Release Notes for Cisco Aironet 350, 1100, 1130AG, 1200 and 1230AG Series Access Points for Cisco IOS Release 12.3(4)JA2 April 3, 2006 These release notes describe features, enhancements, and caveats for Cisco IOS Release 12.3(4)JA2. They also provide important information about Cisco Aironet 350, 1100, 1130AG, 1200, and 1230AG series access points.
Introduction Introduction The Cisco Aironet Access Point is a wireless LAN transceiver that acts as the connection point between wireless and wired networks or as the center point of a standalone wireless network. In large installations, the roaming functionality provided by multiple access points enables wireless users to move freely throughout the facility while maintaining uninterrupted access to the network.
System Requirements Finding the IOS Software Version To find the version of IOS software running on your access point, use a Telnet session to log into the access point and enter the show version EXEC command. This example shows command output from an access point running Cisco IOS Release 12.2(15)JA: ap1200>show version Cisco Internetwork Operating System Software IOS (tm) C1200 Software (C1200-K9W7-M), Version 12.2(15)JA Copyright (c) 1986-2004 by Cisco Systems, Inc.
System Requirements the radios are enabled. However, after the access point reboots the upgrade is complete and the access point operates normally. To prevent the access point from rebooting unexpectedly, disable the radio interfaces before upgrading software. Follow these steps to disable the radio interfaces using the web-browser interface: Step 1 Browse to the Network Interfaces: Radio Settings page. Figure 1 shows the top portion of the Network Interfaces: Radio Settings page.
System Requirements Converting to Cisco IOS Software If your 350 or 1200 series access point does not run IOS software, you can use the conversion utility or the conversion upgrade image to convert the access point system to IOS software. Use the conversion utility to maintain the current configuration after the conversion, or load the upgrade image to convert to IOS software without saving the current configuration.
Updates to Existing Features Top Assembly Part Number: 000-00000-00 Top Assembly Serial Number: Top Revision Number: Product/Model Number: AIR-AP352-IOS-UPGRD Updates to Existing Features Table 1 lists updates to existing features in Cisco IOS Release 12.2(15)XR and earlier. Cisco IOS Software Release 12.3(4)JA includes these updates for these features and platforms. Table 1 Updates to Existing Features in Cisco IOS Release 12.
New Features 2. Supported only on units that contain 802.11g radios or RM21/22A 5-GHz radio modules. Support for Multiple Basic Service Set IDs This feature permits a single access point to appear to the WLAN as multiple virtual access points. It does this by assigning an access point with multiple Basic Service Set IDs (MBSSIDs) or MAC addresses. To determine whether a radio supports multiple basic SSIDs, enter the show controllers command for the radio interface.
Installation Notes WGB Mode on 1200 Series Access Points This feature allows 1200 series access points to support Work Group Bridge (WGB) functionality on either the 802.11b/g or 802.11a radio. This release does not contain new features. It supports the features introduced in Cisco IOS Release 12.3(4)JA. Click this link to browse to the release notes for Cisco IOS Release 12.3(4)JA: http://www.cisco.com/en/US/docs/wireless/access_point/ios/release/notes/b34jarn.
Installation Notes Caution Cisco Aironet power injectors are designed for use with Cisco Aironet access points and bridges only. Do not use the power injector with any other Ethernet-ready device. Using the power injector with other Ethernet-ready devices can damage the equipment.
Installation Notes Using the AC Power Adapter If you use the AC power adapter to provide power to the 1130AG access point, you do not need to adjust the access point configuration. Using a Switch Capable of IEEE 802.3af Power Negotiation If you use a switch to provide Power over Ethernet (PoE) to the 1130AG access point and the switch supports the IEEE 802.3af power negotiation standard, select Power Negotiation on the System Software: System Configuration page.
Important Notes Antenna Installation For instructions on the proper installation and grounding of external antennas for 1200 series access points, refer to the National Fire Protection Association’s NFPA 70, National Electrical Code, Article 810, and the Canadian Standards Association’s Canadian Electrical Code, Section 54. Warning Do not install the antenna near overhead power lines or other electric light or power circuits, or where it can come into contact with such circuits.
Important Notes Some Devices Disassociate When Multiple BSSIDs Are Added or Deleted Devices on your wireless LAN that are configured to associate to a specific access point based on the access point MAC address (such as client devices, repeaters, hot standby units, or workgroup bridges) might lose their association when you add or delete a multiple BSSID. When you add or delete a multiple BSSID, check the association status of devices configured to associate to a specific access point.
Important Notes Table 3 Transmit Power Settings Assigned to New Radio Modules Power Settings in mW Power Setting Assigned to New Radio Module 5 5 dBm (approximately 3 mW) 10 maximum (17 dBm) 20 maximum 40 maximum GRE Tunnelling Through WLSM Sometimes Requires MTU Setting Adjustments If client devices on your wireless LAN cannot use certain network applications or cannot browse to Internet sites, you might need to adjust the MTU setting on the client devices or other network devices.
Important Notes Transmit Power Set to Maximum When You Install 802.11g Radio When you replace the 802.11b radio in a 1200 series access point with an 802.11g radio, the 802.11g radio is set to the maximum transmit power allowed in your regulatory domain regardless of the power setting configured on the 802.11b radio. After you install the 802.11g radio and the access point reboots, configure the 802.11g radio to the preferred transmit power.
Important Notes Mask Field on IP Filters Page Behaves the Same As in CLI In Cisco IOS Release 12.2(8)JA and later, the mask that you enter in the Mask field on the IP Filters page in the access point GUI behaves the same way as a mask that you enter in the CLI. If you enter 255.255.255.255 as the mask, the access point accepts any IP address. If you enter 0.0.0.0, the access point looks for an exact match with the IP address that you entered in the IP Address field.
Important Notes 1100 Series Access Points with Boot Loader Version 12.2(4)JA Boot into Monitor Mode When the Ethernet port is disabled on an 1100 series access point running boot loader version 12.2(4)JA, the access point boots into monitor mode when it reboots. To avoid this problem, connect the access point Ethernet port to one of the following: • a wired LAN • the Ethernet port on a PC Remove power from the access point and reapply power to reboot the unit.
Important Notes Pings and Link Tests Sometimes Fail to Clients with Both Wired and Wireless Network Connections When you ping or run a link test from an access point to a client device installed in a PC running Microsoft Windows 2000, the ping or link test sometimes fails when the client has both wired and wireless connections to the LAN. Microsoft does not recommend this configuration. For more information, refer to Microsoft Knowledge Base article 157025 at this URL: http://support.microsoft.com/default.
Caveats Caveats This section lists open caveats in Cisco IOS Release 12.3(4)JA and resolved caveats in Cisco IOS Releases 12.3(4)JA, 12.3(4)JA1, and 12.3(4)JA2. Open Caveats These caveats are open in Cisco IOS Release 12.3(4)JA: • CSCeb52431—When logging into a TACACS+ server, 1100 series access points sometimes send hundreds of additional authentication requests to the server after a successful authentication.
Caveats • CSCsa71233—When you configure an 1100 series access point for LEAP authentication and hot standby, the standby access point sometimes reboots when it authenticates to the monitored access point. After it reboots it operates correctly in standby mode. • CSCsa74148—Existing SSIDs become invalid when you configure VLANs for the first time. When no VLANs are configured, encryption is applied to the radio interface, but when you configure VLANs, encryption is applied to the VLANs.
Caveats • CSCee45312 Remote Authentication Dial In User Service (RADIUS) authentication on a device that is running certain versions of Cisco Internetworking Operating System (IOS) and configured with a fallback method to none can be bypassed. Systems that are configured for other authentication methods or that are not configured with a fallback method to none are not affected. Only the systems that are running certain versions of Cisco IOS are affected.
Caveats • CSCef50742—Clients no longer fail 802.1X authentication through Cisco Catalyst 2950 and 3750 switches due to changing State (24) Field values. • CSCef60659—A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available.
Caveats • CSCeh08952—Access points now correctly filter traffic through the TCP port when an IP filter is configured. • CSCeh09384—Access points with 5-GHz radios no longer display this error when a client device associates using WPA-LEAP: *Mar 1 00:55:20.083: %DOT11-4-TKIP_MIC_FAILURE_REPORT: Received TKIP Michael MIC failure report from the station 000a.b7df.1943 on the packet (TSC=0x7507000000000000) encrypted and protected by group key.
Troubleshooting The disclosure of these vulnerabilities is being coordinated by the National Infrastructure Security Coordination Centre (NISCC), based in the United Kingdom. NISCC is working with multiple vendors whose products are potentially affected. Its posting can be found at the following URL: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en. • CSCsa57777—The no speed command now removes the data rates that you specify from the configuration.
Related Documentation Related Documentation This section lists documents related to Cisco IOS Release 12.2(15)JA and to 350, 1100, and 1200 series access points. • Cisco Aironet Conversion Tool for Cisco IOS Software, 2.
