can't use a period (.) in the GUI when configuring DHCP Server Option 66 text field.
CSCwe25855
Link flapping may occur when inserting the GLC-TE v03 S/N prefix ACWxxxxx.
CSCvx44260
Connection toPNPserver failsifPNPserver addressis configured asIPv6 Link Local address.
CSCwd42686
If an interface is not a member of the native trunk VLAN, it will generate a "native VLAN mismatch" syslog even though the link partner has the same configuration
CSCwa31487
Traffic is blocked on an interface if the IP source guards is enabled on the port and in addition an IPv6 ACL is applied to the same interface.
CSCwd05831
Traffic on standby unit is blocked in case BPDU guard is enabled on multiple interfaces and a stack topology change occurs.
CSCwd59630
The passwords in RADIUS server users are displayed in cleartext in the show running command.
CSCwe07075
When 802.1x is used for a VLAN assignment (DVA) and a guest VLAN is enabled, after a while some ports may incorrectly assign a client to the guest VLAN even though they've successfully authenticated.
CSCwd67981
Following active unit failure, the uplink ports on the standby unit, move to the down state and don’t pass traffic.
CSCwf48882
In some cases an ACE configured on a VLAN will be applied to an interface on the active unit only after the active unit is reloaded.
CSCwf66976
UDP port 5353 stays open even though Bonjour is disabled
CSCwh59622
Device does not present login prompt following reload in case certain DNSclient configurations are present in the startup config file.
CSCwi35929
The SSH Connection to the DUT fails with a Key exchange algorithm of RSA-SHA2-512 and RSA-SHA2-256.
CSCwi54917
Green Ethernet energy detection - it is not possible to enable on 10G ports via the GUI.
CSCwi54919
SSH-client terminal session stuck with Bitvise SSH-Server.
CSCwi54921
No PNP CA bundle present after a factory default reset.
Known Issues
CSCwh06602
CBS350 - dot1x mac address table issue when STP is disabled but STP mode is PVST or RPVST