This product bulletin describes the content and delivery information for Cisco IOS® Software Release 12.3(8)JA, a deployment release supporting Cisco® Aironet® 1400 Series outdoor wireless bridges, Cisco Aironet 1300 Series outdoor access points/bridges, and Cisco Aironet 1240AG, 1230AG, 1200, 1130AG, and 1100 series access points. This release contains new features as well as support for the features delivered in Cisco IOS Software Release 12.3(7)JA, described in Product Bulletin 3042.
Cisco IOS Software Release 12.3(8)JA provides several features for Cisco Aironet 1400 Series outdoor wireless bridges, Cisco Aironet 1300 Series outdoor access points/bridges, and Cisco Aironet 1240AG, 1230AG, 1200, 1130AG, and 1100 series access points. Feature enhancements include support for management frame protection, 802.1X supplicant for Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) and Extensible Authentication Protocol-Transport Layer Security (EAP-TLS), Packet of Disconnect, voice power-saving features, and undergoing FIPS 140-2 Level 2 validation.
This Cisco IOS Software release is available as a free software upgrade for Cisco Aironet 1240, 1230, 1200, 1130, 1100, and 350 series access points, Cisco Aironet 1400 Series bridges, and 1300 Series outdoor access points/bridges. Figure 1 displays the release train and recommended migration path for Cisco IOS Software Release 12.3(8)JA. Only bug fixes are provided for Cisco Aironet 350 Series access points in this release.
Figure 1. Release Train and Recommended Migration Path for Cisco IOS Software Release 12.3(8)JA
NEW FEATURES IN CISCO IOS SOFTWARE RELEASE 12.3(8)JA
Table 1 lists new features in Cisco IOS Software Release 12.3(8)JA. These features are supported in this release for the platforms noted.
Table 1. New Cisco IOS Software Features
New Features
Cisco Aironet 1100 Series Access Point
Cisco Aironet 1130AG Series Access Point
Cisco Aironet 1200 Series Access Point
Cisco Aironet 1230AG Series Access Point
Cisco Aironet 1240AG Series Access Point
Cisco Aironet 1300 Series Access Point/Bridge
Cisco Aironet 1400 Series Wireless Bridge
Wireless IDS Management Frame Protection
-
X
-
-
X
X
-
IEEE 802.1X Supplicant
-
X
-
-
X
X
X
IEEE 802.1X Support for EAP-TLS, EAP-FAST
-
X
-
-
X
X
X
Packet of Disconnect
X
X
X
X
X
X
-
Wi-Fi Multimedia TSPEC Call Admission Control (CAC)
X
X
X
X
X
X
-
Gratuitous Probe Response for Dual-Mode Phones
-
X
X
X
X
-
-
Unscheduled Automatic Power Save Delivery (UPSD)
X
X
X
X
X
X
-
VoWLAN Metrics
X
X
X
X
X
X
-
Undergoing FIPS 140-2 Level 2 Validation
X
X
X
X
X
X
-
RADIUS-Based Mobility Group Assignment
X
X
X
X
X
X
-
IGMP Snooping-Based Multicast for Wireless
-
X
-
-
X
X
-
Resilient Tunnel Recovery for Wireless
X
X
X
X
X
X
-
Note: Cisco Aironet 1000 Series access points support the Lightweight Access Point Protocol (LWAPP) and do not support Cisco IOS Software.
Wireless Intrusion Detection System (IDS)-Management Frame Protection
This feature provides for the authentication of 802.11 management frames by the wireless network infrastructure. This allows the network to detect spoofed frames from attackers impersonating valid infrastructure devices.
IEEE 802.1X Supplicant
This feature supports an 802.1X supplicant for EAP-FAST and EAP-TLS that provides a secure method for enabling 802.1X authentication on the switch ports that are connected to access points.
IEEE 802.1X Support for EAP-TLS, EAP-FAST
Supports the use of IEEE 802.1X standard port-based EAP-TLS and EAP-FAST protocols for all authentication requirements for the access point. Roles supported include repeater/work group bridge to root, access point to WDS, access point to 802.1X/IBNS port.
Packet of Disconnect
This feature is implemented per the standards defined in RFC 3576 and offers service providers the ability to terminate an 802.11 user session from a RADIUS server.
Wi-Fi Multimedia TSPEC Call Admission Control
This quality of service (QoS) feature helps ensure predictable voice quality and encourages roaming by managing the total voice load on the access point. Call Admission Control (CAC) keeps the number of active voice calls from exceeding the configured limits of an access point. With this feature, phones are always connected to an access point, but not necessarily on an active call. This helps ensure that the voice quality of existing calls is maintained.
Gratuitous Probe Response for Dual-Mode Phones
This feature conserves the battery power of a dual-mode (cellular and WLAN) phone by providing a packet that is transmitted from the access point at a predefined high-rate time interval. With Gratuitous Probe Response, the phone is not required to listen for beacons on each channel to detect the presence of a WLAN while in cellular mode. This allows the phone to spend less time detecting a WLAN.
Unscheduled Automatic Power Save Delivery
This QoS feature extends the battery life of mobile clients and reduces the latency of traffic flow over the wireless media. Since it does not require the client station to send a poll for each individual packet buffered at the access point, this feature allows delivery of multiple downlink packets by sending a single uplink trigger packet. Unscheduled Automatic Power Save Delivery (UPSD) is enabled when Wi-Fi Multimedia (WMM) is enabled on the radio interface. This feature improves the quality of VoIP packet handling on access points by enhancing 802.11 MAC behavior for lower latency. It provides enhanced retry and rate shifting algorithms that reduce congestion on wireless networks.
Note: In Cisco IOS Software Release 12.3(8)JA, UPSD supports only the access point role. Repeaters, bridges, and workgroup bridge roles are not supported.
VoWLAN Metrics
This feature provides diagnostic information pertinent to VoIP performance on the WLAN and aids in determining whether problems are being introduced by the WLAN or the wired network. VoWLAN metrics supported include measurements of jitter and packet loss on a location, access point, or client basis, as well as information on client roaming and roam latency.
RADIUS-Based Mobility Group Assignment
This feature provides the ability to assign wireless users to different mobility groups based on user credentials stored in the RADIUS server.
IGMP Snooping-Based Multicast for Wireless
This feature provides the ability to deliver multicast traffic to wireless clients across the Native VLAN of an access point without requiring the need for trunking or multiple multicast enabled networks on the first hop layer 3 router. With this feature, the access point is able to deliver multicast to wireless clients with dynamically assigned mobility groups.
Resilient Tunnel Recovery for Wireless
Automatic recovery of mobility tunnels after WLSM failure with zero client interruption.
ADDITIONAL INFORMATION
Manual Configuration of Channels on W52/W53 for Dynamic Frequency Selection (DFS)
This option accommodates the Japanese 5 GHz standard, allowing manual configuration on channels W52 (5180, 5200, 5220, 5240 MHz) and W53 (5260, 5280, 5300, 5320 MHz).
Cisco IOS Software Release 12.3(8)JA feature sets, images, and memory recommendations are listed in Table 2. The products supported by this release are listed in Table 3.
