AireOS 8.10, Cisco9100 AP, EnhancedOpen, IEEE802.11ax, OWE, SAE, WiFi6, WPA3
Cisco has published AireOS 126.96.36.199 release in late October for AireOS based controllers (8540/5520/3504/vWLC). In many ways this release is significant one. You may be already aware Cisco is heavily focusing on standardizing its software codes across all platforms for a long time. They have chosen IOS-XE software is the way forward & introduced that to every platforms (switches, routers, wireless controllers & access points). Specific to wireless, Cisco introduced 9800 series WLCs running on IOS-XE in late 2018.
With that AireOS platforms (AP & WLC) has to retire one day. It is expected 8.10 code train may be the last main release for AireOS based products. I am sure Cisco will continue to provide technical support for existing customers over next few years. However, You will start seeing IOS-XE WLC platforms get all new features and AireOS start lacking of those new features.
This post is to look at what AireOS 8.10 brings. Here are the main features introduced in AireOS 8.10. You can read AireOS 188.8.131.52 release notes for full details.
New Access Point Support
– Cisco Catalyst 9130 Access Points (C9130AXI-x)
– Cisco Catalyst 9120E & 9120P Access Points (C9120AXE-x/C9120AXP-x)
– Cisco Catalyst IW6300 Heavy Duty Series Access Points
– Cisco 6300 Series Embedded Services Access Points
Intelligent Packet Capture
– If you have Cisco DNA-C, then you can use this feature to establish direct communication link between DNA-C & APs. So DNA-C can get packet captures, client stats, spectrum data directly from APs. It is extremely useful to troubleshoot client roaming scenarios in enterprise environment.
– This feature is supported on wave-2 APs (1800,2800,3800,4800) and 9100 series APs. Specific to 8.10 release, it added this feature on Cisco 1800,9115,9117,9120 & 6300 series APs
– WPA3 is the WiFi alliance new security certification to improve drawbacks of WPA2. So it is going to replace WPA2 over time.
– WPA3-Personal support with 128-bit encryption
– WPA3-Enterprise support with 192-bit encryption
– It is another WiFi alliance certification to provide security for Open SSID traffic based on OWE – Opportunistic Wireless Encryption. This allow to encrypt Open SSID traffic without impacting how users connect to those public venue SSIDs.
Agile Multiband (MBO)
– It is a WiFi Alliance certification designed to optimize WiFi network resources, environment and enable MBO supporting devices to respond ot changing WiFi network condition.
– based on IEEE 802.11k, 802.11v, 802.11u technology.
– It is only supported with Cisco 802.11ax APs (9100 series)
– As per WiFi Alliance spec, it provides a practical solution for band steering, load balancing and other related operation procedures.
– Support for SNMPv3 trap notification
– per AP group NTP server
– Password encryption
If you are wondering what IOS-XE software release got those features, it is IOS-XE 16.12.x version you should look for.
I am sure most of existing customers still heavily rely on AireOS based WLC platforms (8540/5520/3504) or even (WiSM2/5508/2504) that is only supported up to 8.5 software releases. Therefore if you have AireOS based Wireless solution, nothing to panic about it. Better to start planning migrating to IOS-XE based 9800 platforms. Here are some great overview of those 9800 series WLCs
1. Cisco Catalyst Access AP
2. 9800-L series WLCs
3. AireOS to 9800 series command reference mapping.
As a side note, Sujit Ghosh who was the presenter in above talks has moved on from Cisco recently. He was one of the great speakers I have ever met. I was fortunate to learn about AireOS from him since 2011, year I met him first time during CLMEL.
As I got couple of 8540 & 5520 HA pairs in my campus environment , I am going to implement AireOS based 802.11ax AP deployment early next year. I will write more about those features added in 8.10 release and some of my experience in 802.11ax AP deployment.
1. Enhanced Open – Part 1
2. Enhanced Open – Part 2 (Transition Mode)
3. WPA3 – Personal (SAE)
4. WPA3-SAE Tranistion Mode
5. WPA3 – Enterprise
6. DNAC-Intelligent Packet Capture
shayan sharif said:
What is the range of Cisco 3800 WAP ?
How many client/laptops can connect to it simultaneously?
Sent from my iPhone
typically 200 clients in each radio.
Range point of view, it is limited by client capability. No point AP transmit high power where client can hear it. However client cannot communicate to reach AP (as client got limited power)
As yoda would say Rockstar this guy is.
I have a 5520 controller and it works with RTU license. Supports 1500 AP. Will it work with 5520 if I buy 9115 AP?
Yes it will work
Looking from a cost prospective.
What is need for an 2800 access point to connect to a 9800 WLC when it comes to licenses do I need any special licenses on top of what is needed to connect the 2800 AP to the 9800 WLC compared to connecting the 9120XE AP to an 9800 WLC?
When you buy AP, you have to choose DNA-Essential, Advantage or Premier licenses which is subscription based license. If you got license with 2800 hardware, swap that AP with 9120XE may not require additional license. However if you adding 9120XE then you may need to buy it with those subscription licenses unless you have additional licenses purchased earlier.
Is there an issue switching APs between IOS-XE controllers and AirOS ones? We have an old 5500, an AIrOS VM and a Cat9800 VM in our lab. We moved a 2802i from the AIrOS WLC to the Cat9800 just fine. It went through the usual code download process and joined. However, we cannot get the AP to rejoin an AirOS controller.
what versions of IOS-XE, this could be a bug