Cisco Cisco Aironet 1310 Access Point Bridge Release Notes
6
Release Notes for Cisco Aironet Access Points for Cisco IOS Release 12.3(11)JA4
OL-14258-01
Caveats
•
CSCse41589—Workgroup bridge fails to get a DHCP IP address after a successful EAP-FAST
authentication to the root access point
authentication to the root access point
The workgroup bridge is able to ping the root access point and wired host if BVI1 is assigned with
a static IP address. Occasionally, the workgroup bridge is assigned a DHCP IP address after a long
period of time (about 15 to 20 minutes).
a static IP address. Occasionally, the workgroup bridge is assigned a DHCP IP address after a long
period of time (about 15 to 20 minutes).
The failure to obtain a DHCP IP address is not observed when the the workgroup bridge uses LEAP
authentication.
authentication.
•
CSCse42464—Access point fails to retrieve certificate from certificate authority server using GUI
Certificate is obtained correctly when using the CLI.
•
CSCse48448—Workgroup bridge non-native VLAN configuration blocks switch native VLAN port
The workgroup bridge are associated to the root access point but the switch port (VLAN1) is blocked
by spanning-tree with the following error message:
by spanning-tree with the following error message:
3750Switch#
3w2d: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 2 on
GigabitEthernet1/0/1 VLAN1.
3w2d: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking GigabitEthernet1/0/1 on VLAN0001.
Inconsistent local vlan.
3750Switch#
•
CSCse09744—SSID config page for NAC for MBSSID on the GUI does not have the ability to tie
a VLAN name to the VLAN in the SSID configuration page
a VLAN name to the VLAN in the SSID configuration page
On the SSID page, the VLAN fields exists but no fields exist to link the VLAN name. To add a
VLAN name associated with the VLAN requires navigating to the Services VLAN page.
VLAN name associated with the VLAN requires navigating to the Services VLAN page.
Resolved Caveats
These caveats are resolved in Cisco IOS Release 12.3(11)JA4:
•
CSCse56501
A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be
subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the
device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP)
services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the
device. Packets that are routed throughout the router can not trigger this vulnerability. Successful
exploitation will prevent the interface from receiving any additional traffic. The only exception is
Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be affected.
subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the
device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP)
services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the
device. Packets that are routed throughout the router can not trigger this vulnerability. Successful
exploitation will prevent the interface from receiving any additional traffic. The only exception is
Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be affected.
Cisco is providing fixed software to address this issue. There are workarounds available to mitigate
the effects of the vulnerability.
the effects of the vulnerability.
This advisory is posted at
.
•
CSCsj44081—Cisco IOS Software has been enhanced with the introduction of additional software
checks to signal improper use of data structures. This feature has been introduced in select Cisco
IOS Software releases published after April 5, 2007.
checks to signal improper use of data structures. This feature has been introduced in select Cisco
IOS Software releases published after April 5, 2007.
Details: The %DATACORRUPTION-1-DATAINCONSISTENCY error message is preceded by a
timestamp: May 17 10:01:27.815 UTC: %DATACORRUPTION-1-DATAINCONSISTENCY: copy
error. The error message is then followed by a traceback.
timestamp: May 17 10:01:27.815 UTC: %DATACORRUPTION-1-DATAINCONSISTENCY: copy
error. The error message is then followed by a traceback.