Cisco Cisco 4404 Wireless LAN Controller Release Notes
28
Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 3.2.202.0
OL-15156-01
Caveats
•
CSCsb01983—The controller web configuration wizard is not reachable after making repeated
invalid entries for the management interface port. If an operator connects to the wizard on address
192.168.1.1 and enters an invalid port number on the Management Interface page, the operator is
redirected at the end of the wizard to the Management Interface page to correct the port. If the
operator enters an incorrect port and submits, the wizard becomes inaccessible.
invalid entries for the management interface port. If an operator connects to the wizard on address
192.168.1.1 and enters an invalid port number on the Management Interface page, the operator is
redirected at the end of the wizard to the Management Interface page to correct the port. If the
operator enters an incorrect port and submits, the wizard becomes inaccessible.
Workaround: Reboot the controller through the CLI to access the wizard again.
•
CSCsb07168—The AP1000 802.11a radio experiences a very low receive packet count when the
receive RSSI is –75 dBm.
receive RSSI is –75 dBm.
Workaround: None.
•
CSCsb55597—The access point’s output power may change after you modify a mandatory data rate.
Workaround: None.
•
CSCsc70484—Most IPSec VPN clients start using the new security association (SA) immediately
upon rekeying. However, the Cisco VPN Client continues to use the old SA for some time before
switching to the new one, which results in packet loss until the client switches over.
upon rekeying. However, the Cisco VPN Client continues to use the old SA for some time before
switching to the new one, which results in packet loss until the client switches over.
Workaround: Use these WLAN settings on the controller to ensure that the client controls when the
rekey process takes effect and the controller responds to the client for the phase 1 SA rekey:
rekey process takes effect and the controller responds to the client for the phase 1 SA rekey:
–
Session Timeout: 0 seconds
–
Layer 3 Security: IPsec
–
IPsec Authentication: HMAC SHA1
–
IPsec Encryption: AES (If you choose 3DES, configure the IPsec lifetime to a value greater than
the expected duration of the client session.)
the expected duration of the client session.)
–
IKE Phase 1: Aggressive
–
Lifetime: 43200 to 57600 seconds (12 to 16 hours)
–
IKE Diffie Hellman Group: Group 2 (1024 bits)
•
CSCsc77157—Multiple 4100 series controllers may simultaneously reset without crash files or
message log entries being generated.
message log entries being generated.
Workaround: None.
•
CSCsc92354—The Security > MAC Filtering page on the controller GUI shows MAC address filters
in this format: XX:XX:XX:XX:XX:XX, which differs from the Cisco standard format of
XXXX:XXXX:XXXX.
in this format: XX:XX:XX:XX:XX:XX, which differs from the Cisco standard format of
XXXX:XXXX:XXXX.
Workaround: None.
•
CSCsd44612—Multicast is failing when traffic is passed between two wireless clients on access
points directly connected to 2006.
points directly connected to 2006.
Workaround: None.
•
CSCse15932—The 4404 controller may reboot if the TimerTickTask software fails.
Workaround: None.
•
CSCse30514—When an LWAPP-enabled AP1100 or AP1200 first connects to a controller, the
secondary controller name on the All APs > Details page in the controller GUI is not blank. The
output of the show ap config general command also shows that the secondary controller name is
not blank.
secondary controller name on the All APs > Details page in the controller GUI is not blank. The
output of the show ap config general command also shows that the secondary controller name is
not blank.
Workaround: None.