Cisco Aironet 1400 Series

Table Of Contents

Release Notes for Cisco Aironet 1410 Bridges
for Cisco IOS Release 12.2(11)JA3

Contents

Introduction

System Requirements

Finding the Software Version

Upgrading to a New Software Release

Installation Notes

Warnings

Safety Information

FCC Safety Compliance Statement

Safety Precautions

Bridge Installation

Stacking Bridges

Important Notes

Default Encryption Key 2 Is Set by Bridge

Limitation to PAgP Redundancy on Switches Connected by Bridge Links

Power Client n CLI Command Is Not Supported

Default Infrastructure SSID

ARP Table Is Corrupted When Multiple BVIs Are Configured

Bridge Power Up LED Colors

Caveats

Open Caveats

Resolved Caveats

Troubleshooting

Documentation Updates

Stacking Bridges Section Changes

Related Documentation

Obtaining Documentation

Cisco.com

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco Technical Support Website

Submitting a Service Request

Definitions of Service Request Severity

Obtaining Additional Publications and Information

Release Notes for Cisco Aironet 1410 Bridges
for Cisco IOS Release 12.2(11)JA3

---

April 15, 2004

These release notes describe caveats for Cisco IOS Release 12.2(11)JA3. They also provide important information about the Cisco Aironet 1410 Bridge (hereafter called bridge).

Contents

These release notes contain the following sections:

•Introduction

•System Requirements

•Installation Notes

•Important Notes

•Caveats

•Troubleshooting

•Related Documentation

•Obtaining Documentation

•Documentation Feedback

•Obtaining Technical Assistance

•Obtaining Additional Publications and Information

Introduction

The Cisco Aironet 1400 Series Bridge is a wireless device designed for building-to-building wireless connectivity. Operating in the 5.8-GHz UNII 3 band (5725 to 5825 MHz), derived from the 802.11a standard, the bridge delivers 6 to 54 Mbps data rates without the need for a license. The bridge is a self-contained unit designed for outdoor installations, providing differing antenna gains as well as coverage patterns and supports both point-to-point and point-to-multipoint configurations.

The bridge uses a browser-based management system, but you can also configure the bridge using the command-line interface (CLI) through a Telnet session, Cisco IOS commands, or Simple Network Management Protocol (SNMP).

System Requirements

You should install Cisco IOS Release 12.2(11)JA3 on your bridge to incorporate the fixes identified in the Resolved Caveats section.

Finding the Software Version

To find the version of Cisco IOS software running on your bridge, use a Telnet session to log into the bridge and enter the show version EXEC command. This example shows command output from a bridge running Cisco IOS Release 12.2(11)JA2:

bridge> show version

Cisco Internetwork Operating System Software

IOS (tm) C1410 Software (C1410-K9W7-M), Version 12.2(11)JA2

Copyright (c) 1986-2003 by Cisco Systems, Inc.

You can also find the software version on the System Software Version page in the bridge's web-browser interface.

Upgrading to a New Software Release

For instructions on installing bridge software:

1. Follow this link to the Cisco Aironet documentation home page:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/index.htm

2. Follow this path to the product, document, and chapter:
Aironet 1400 Series Wireless LAN Products > Cisco Aironet 1400 Series Bridge > Cisco Aironet 1400 Series Bridge Software Configuration Guide > Managing Firmware and Configurations > Working with Software Images

3. Click this link to browse to the Cisco IOS Software Center on Cisco.com:

http://www.cisco.com/public/sw-center/sw-ios.shtml

Log into Cisco.com to use the Cisco IOS Upgrade Planner.

Installation Notes

This section contains important information to keep in mind when installing your bridge.

Warnings

---

Warning This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents.

---

---

Warning Only trained and qualified personnel should be allowed to install, replace, or service this equipment.

---

---

Warning Do not locate the antenna near overhead power lines or other electric light or power circuits, or where it can come into contact with such circuits. When installing the antenna, take extreme care not to come into contact with such circuits, as they may cause serious injury or death. For proper installation and grounding of the antenna, please refer to national and local codes (e.g. U.S.:NFPA 70, National Electrical Code, Article 810, in Canada: Canadian Electrical Code, Section 54).

---

---

Warning This product relies on the building's installation for short-circuit (overcurrent) protection. Ensure that the protective device is rated not greater than:
120 VAC, 15A U.S. (240 VAC, 10A International)

---

---

Warning This equipment must be grounded. Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor. Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available.

---

---

Warning Read the installation instructions before you connect the system to its power source.

---

---

Warning Do not work on the system or connect or disconnect cables during periods of lightning activity.

---

---

Warning Do not operate your wireless network device near unshielded blasting caps or in an explosive environment unless the device has been modified to be especially qualified for such use.

---

---

Warning In order to comply with radio frequency (RF) exposure limits, the antennas for this product should be positioned no less than 6.56 ft (2 m) from your body or nearby persons.

---

---

Warning This unit is intended for installation in restricted access areas. A restricted access area can be accessed only through the use of a special tool, lock and key, or other means of security.

---

Safety Information

Follow the guidelines in this section to ensure proper operation and safe use of the bridge.

FCC Safety Compliance Statement

The FCC, with its action in ET Docket 96-8, has adopted a safety standard for human exposure to RF electromagnetic energy emitted by FCC-certified equipment. When used with approved Cisco Aironet antennas, Cisco Aironet products meet the uncontrolled environmental limits found in OET-65 and ANSI C95.1, 1991. Proper operation of this radio device according to the instructions in this publication results in user exposure substantially below the FCC recommended limits.

Safety Precautions

---

Warning Do not locate the antenna near overhead power lines or other electric light or power circuits, or where it can come into contact with such circuits. When installing the antenna, take extreme care not to come into contact with such circuits, as they may cause serious injury or death. For proper installation and grounding of the antenna, please refer to national and local codes (e.g. U.S.:NFPA 70, National Electrical Code, Article 810, in Canada: Canadian Electrical Code, Section 54).

---

Each year hundreds of people are killed or injured when attempting to install an antenna. In many of these cases, the victim was aware of the danger of electrocution, but did not take adequate steps to avoid the hazard.

For your safety, and to help you achieve a good installation, please read and follow these safety precautions. They may save your life!

1. If you are installing an antenna for the first time, for your own safety as well as others, seek professional assistance.

2. Select your installation site with safety, as well as performance in mind. Remember: electric power lines and phone lines look alike. For your safety, assume that any overhead line can kill you.

3. Call your electric power company. Tell them your plans and ask them to come look at your proposed installation. This is a small inconvenience considering your life is at stake.

4. Plan your installation carefully and completely before you begin. Successful raising of a mast or tower is largely a matter of coordination. Each person should be assigned to a specific task, and should know what to do and when to do it. One person should be in charge of the operation to issue instructions and watch for signs of trouble.

5. When installing your antenna, remember:

a. Do not use a metal ladder.

b. Do not work on a wet or windy day.

c. Do dress properly—shoes with rubber soles and heels, rubber gloves, long sleeved shirt or jacket.

6. If the assembly starts to drop, get away from it and let it fall. Remember, the antenna, mast, cable, and metal guy wires are all excellent conductors of electrical current. Even the slightest touch of any of these parts to a power line complete an electrical path through the antenna and the installer: you!

7. If any part of the antenna system should come in contact with a power line, don't touch it or try to remove it yourself. Call your local power company. They will remove it safely.

If an accident should occur with the power lines call for qualified emergency help immediately.

Bridge Installation

The bridge is available in two configurations:

•Integrated antenna bridge (with 22.5-dBi directional antenna)

•External antenna bridge (with antenna connector for use with an external antenna)

---

Note To meet regulatory restrictions, the external antenna bridge configuration and the external antenna must be professionally installed.

---

---

Note When installing the dual-coax cable, it is acceptable to unzip or pull the two cables apart at the ends if more separation is needed between the male F connectors.

---

Personnel installing the bridge must understand wireless bridging techniques, antenna alignment and adjustment, and grounding methods. The integrated antenna configuration can be installed by an experienced IT professional.

Stacking Bridges

You can double the throughput or create a standby link by stacking two bridges. A stacked installation consists of two bridge systems installed at the same physical location. For detailed mounting instructions refer to the Cisco Aironet 1400 Series Wireless Bridge Mounting Instructions that shipped with your bridge.

---

Note The bridge antennas must be separated by a minimum of 6.56 ft (2 m) from each other and from other co-located antennas.

---

Important Notes

This section describes important information about the bridge.

Default Encryption Key 2 Is Set by Bridge

The encryption key in slot 2 is the transmit key by default. If you enable WEP with MIC, use the same WEP key as the transmit key in the same key slot on both root and non-root bridges.

Limitation to PAgP Redundancy on Switches Connected by Bridge Links

When two switches configured for Port Aggregation Protocol (PAgP) are connected by redundant wireless bridge links, the PAgP switchover takes at least 30 seconds, which is too slow to maintain TCP sessions from one port to another.

Power Client n CLI Command Is Not Supported

The bridge does not support the power client n configuration interface command on the web-browser or CLI interfaces. The bridge does not perform any action if you use this command.

Default Infrastructure SSID

When VLAN is enabled, the WEP encryption mode and the WEP key are applicable only to a native VLAN. Any SSID configured should have the Infrastructure-SSID parameter enabled for that SSID. With the Infrastructure-SSID parameter enabled, the bridge ensures that a non-native VLAN cannot be assigned to that SSID.

ARP Table Is Corrupted When Multiple BVIs Are Configured

The bridge supports only one bridge virtual interface (BVI). Multiple BVIs should not be configured because the ARP table may become corrupted.

Bridge Power Up LED Colors

During power up the bridge LEDs display the following color sequences:

1. The Install LED is initially turned off.

2. The Install LED turns amber.

3. The Status LED turns amber during the boot loader process.

4. The Ethernet, Status, and Radio LEDs turn green during the loading of the operating system.

5. The Ethernet, Status, and Radio LEDs turn amber during the loop-back test.

6. The Status LED starts to blink green then the Ethernet LED starts to blink green.

7. The Ethernet, Status, and Radio LEDs blink amber twice to indicate that the auto install process has started.

8. During the auto install process, the Ethernet, Status, and Radio LEDs turn off for a short time period then go through a blinking sequence twice. Each LED sequentially blinks at the following rates before becoming continuously amber:

a. Slow blinking rate of 1 blink/second.

b. Medium blinking rate of 2 blinks/second.

c. Fast blinking rate of 4 blinks/second.

9. The Install LED starts to blink amber to indicate that the bridge is searching for a root bridge.

10. When the bridge associates to a root bridge, the Install LED turns amber.

11. When the bridge becomes a root bridge and is waiting for a non-root bridge to associate, the Install LED blinks green.

12. When the root bridge has a non-root bridge associated, the Install LED turns green.

Caveats

This section lists Open Caveats and Resolved Caveats in Cisco IOS Release 12.2(11)JA3 for the bridge.

Open Caveats

These caveats are open in Cisco IOS Release 12.2(11)JA3 for the bridge:

•CSCea28990—Cannot pass IP traffic when the bridge # route IP command is configured.

The bridge # route ip command must not be configured for the bridge groups assigned to non-native VLANS because this setting stops IP traffic across the bridge for those non-native VLANS.

•CSCea57649—The CLI Help command produces incorrect output for the radio interface.

When using the CLI Help command from the radio interface, the command output is repeated multiple times.

There is no workaround for this problem.

•CSCea75989—The non-root bridge does not reset the dot11 association counters when it reassociates to the root bridge.

There is no workaround for this problem.

•CSCea81730—The web interface for the non-root bridge incorrectly displays the root-bridge MAC address on the radio page.

There is no workaround for this problem.

•CSCeb03832—Bridge does not detect some invalid software images when the copy command is used.

Workaround: Use the CLI archive download command.

•CSCeb04390—Bridge does not detect simultaneous software downloads when the copy command is used in different sessions.

Workaround: Use the CLI archive download command.

•CSCeb05054—Multiple non-root bridges do not associate to the root bridge after any configuration changes to the radio interface.

The root bridge in a point-to-multipoint link does not allow non-root bridges to reassociate after configuration changes are made to the radio interface until the root bridge has rebooted (power turned off and on).

Workaround: After changing the radio interface configuration on a point-to-multipoint link, you must reboot the root bridge (turn power off and on).

•CSCeb05835— The web interface shows incorrect STP Root information on a bridge setup with multiple VLANs.

There is no workaround for this problem.

•CSCeb08817—The root bridge cannot ping a non-root bridge after reassociation.

Workaround: Use the CLI clear arp-cache command to clear the root bridge ARP cache.

•CSCeb10911—Linktest reports higher RSSI readings for the remote site.

There is no workaround for this problem.

•CSCeb12740—The virtual ratio connection cannot be made after the station role is changed.

After you change the station role of two bridges while the link is active, the radios get associated but the virtual radio interfaces do not function.

Workaround: After changing the station roles, you must restart both root and non-root bridges using the browser interface (System Software > System Configuration > Restart) or the CLI reload command.

•CSCeb14603—Telnet session locks up under heavy traffic.

There is no workaround for this problem.

•CSCeb15923—Radio firmware recovery does not work reliably.

There is no workaround for this problem.

•CSCeb17296—Clear dot client command does not work with traffic being passed.

When traffic is being passed through the bridges at around 30 to 40 percent CPU utilization, the CLI clear dot client H.H.H command does not clear the counters on the non-root bridge even though the association did clear.

There is no workaround for this problem.

•CSCea77473—HTTP software upgrade with Netscape version 7.x intermittently fails.

When you are upgrading software with Netscape version 7.x, the Web interface cascades through all open Netscape windows. The upgrade intermittently fails or the browser states that the upgrade failed when in fact the upgrade actually worked.

Workaround: Use Netscape version 4.7 or another browser.

Resolved Caveats

These caveats are resolved in Cisco IOS release 12.2(11)JA3:

•CSCed27956

A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.

All Cisco products which contain TCP stack are susceptible to this vulnerability.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.

A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.

•CSCed38527

A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.

All Cisco products which contain TCP stack are susceptible to this vulnerability.

This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS® software.

A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.

Troubleshooting

For the most up-to-date, detailed troubleshooting information, refer to the Cisco TAC website at http://www.cisco.com/tac. Click Technology Support, choose Wireless from the menu on the left, and click Wireless LAN.

Documentation Updates

The Cisco Aironet 1400 Series Wireless Bridge Mounting Instructions provides detailed instructions for installing and mounting the bridge.

Stacking Bridges Section Changes

The separation distance between the two stacked bridge antennas is a minimum of 6.56 feet (2 meters).

Related Documentation

These documents describe the installation and configuration of the bridge:

•Quick Start Guide: Cisco Aironet 1400 Series Wireless Bridge

•Cisco Aironet 1400 Series Wireless Bridge Software Configuration Guide

•Cisco Aironet 1400 Series Wireless Bridge Hardware Installation Guide

•Cisco IOS Command Reference for Access Points and Bridges

•Cisco Aironet 1400 Series Wireless Bridge Mounting Instructions

•Cisco Aironet 1400 Series Wireless Bridge 9-dBi Omnidirectional Antenna

•Cisco Aironet 1400 Series Wireless Bridge 10-dBi Sector Antenna

•Cisco Aironet 1400 Series Wireless Bridge 28-dBi Dish Antenna

•Cisco Aironet 1400 Series Wireless Bridge Roof Mount Assembly Instructions

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/univercd/home/home.htm

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Ordering Documentation

You can find instructions for ordering documentation at this URL:

http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm

You can order Cisco documentation in these ways:

•Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Ordering tool:

http://www.cisco.com/en/US/partner/ordering/index.shtml

•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

You can send comments about technical documentation to bug-doc@cisco.com.

You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, Cisco Technical Support provides 24-hour-a-day, award-winning technical assistance. The Cisco Technical Support Website on Cisco.com features extensive online support resources. In addition, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not hold a valid Cisco service contract, contact your reseller.

Cisco Technical Support Website

The Cisco Technical Support Website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, 365 days a year at this URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do

Submitting a Service Request

Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool automatically provides recommended solutions. If your issue is not resolved using the recommended resources, your service request will be assigned to a Cisco TAC engineer. The TAC Service Request Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco TAC engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.

To open a service request by telephone, use one of the following numbers:

Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553 2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.

Severity 1 (S1)—Your network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

Severity 3 (S3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.

Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

•Cisco Marketplace provides a variety of Cisco books, reference guides, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

•The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as ordering and customer support services. Access the Cisco Product Catalog at this URL:

http://cisco.com/univercd/cc/td/doc/pcat/

•Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:

http://www.ciscopress.com

•Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:

http://www.cisco.com/packet

•iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

•World-class networking training is available from Cisco. You can view current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html

This document is to be used in conjunction with the documents listed in the Related Documentation section.

Copyright © 2004 Cisco Systems, Inc. All rights reserved.

Printed in the USA on recycled paper containing 10% postconsumer waste.