Cisco Cisco Aironet 1200 Access Point Release Notes
19
Release Notes for Cisco Aironet 350, 1100, 1130AG, 1200 and 1230AG Series Access Points for Cisco IOS Release 12.3(4)JA2
OL-10198-01
Caveats
•
CSCsa71233—When you configure an 1100 series access point for LEAP authentication and hot
standby, the standby access point sometimes reboots when it authenticates to the monitored access
point. After it reboots it operates correctly in standby mode.
standby, the standby access point sometimes reboots when it authenticates to the monitored access
point. After it reboots it operates correctly in standby mode.
•
CSCsa74148—Existing SSIDs become invalid when you configure VLANs for the first time. When
no VLANs are configured, encryption is applied to the radio interface, but when you configure
VLANs, encryption is applied to the VLANs.
no VLANs are configured, encryption is applied to the radio interface, but when you configure
VLANs, encryption is applied to the VLANs.
•
CSCsa74153—WPAv2 accounting start/stop records sometimes appear in the ACS 3.3 RADIUS
accounting log with the client card MAC address as the username instead of the real username.
accounting log with the client card MAC address as the username instead of the real username.
•
CSCsa75865—The radio interface sometimes fails and reloads firmware when multiple BSSIDs are
enabled and the beacon period is configured for the minimum setting, 20 kilomicroseconds.
enabled and the beacon period is configured for the minimum setting, 20 kilomicroseconds.
Workaround: Increase the beacon period.
•
CSCsa76662—When multiple BSSIDs are configured, the access point does not send the secondary
SSIDL information element (IE) in beacons. However, the access point still sends the SSIDL IE in
broadcast probe responses.
SSIDL information element (IE) in beacons. However, the access point still sends the SSIDL IE in
broadcast probe responses.
Workaround: If multiple BSSIDs are configured on the access point, disable the SSIDL feature.
•
CSCsa76923—During an access point radio scan controlled by WLSE, the access point sometimes
sends out several deauthentication frames with zero MAC addresses in the source and BSSID fields.
This problem wastes bandwidth on the wireless LAN but has no other adverse effects.
sends out several deauthentication frames with zero MAC addresses in the source and BSSID fields.
This problem wastes bandwidth on the wireless LAN but has no other adverse effects.
•
CSCsa77487—After an access point radio scan controlled by a WLSE running software release
2.11, the transmit power is sometimes set to -1 dBm on the RM22A 802.11a radio module in 1200
series access points and the 802.11a radio in 1130AG access points. The problem occurs after an
active access point scan, which starts when you select run now on the WLSE interface. The problem
does not occur after scheduled scans. You must manually reconfigure the transmit power setting on
the affected radio.
2.11, the transmit power is sometimes set to -1 dBm on the RM22A 802.11a radio module in 1200
series access points and the 802.11a radio in 1130AG access points. The problem occurs after an
active access point scan, which starts when you select run now on the WLSE interface. The problem
does not occur after scheduled scans. You must manually reconfigure the transmit power setting on
the affected radio.
Resolved Caveats in Cisco IOS Release 12.3(4)JA2
The following caveats are resolved in Cisco IOS Release 12.3(4)JA2:
•
CSCsd44941—802.11g radio in AP1130 and AP1240 no longer loses connectivity with clients.
•
CSCsc64976
A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically
generated output, such as the output from a show buffers command, will be passed to the browser
requesting the page. This HTML code could be interpreted by the client browser and potentially
execute malicious commands against the device or other possible cross-site scripting attacks.
Successful exploitation of this vulnerability requires that a user browse a page containing dynamic
content in which HTML commands have been injected.
generated output, such as the output from a show buffers command, will be passed to the browser
requesting the page. This HTML code could be interpreted by the client browser and potentially
execute malicious commands against the device or other possible cross-site scripting attacks.
Successful exploitation of this vulnerability requires that a user browse a page containing dynamic
content in which HTML commands have been injected.
Cisco will be making free software available to address this vulnerability for affected customers.
There are workarounds available to mitigate the effects of the vulnerability.
There are workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at the following URL: