cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11630
Views
20
Helpful
36
Comments
Aaron
Cisco Employee
Cisco Employee

Update

As of 2-Dec-2022, the 8.10.181.3 Escalation Special has been superseded by the 8.10.182.0 public release.  8.10.181.3 will continue to be TAC supported, but customers should upgrade to 8.10.182.0 or above when convenient.

8.10.181.3, 8.10.182.0 and above contain the following bugfixes:

CSCwd37092 Slow TCP downloads, failing EAP-TLS in 8.10.181.0/17.3.6 - 2800/3800/4800/1562/6300 series
CSCwc78435 9130 sending incorrect channel list on out of band DFS event causing client connectivity issues

Comments
Rich R
VIP
VIP

Hi @Aaron - the subject line of CSCwc78435 refers to 9130 but the affected products shows all the COS-based APs.

Can you confirm if this ddts only affects 9130 as the subject line implies or whether it actually does affect all those APs as per the bug details please?

Aaron
Cisco Employee
Cisco Employee

@Rich R : this bug CSCwc78435 affects specifically the following AP models (no others):
9124, 9130, 9136, 916x

I've updated the bug's release note, should be publicly visible by Monday.  (I am working on a project to get our AP bugs' set of affected platforms better mapped in Bug Search Tool ... but it'll take me a while.)

Rich R
VIP
VIP

Thanks @Aaron 

Rich R
VIP
VIP

@Anonymous it depends which WLC you're using.  What model is your controller?
The original post above shows which file to download for each supported controller type.

Aaron
Cisco Employee
Cisco Employee

@Anonymous since you're running Mobility Express, you don't need to worry about CSCwd37092 (Slow TCP downloads, failing EAP-TLS in 8.10.181.0/17.3.6 - 2800/3800/4800/1562/6300 series), since your client is being locally switched, not carried in CAPWAP tunnels.

As far as Chrome giving you a hard time accessing the ME controller's https server ... well, modern browsers are determined to instill fear, uncertainty and doubt wrt server certificates.  One solution is just to use good old http port 80, which isn't vulnerable to those nasty, dangerous server certs that everyone needs to watch out for.  Another is to blindly type thisisunsafe into the Chrome (/Edge) warning screen.

Moudar
VIP
VIP

Hi,

Is there anyone who upgraded from 8.10.181 to 8.10.181.3 on 5520 WLC?

Any new bugs or problems?

Just now we are using 8.10.181 and all our 2800 series AP have the exact explained problem

Rich R
VIP
VIP

Well TCP MSS is a workaround for the slow TCP performance problem but if it's the 802.1x EAP authentication you're referring to then upgrade is the only option.

Moudar
VIP
VIP

Do we have the ability to downgrade from 8.10.181.3 back to 8.10.181, if that not work for some reason?

Rich R
VIP
VIP

@Anonymous 3800 requires 30W POE+ so it's up to you to make sure you provide the correct POE.  It also requires CDP or LLDP to work correctly.  Without CDP/LLDP it will default to POE at 15.4W and the radios will be turned off.

@Moudar downgrade is still possible - that's standard upgrade/downgrade procedure.  If you're not sure then you should test thoroughly as your deployment process should always include a rollback process.  This is not a major release so there are no special requirements for downgrading between the 2 releases.  For more significant downgrades always refer to the release notes for caveats.

Rich R
VIP
VIP

Sorry @Anonymous I don't understand what you're saying.

What did you update and what did you update it to?
What says connection failure etc?
Do you have logs or screenshots of these errors?

Rich R
VIP
VIP

That's a known issue due to Cisco changing their web certs.  AireOS does not recognise the new Identrust cert.

See https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb16632, https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd11225 and https://www.cisco.com/c/en/us/support/docs/field-notices/724/fn72415.html
"Cisco does not plan to fix this bug; the Cisco.com software upgrade method is no longer supported."

Gehrig_W
Level 1
Level 1

Hello Aaron,

thank You very much for this important information.

I'm just planning an upgrade to V8.10.181.0 to solve problem with 1000 brandnew delivered

9130-APs VID03 not joining our 5520-WLCs running on V8.10.171.0 and 9800-80-WLCs 17.3.4

https://www.cisco.com/c/en/us/support/docs/field-notices/724/fn72424.html

In this Field notice Cisco recommends to update to version 8.10.181.0

We are running also hundreds of 2800/3800 in this hospital and would be affected then by

CSCwd37092 Slow TCP downloads, failing EAP-TLS in 8.10.181.0/17.3.6 - 2800/3800/4800/1562/6300 series
CSCwc78435 9130 sending incorrect channel list on out of band DFS event causing client connectivity issues

Please update therefore also Your outdated Field Notice 72424 to avoid that customers are upgrading to

the malworking Version 8.10.181.0 first and are confronted with CSCwd37092 after solving 9130 VID03 not join WLC-issue

To be honest, It looks to me as if Your new code is no longer thorougly tested any more.

What a mess at Cisco

Greetings

Wini

 

 

 

 

Moudar
VIP
VIP

@Gehrig_W 

I have 5520 which is now running 8.10.181.3.

This special image was a good solution for the 2800 APs.

We don't have 9130, we have only 9120 which are running with 2800 APs at the same WLC without problems.

Maybe this can help you!

Rich R
VIP
VIP

@Moudar I think @Gehrig_W's point is that the FN still instructs people to use 8.10.181.0 but does not warn them of the Sev 1 bug in 8.10.181.0.  I agree that the field notice should be updated to say 8.10.181.3 and 17.3.6 + APSP and when fully fixed versions are released the field notice should be updated with those.

Aaron
Cisco Employee
Cisco Employee

Thanks for the feedback, @Gehrig_W , @Rich R - we will post a respin of 8.10.18x.0 to Cisco.com very soon, and will update the Field Notice accordingly.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: