The manufacturer Cisco has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

New and Modified Software Features

New and Modified Software Features

Software-Defined Access (SDA) Restriction Update

  • Fabric in a Box (FIAB) is now supported from the 17.15.1 release.

SuiteB-1X and SuiteB-192-1X Support in FlexConnect Mode for WPA2 and WPA3
From Cisco IOS XE 17.15.1 onwards, Cisco WLAN FlexConnect mode supports enterprise authentication key management (AKM) — SuiteB-192-1X (AKM 12) and SuiteB-1X (AKM 11).
This feature supports the configuration of SuiteB-192-1X and SuiteB-1X in FlexConnect mode, and also supports Galois Counter Mode Protocol 128 (GCMP-128), GCMP-256, and Counter Cipher Mode with Block Chaining Message Authentication Code Protocol 256 (CCMP-256) ciphers for pairwise transport keys (PTK) and group temporal key (GTK) derivation in FlexConnect Local Authentication mode and FlexConnect Central Authentication mode.

Wi-Fi Protected Access (WPA3) Security Enhancements for Access Points
The following are the security enhancements developed in Cisco IOS XE 17.15.1, for APs:

  • GCMP-256 Cipher and SuiteB-192-1X AKM
  • SAE-EXT-KEY Support
  • AP Beacon Protection
  • Multiple Cipher Support per WLAN
  • Opportunistic Wireless Encryption (OWE) Support with GCMP-256 Cipher
    The following commands are introduced:
  • security wpa akm sae ext-key
  • security wpa akm ft sae ext-key
  • security wpa akm suiteb-192
  • security wpa akm suiteb
  • security wpa wpa2 ciphers
  • security wpa wpa3 beacon-protection

Tier B/C/D Country Support for Cisco Catalyst 9124 Outdoor Access Points
From this release, Cisco Catalyst 9124 Outdoor APs are supported in the following countries: Bosnia, Hong Kong, India, Indonesia, Israel, Jordan, Kuwait, Puerto Rico, Qatar, Saud Arabia, Singapore, South Africa, Taiwan, Turkey, and United Arab Emirates.

New and Modified GUI Features
SuiteB-1X and SuiteB-192-1X Support in FlexConnect Mode for WPA2 and WPA3
Configuration>Tags &Profiles >WLANs

Wi-Fi Protected Access (WPA3) Security Enhancements for Access Points
Configuration>Tags &Profiles >WLANs

Resolved Issues for Cisco IOS XE 17.15.1

  • CSCwh56566: Controller experiences flow monitor failure due to manual flow record parameters
  • CSCwh80060: Cisco Wave 2 APs connected to the controller are losing the FlexConnect WLAN-VLAN mapping
  • CSCwh81071: Slot 2 is down for GB country after performing factory reset
  • CSCwi16509: APs do not join the controller with invalid radio slot ID error
  • CSCwi22895: Controller becomes unresponsive within Radio Resource Management (RRM) service due to ReloadReason=Critical process rrm fault
  • CSCwi27380:Media stream feature does not work
  • CSCwi28382: Controller reloads unexpectedly due to Keymgmt: Failed to eapol key m1 retransmit failure
  • CSCwi55714: Controller unexpectedly reboots when handling NMSP TLS connection
  • CSCwi56780: MAC Authentication Bypass (MAB) is not initiated unless the client device is deauthenticated
  • CSCwi69251:Cisco Catalyst 9800-40 Wireless Controller becomes unresponsive on Critical process Radio Resource Management (RRM) fault on rp_0_0
  • CSCwi75759:Cisco Catalyst 9800-40 Wireless Controller reloads due to critical process WNCd fault
  • CSCwi99276: Controller does not have Network Access Control (NAC) in the policy profile configuration enabled on Prime Infrastructure
  • CSCwj08367: Cisco Catalyst 9800 Wireless Controller encounters unresponsiveness generating system report, segmentation fault - Process = IGMPSN
  • CSCwj09698 :Cisco Catalyst 9800 Wireless Controller encounters an unexpected reset in wncmgrd with a scaled setup while being managed by the Meraki Dashboard
  • CSCwj25187: Controller does not display the redundancy details on the Web-UI, only on the CLI
  • CSCwj26196: Controller encounters an unexpected reset while trying to validate the MAC address with the EWLC_APP_INFRA_ID_MAGIC
  • CSCwj31356: Controller reboots due to Radio Resource Management (RRM) process fault on rp_0_0 (rc=139)
  • CSCwj36962: Controller reboots unexpectedly due to invalid QoS parameters
  • CSCwj42408: Controller posture flow does not work when PMF is optional
  • CSCwj34379: Cisco Catalyst 9800-80 Wireless Controller encounters WNCd issues when accessing Crimson Database
  • CSCwj79545: Controller unexpectedly reboots during WNCd process due to assertation failure with invalid BSSID
  • CSCwj86938: Memory leak in scale network with telemetry shared user events with Cisco Catalyst Center
  • CSCwj93153: Controller becomes unresponsive during WNCd process
  • CSCwk05030: Controller becomes unresponsive due to critical software exception
  • CSCwj40202: Controller does not send RADIUS accounting messages WLAN with PSK/MAB authentication
  • CSCwj60910: Controller and PI report observe RRM message mismatch
  • CSCwh88246: AP does not allow you to apply URL filter after invalid configuration
  • CSCwi01382: 5-GHz and 2.4-GHz radios remain non-operational in an AP
  • CSCwj67158: Controller does not send mobile address to AP if the CoA is received when the user is in the ip_learn state
  • CSCwj72370: Controller uses incorrect username for "show platform" command when logging in GUI
  • CSCwi47294: Per client rate limit with FlexConnect AP is not functioning
  • CSCwi48980 Controller local password policy does not take effect on GUI login as expected
  • CSCwi50732: VLAN group support for DHCP and static IP clients feature does not work on FlexConnect Central Switching mode
  • CSCwi64010: Controller accepts the reserved IPv6 multicast address to be configured as a mobility multicast IPv6 address
  • CSCwi66582: Controller returns with error while uploading backup file with FTP on GUI
  • CSCwi69093: Controller GUI shows incorrect number of clients connected to the AP
  • CSCwj76892: Controller configures aggregation scheduler parameter incorrectly, causing low downlink speed
  • CSCwi83124: Pop-ups are not displayed correctly in dark mode in the controlle
  • CSCwj00465: Active controller becomes ActiveRecovery when the redundancy port link is down
  • CSCwj01446: Personal Identity Verification (PIV) authentication requires an additional backslash in the redirection URL to work successfully
  • CSCwj04177: AP undergoing Extensible Authentication Protocol (EAP) fails if the password is more than 31 characters
  • CSCwj15376: Cisco NMSP runs into security protocol issues
  • CSCwj25110: Controller reports incorrect values during SNMP polling
  • CSCwj77128: URL filter allows only letters as the first character
  • CSCwj33376: Incorrect selection of APs in load balancing
  • CSCwj94201: Controller experiences unresponsiveness CPUHOG
  • CSCwj6876: Enhanced URL is missing after FlexConnect AP CAPWAP flap
  • CSCwk35891: Controller experiences unresponsiveness after displaying "\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\clear ap geolocation derivation\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\" message
  • CSCwj42562: GUI does not display PC analytics statistics
  • CSCwk44459: Loadbalancer server holds incorrect AP IP address and stale entries
  • CSCwi44211: The "show run" command results are different from restore configuration
  • CSCwj29406: The "show ap summary sort descending client-count" command shows wrong client count
  • CSCwi29216: Unsupportive characters in the description field prevents re-sync
  • CSCwj83935: Controller shows tech X is empty when previous tech X term length stop didn't finish before SSH close
  • CSCwi70760: Controller encrypts ApDnaGlobalCfg token when the password encryption is configured using AES
  • CSCwj96620: Syntax errors observed in CISCO-LWAPP-DOT11-CLIENT-MIB
  • CSCwj96666: Syntax errors observed in CISCO-LWAPP-DOT11-MIB
  • CSCwj97107: Standby controller does not take active role after reloading the active controller with "reload slot" command
  • CSCwk02633: An RSA key pair is configured in the truspoint configuration when an EC keypair is selected when creating a trustpoint on the controller
  • CSCwk25182: Controller throws password policy alert while logging in GUI using TACACS+ credentials after upgrading to Cisco IOS XE 17.14
  • CSCwk28680: Controller unexpectedly reloads due to Cisco QuantumFlow Processor (QFP) ucode while updating the drop statistics
  • CSCwj33979: Output for the show ap summary command takes lengthy duration to complete

Open Issues for Cisco IOS XE 17.15.1

  • CSCwh63050: Controller sends IGMP queries without IP address and MAC address on Cisco IOS XE Cupertino 17.9.3
  • CSCwi04855: APs repeatedly join and disjoin controller with traceback
  • CSCwj39057: Cisco Catalyst 9130 AP experiences traffic loss and delays due to perceived channel utilization and interference
  • CSCwj42305: Client is unable to connect due to delete reason NACK_IFID_EXISTS
  • CSCwj80614: Clients are unable to connect due to assignment of IP address that is in use by stale client entry in device-tracking database in FlexConnect local switching
  • CSCwj83526: APs become non-operational when connected to Cisco Catalyst 9300 Switch via mGig port
  • CSCwj85091: Controller unexpectedly reloads while running the show wireless client mac-address detail command
  • CSCwj89538: Cisco Aironet 2802 AP fails to send reassociation response or association request
  • CSCwk05809: %EVENTLIB-3-CPUHOG message observed on Cisco IOS XE 17.12
  • CSCwk14917: Controller reloads unexpectedly
  • CSCwk17102: Client experiences unexpected disconnect due to missing M1 packet
  • CSCwk17667:Controller reboots due to high ODM memory consumption
  • CSCwk37983: Client VLAN is retained after changing SSIDs if \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"vlan-persistent\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\" is enabled
  • CSCwk39866:Client page is stuck in loading state
  • CSCwk46105: Controller experiences unexpected reloads with high WNCd memory
  • CSCwk48338: Cisco Catalyst 9130 does not accept clients on the 5 GHz band
  • CSCwk48634: FlexConnect local switching dropping upstream broadcast ARP from Android devices in data path in Cisco Catalyst 9130 AP
  • CSCwk52996: Cisco Catalyst 9120 AP unecpectedly reloads along with radio abnormalities on wlc_bmac_suspend_mac
  • CSCwk54291: Controller voice CAC BW is not cleared
  • CSCwk58326: Controller sends multicast packets with previous WMI
  • CSCwk61068: Controller unexpectedly reloads on 17.9.4 with reason "critical process WNCd fault"
  • CSCwk61854: Configuration update failure when AP is in delete pending state
  • CSCwk62836: Cisco Catalyst 9120 AP running on Cisco IOS XE Cupertino 17.9.5
  • CSCwk64235: URL filter incnsistency observed post modifciation
  • CSCwk66988: Cisco Catalyst 9130 experiences radio failure
Version: 17.15.1 Link
Receive Important Update Messages Stay tuned for upcoming Cisco Catalyst 9136 updates

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad