Not a user yet?
Log in Register for free Suggest a product
The manufacturer Cisco has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

New and Modified Software Features

Catalyst 9136Catalyst 9136
Cisco
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

New and Modified Software Features

Software-Defined Access (SDA) Restriction Update

  • Fabric in a Box (FIAB) is now supported from the 17.15.1 release.

SuiteB-1X and SuiteB-192-1X Support in FlexConnect Mode for WPA2 and WPA3
From Cisco IOS XE 17.15.1 onwards, Cisco WLAN FlexConnect mode supports enterprise authentication key management (AKM) — SuiteB-192-1X (AKM 12) and SuiteB-1X (AKM 11).
This feature supports the configuration of SuiteB-192-1X and SuiteB-1X in FlexConnect mode, and also supports Galois Counter Mode Protocol 128 (GCMP-128), GCMP-256, and Counter Cipher Mode with Block Chaining Message Authentication Code Protocol 256 (CCMP-256) ciphers for pairwise transport keys (PTK) and group temporal key (GTK) derivation in FlexConnect Local Authentication mode and FlexConnect Central Authentication mode.

Wi-Fi Protected Access (WPA3) Security Enhancements for Access Points
The following are the security enhancements developed in Cisco IOS XE 17.15.1, for APs:

  • GCMP-256 Cipher and SuiteB-192-1X AKM
  • SAE-EXT-KEY Support
  • AP Beacon Protection
  • Multiple Cipher Support per WLAN
  • Opportunistic Wireless Encryption (OWE) Support with GCMP-256 Cipher
    The following commands are introduced:
  • security wpa akm sae ext-key
  • security wpa akm ft sae ext-key
  • security wpa akm suiteb-192
  • security wpa akm suiteb
  • security wpa wpa2 ciphers
  • security wpa wpa3 beacon-protection

Tier B/C/D Country Support for Cisco Catalyst 9124 Outdoor Access Points
From this release, Cisco Catalyst 9124 Outdoor APs are supported in the following countries: Bosnia, Hong Kong, India, Indonesia, Israel, Jordan, Kuwait, Puerto Rico, Qatar, Saud Arabia, Singapore, South Africa, Taiwan, Turkey, and United Arab Emirates.

New and Modified GUI Features
SuiteB-1X and SuiteB-192-1X Support in FlexConnect Mode for WPA2 and WPA3
Configuration>Tags &Profiles >WLANs

Wi-Fi Protected Access (WPA3) Security Enhancements for Access Points
Configuration>Tags &Profiles >WLANs

Resolved Issues for Cisco IOS XE 17.15.1

  • CSCwh56566: Controller experiences flow monitor failure due to manual flow record parameters
  • CSCwh80060: Cisco Wave 2 APs connected to the controller are losing the FlexConnect WLAN-VLAN mapping
  • CSCwh81071: Slot 2 is down for GB country after performing factory reset
  • CSCwi16509: APs do not join the controller with invalid radio slot ID error
  • CSCwi22895: Controller becomes unresponsive within Radio Resource Management (RRM) service due to ReloadReason=Critical process rrm fault
  • CSCwi27380:Media stream feature does not work
  • CSCwi28382: Controller reloads unexpectedly due to Keymgmt: Failed to eapol key m1 retransmit failure
  • CSCwi55714: Controller unexpectedly reboots when handling NMSP TLS connection
  • CSCwi56780: MAC Authentication Bypass (MAB) is not initiated unless the client device is deauthenticated
  • CSCwi69251:Cisco Catalyst 9800-40 Wireless Controller becomes unresponsive on Critical process Radio Resource Management (RRM) fault on rp_0_0
  • CSCwi75759:Cisco Catalyst 9800-40 Wireless Controller reloads due to critical process WNCd fault
  • CSCwi99276: Controller does not have Network Access Control (NAC) in the policy profile configuration enabled on Prime Infrastructure
  • CSCwj08367: Cisco Catalyst 9800 Wireless Controller encounters unresponsiveness generating system report, segmentation fault - Process = IGMPSN
  • CSCwj09698 :Cisco Catalyst 9800 Wireless Controller encounters an unexpected reset in wncmgrd with a scaled setup while being managed by the Meraki Dashboard
  • CSCwj25187: Controller does not display the redundancy details on the Web-UI, only on the CLI
  • CSCwj26196: Controller encounters an unexpected reset while trying to validate the MAC address with the EWLC_APP_INFRA_ID_MAGIC
  • CSCwj31356: Controller reboots due to Radio Resource Management (RRM) process fault on rp_0_0 (rc=139)
  • CSCwj36962: Controller reboots unexpectedly due to invalid QoS parameters
  • CSCwj42408: Controller posture flow does not work when PMF is optional
  • CSCwj34379: Cisco Catalyst 9800-80 Wireless Controller encounters WNCd issues when accessing Crimson Database
  • CSCwj79545: Controller unexpectedly reboots during WNCd process due to assertation failure with invalid BSSID
  • CSCwj86938: Memory leak in scale network with telemetry shared user events with Cisco Catalyst Center
  • CSCwj93153: Controller becomes unresponsive during WNCd process
  • CSCwk05030: Controller becomes unresponsive due to critical software exception
  • CSCwj40202: Controller does not send RADIUS accounting messages WLAN with PSK/MAB authentication
  • CSCwj60910: Controller and PI report observe RRM message mismatch
  • CSCwh88246: AP does not allow you to apply URL filter after invalid configuration
  • CSCwi01382: 5-GHz and 2.4-GHz radios remain non-operational in an AP
  • CSCwj67158: Controller does not send mobile address to AP if the CoA is received when the user is in the ip_learn state
  • CSCwj72370: Controller uses incorrect username for "show platform" command when logging in GUI
  • CSCwi47294: Per client rate limit with FlexConnect AP is not functioning
  • CSCwi48980 Controller local password policy does not take effect on GUI login as expected
  • CSCwi50732: VLAN group support for DHCP and static IP clients feature does not work on FlexConnect Central Switching mode
  • CSCwi64010: Controller accepts the reserved IPv6 multicast address to be configured as a mobility multicast IPv6 address
  • CSCwi66582: Controller returns with error while uploading backup file with FTP on GUI
  • CSCwi69093: Controller GUI shows incorrect number of clients connected to the AP
  • CSCwj76892: Controller configures aggregation scheduler parameter incorrectly, causing low downlink speed
  • CSCwi83124: Pop-ups are not displayed correctly in dark mode in the controlle
  • CSCwj00465: Active controller becomes ActiveRecovery when the redundancy port link is down
  • CSCwj01446: Personal Identity Verification (PIV) authentication requires an additional backslash in the redirection URL to work successfully
  • CSCwj04177: AP undergoing Extensible Authentication Protocol (EAP) fails if the password is more than 31 characters
  • CSCwj15376: Cisco NMSP runs into security protocol issues
  • CSCwj25110: Controller reports incorrect values during SNMP polling
  • CSCwj77128: URL filter allows only letters as the first character
  • CSCwj33376: Incorrect selection of APs in load balancing
  • CSCwj94201: Controller experiences unresponsiveness CPUHOG
  • CSCwj6876: Enhanced URL is missing after FlexConnect AP CAPWAP flap
  • CSCwk35891: Controller experiences unresponsiveness after displaying "\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\clear ap geolocation derivation\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\" message
  • CSCwj42562: GUI does not display PC analytics statistics
  • CSCwk44459: Loadbalancer server holds incorrect AP IP address and stale entries
  • CSCwi44211: The "show run" command results are different from restore configuration
  • CSCwj29406: The "show ap summary sort descending client-count" command shows wrong client count
  • CSCwi29216: Unsupportive characters in the description field prevents re-sync
  • CSCwj83935: Controller shows tech X is empty when previous tech X term length stop didn't finish before SSH close
  • CSCwi70760: Controller encrypts ApDnaGlobalCfg token when the password encryption is configured using AES
  • CSCwj96620: Syntax errors observed in CISCO-LWAPP-DOT11-CLIENT-MIB
  • CSCwj96666: Syntax errors observed in CISCO-LWAPP-DOT11-MIB
  • CSCwj97107: Standby controller does not take active role after reloading the active controller with "reload slot" command
  • CSCwk02633: An RSA key pair is configured in the truspoint configuration when an EC keypair is selected when creating a trustpoint on the controller
  • CSCwk25182: Controller throws password policy alert while logging in GUI using TACACS+ credentials after upgrading to Cisco IOS XE 17.14
  • CSCwk28680: Controller unexpectedly reloads due to Cisco QuantumFlow Processor (QFP) ucode while updating the drop statistics
  • CSCwj33979: Output for the show ap summary command takes lengthy duration to complete

Open Issues for Cisco IOS XE 17.15.1

  • CSCwh63050: Controller sends IGMP queries without IP address and MAC address on Cisco IOS XE Cupertino 17.9.3
  • CSCwi04855: APs repeatedly join and disjoin controller with traceback
  • CSCwj39057: Cisco Catalyst 9130 AP experiences traffic loss and delays due to perceived channel utilization and interference
  • CSCwj42305: Client is unable to connect due to delete reason NACK_IFID_EXISTS
  • CSCwj80614: Clients are unable to connect due to assignment of IP address that is in use by stale client entry in device-tracking database in FlexConnect local switching
  • CSCwj83526: APs become non-operational when connected to Cisco Catalyst 9300 Switch via mGig port
  • CSCwj85091: Controller unexpectedly reloads while running the show wireless client mac-address detail command
  • CSCwj89538: Cisco Aironet 2802 AP fails to send reassociation response or association request
  • CSCwk05809: %EVENTLIB-3-CPUHOG message observed on Cisco IOS XE 17.12
  • CSCwk14917: Controller reloads unexpectedly
  • CSCwk17102: Client experiences unexpected disconnect due to missing M1 packet
  • CSCwk17667:Controller reboots due to high ODM memory consumption
  • CSCwk37983: Client VLAN is retained after changing SSIDs if \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"vlan-persistent\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\" is enabled
  • CSCwk39866:Client page is stuck in loading state
  • CSCwk46105: Controller experiences unexpected reloads with high WNCd memory
  • CSCwk48338: Cisco Catalyst 9130 does not accept clients on the 5 GHz band
  • CSCwk48634: FlexConnect local switching dropping upstream broadcast ARP from Android devices in data path in Cisco Catalyst 9130 AP
  • CSCwk52996: Cisco Catalyst 9120 AP unecpectedly reloads along with radio abnormalities on wlc_bmac_suspend_mac
  • CSCwk54291: Controller voice CAC BW is not cleared
  • CSCwk58326: Controller sends multicast packets with previous WMI
  • CSCwk61068: Controller unexpectedly reloads on 17.9.4 with reason "critical process WNCd fault"
  • CSCwk61854: Configuration update failure when AP is in delete pending state
  • CSCwk62836: Cisco Catalyst 9120 AP running on Cisco IOS XE Cupertino 17.9.5
  • CSCwk64235: URL filter incnsistency observed post modifciation
  • CSCwk66988: Cisco Catalyst 9130 experiences radio failure
Version: 17.15.1 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Cisco Catalyst 9136 updates

More from the IT Infrastructure section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad