Fxos2120 RN
Uploaded by
abaheabaheabaheFxos2120 RN
Uploaded by
abaheabaheabaheCisco Firepower 4100/9300 FXOS Release Notes,
2.12
First Published: 2022-06-07
Last Modified: 2023-12-06
This document contains release information for Cisco Firepower eXtensible Operating System (FXOS) 2.12.0.
Use these Release Notes as a supplement with the other documents listed in the documentation roadmap:
• http://www.cisco.com/go/firepower9300-docs
• http://www.cisco.com/go/firepower4100-docs
Note The online versions of the user documentation are occasionally updated after the initial release. As a result,
the information contained in the documentation on Cisco.com supersedes any information contained in the
context-sensitive help included with the product.
Introduction
The Cisco security appliance is a next-generation platform for network and content security solutions. The
security appliance is part of the Cisco Application Centric Infrastructure (ACI) Security Solution and provides
an agile, open, secure platform that is built for scalability, consistent control, and simplified management.
The security appliance provides the following features:
• Modular chassis-based security system—Provides high performance, flexible input/output configurations,
and scalability.
• Chassis Manager—Graphical user interface provides a streamlined, visual representation of the current
chassis status and allows for simplified configuration of chassis features.
• FXOS CLI—Provides command-based interface for configuring features, monitoring chassis status, and
accessing advanced troubleshooting features.
• FXOS REST API—Allows users to programmatically configure and manage their chassis.
What's New
New Features in FXOS 2.12.1.48
Fixes for various problems (see Resolved bugs in FXOS 2.12.1.48, on page 15).
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
1
Software Download
New Features in FXOS 2.12.1.29
Fixes for various problems (see Resolved bugs in FXOS 2.12.1.29, on page 13).
New Features in FXOS 2.12.0.498
Fixes for various problems (see Resolved bugs in FXOS 2.12.0.498, on page 10).
New Features in FXOS 2.12.0.467
Fixes for various problems (see Resolved bugs in FXOS 2.12.0.467).
New Features in FXOS 2.12.0.450
Fixes for various problems (see Resolved bugs in FXOS 2.12.0.450).
New Features in FXOS 2.12.0.432
Fixes for various problems (see Resolved bugs in FXOS 2.12.0.432).
New Features in FXOS 2.12.0.31
Fixes for various problems (see Resolved bugs in FXOS 2.12.0.31).
Cisco FXOS 2.12.0 introduces the following new features:
Table 1: New Features in FXOS 2.12.0
Feature Description
QOS CLIs You can now use the Show interface ethernet <slot> <port> match statistics
CLI to track the intermediate drops happening on the TCAM
You can now police the traffic queues using the Show interface ethernet <slot>
<port> policer statistics police CLI to prevent the exorbitant traffic rates going
through strict priority queues
You can now control the traffic rates using the show queuing interface ethernet
<slot> <port> CLI during congestion to prevent loss of data packets
Switch packet path You can now debug switch packet path issue for the Secure Firewall 3100 devices
ASA and FTD SNMP You can now configure the Admin Instance drop-down menu for SNMP
Unification unification of ASA and FTD devices.
Software Download
You can download software images for FXOS and supported applications from one of the following URLs:
• Firepower 9300 — https://software.cisco.com/download/type.html?mdfid=286287252
• Firepower 4100 — https://software.cisco.com/download/navigator.html?mdfid=286305164
For information about the applications that are supported on a specific version of FXOS, see the Cisco FXOS
Compatibility guide at this URL:
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
2
Important Notes
https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/compatibility/fxos-compatibility.html
Important Notes
• In FXOS 2.4(1) or later, if you are using an IPSec secure channel in FIPS mode, the IPSec peer entity
must support RFC 7427.
• When you configure Radware DefensePro (vDP) in a service chain on a currently running threat defense
application on a Firepower 4110 or 4120 device, the installation fails with a fault alarm. As a workaround,
stop the threat defense application instance before installing the Radware DefensePro application.
Note This issue and workaround apply to all supported releases of Radware DefensePro
service chaining with threat defense on Firepower 4110 and 4120 devices.
• Firmware Upgrade—We recommend upgrading your Firepower 4100/9300 security appliance with the
latest firmware. For information about how to install a firmware update and the fixes included in each
update, see
https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/firmware-upgrade/fxos-firmware-upgrade.html.
• When you upgrade a network or security module, certain faults are generated and then cleared
automatically. These include a “hot swap not supported” fault or a “module removed when in online
state” fault. If you have followed the appropriate procedures, as described in the Cisco Firepower 9300
Hardware Installation Guide or Cisco Firepower 4100 Series Hardware Installation Guide, the fault(s)
are cleared automatically and no additional action is required.
System Requirements
• You can access the chassis manager using the following browsers:
• Mozilla Firefox—Version 42 and later
• Google Chrome—Version 47 and later
• Microsoft Internet Explorer—Version 11 and later
We tested FXOS 2.12.0 using Mozilla Firefox version 42, Google Chrome version 47, and Internet
Explorer version 11. Other versions of these browsers are expected to work. However, if you experience
any browser-related issues, we suggest you use one of the tested versions.
Upgrade Instructions
You can upgrade your Firepower 9300 or Firepower 4100 series security appliance directly to FXOS 2.12.0
if it is currently running FXOS version 2.2(2) or later. Before you upgrade your Firepower 9300 or Firepower
4100 series security appliance to FXOS 2.12.0, first upgrade to FXOS 2.2(2), or verify that you are currently
running FXOS 2.2(2).
For upgrade instructions, see the Cisco Firepower 4100/9300 Upgrade Guide.
Installation Notes
• An upgrade to FXOS 2.12.0 can take up to 45 minutes. Plan your upgrade activity accordingly.
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
3
Resolved and Open Bugs
• If you are upgrading a Firepower 9300 or Firepower 4100 series security appliance that is running a
standalone logical device or if you are upgrading a Firepower 9300 security appliance that is running an
intra-chassis cluster, traffic does not traverse through the device while it is upgrading.
• If you are upgrading a Firepower 9300 or a Firepower 4100 series security appliance that is part of an
inter-chassis cluster, traffic does not traverse through the device being upgraded while it is upgrading.
However, the other devices in the cluster continue to pass traffic.
• Downgrade of FXOS images is not officially supported. The only Cisco-supported method of downgrading
an image version of FXOS is to perform a complete re-image of the device.
Resolved and Open Bugs
The resolved and open bugs for this release are accessible through the Cisco Bug Search Tool. This web-based
tool provides you with access to the Cisco bug tracking system, which maintains information about bugs and
vulnerabilities in this product and other Cisco hardware and software products.
Note You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one,
you can Cisco.com.
For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.
Open Bugs in FXOS 2.12.0.31
The following table lists the open bugs in FXOS 2.12.0.31:
Caveat ID Number Description
CSCwc03242 BC01_IBMC01_showTechSupport_log core generated while collecting techsupport
logs
Resolved bugs in FXOS 2.12.0.31
The following table lists the previously release-noted and customer-found bugs that were resolved in FXOS
2.12.0.31:
Caveat ID Number Description
CSCvy83696 ENH: FPR 4100/9300 bcm_usd process logs to support possible RCA
CSCwa03285 Upgrade to 2.10.1.166 causes degraded SM - Unrecognized Firmware format
CSCwa85297 Multi-instance internal portchannel VLANs may be misprogrammed causing traffic
loss
CSCvu36664 FXOS Operational State:Thermal-problem intermittently
CSCvx76651 ENH: Prevent CCL IP addressing on the 169.254.x.x subnet on cluster creation
CSCvz01271 Need show command to see the details of transceiver of FXOS mgmt port via CLI
CSCvz94217 App-instance startup version is ignored and set to running-version after copy config
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
4
Resolved bugs in FXOS 2.12.0.432
Caveat ID Number Description
CSCwa52215 Uploading firmware triggers data port-channel to flap
CSCwb84638 Portmanager/LACP improvement to capture logging events on external event restarts
CSCvz72467 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service
CSCwa55772 FPR 4100 saw an unexpected reload with reason "Reset triggered due to HA policy
of Reset"
CSCvu76180 Serviceability Request - Add error message that FXOS firmware is not fully activated
CSCvy83657 FXOS process core pruned/deleted from system files (no validation)
CSCvz14640 FXOS System temporary directory usage is unexpectedly high
CSCvz50201 FXOS may display fault F1256 about missing local disk 0
CSCvy48764 SSH access with public key authentication requires user password
CSCvy95497 Chassis SSD firmware upgrade may be prevented improperly
CSCvy80380 Disk utilization increasing /var/tmp in FPR4150-ASA chassis
CSCvz01285 Need show command to see the details of FPGA version on Firepower devices
CSCvz94740 FXOS traceback and reload due Service "ascii-cfg" sent SIGABRT for not setting
heartbeat.
CSCwb74357 FXOS is not rotating log files for partition opt_cisco_platform_logs
CSCwa62167 CIAM: Apache-http-server CVE-2021-44790 and CVE-2021-44224
CSCvz71282 FXOS | high Align-Err counter on port-channel48
CSCvz91266 FXOS A crafted request uri-path can cause mod_proxy to forward the request to an
origin server...
CSCvt13808 ENH: FP 4100/9300 - FTD and FXOS SNMP unification
CSCvx04995 Fault F0736 should not be generated due to unreacheable default gateway
CSCvy81369 ENH: Include dmesg -T command output in FXOS show-tech files
CSCwb15170 RM 1120 Port state going down, speed is 100/10 and duplex full/Half, speed and
duplexmismatchpresent
CSCwb73356 nvram logs consistently written every 2 seconds causing high disk utilization
Resolved bugs in FXOS 2.12.0.432
The following table lists the previously release-noted and customer-found bugs that were resolved in FXOS
2.12.0.432:
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
5
Resolved bugs in FXOS 2.12.0.432
Caveat ID Number Description
CSCvy99348 Shutdown command reboots instead of shutting the FP1k device down.
CSCwb49416 ASA snmpd Traceback & cores on an active unit
CSCwb90940 Data interfaces are not coming up on KP device after deploying 9.18.0.114 image
CSCwc03510 Kilburn Park freezes / crashes on netboot system load
CSCwb62059 Unable to login on FTD using external authentication after upgrade from
7.0.1--->7.2.-1947
CSCwb70030 MIO: No blade reboot during CATERR if fault severity is non-Severe or CATERR
sensor is different
CSCwb93924 sfp-detect not working correctly on fixed and epm ports
CSCwc02133 Root shell injection in security module "support fileview" command
CSCwc41590 Upgrade fail & App Instance fail to start with err "CSP_OP_ERROR. CSP signature
verification error."
CSCvz74356 FDM 1010 device management interface not reflecting the correct status
CSCwa90735 ASAconsole.log files fail to rotate
CSCwa99171 Chassis and application sets the time to Jan 1, 2010 after reboot
CSCwb83756 TPK netmod OIR fills log with error messages until complete
CSCwc08094 Update CiscoSSL to 1.1.1o.7.3sp.143
CSCwb58007 FTDv on Azure - Traceback on Thread PTHREAD
CSCwa71071 Update certificate bundle for 7.2 release
CSCwb41361 WR8, LTS18 and LTS21 commit id update in CCM layer (seq 26)
CSCwb25246 ASAv SSH session getting terminated with ospf network command using Azure /
Azure Stack hub
CSCwc45356 FXOS: Support a single PID type for FPR3100 platforms
CSCwa88148 ENH: Fail-to-Wire feature switching standby/bypass from CLI
CSCwb10884 WM11xx: Getting "ERROR: waiting for fxos_log_shutdown" during shutdown.
CSCwb94573 3140 - Platform fault - Code: F1374 - Severity: Critical
CSCwb97486 FPR3100: 25G optic may show link up on some 1/10G capable only fiber ports
CSCwb27099 FXOS: Third-party interop between Ciena Waveserver with firepower chassis.
CSCwb84638 Portmanager/LACP improvement to capture logging events on external event restarts
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
6
Resolved bugs in FXOS 2.12.0.450
Caveat ID Number Description
CSCwb01633 FXOS misses logs to diagnose root cause of module show-tech file generation failure
CSCwb12465 FIPS self-tests must be run when CC mode is enabled - files are missing
CSCwb74357 FXOS is not rotating log files for partition opt_cisco_platform_logs
CSCwb95787 FPR1010 - No ARP on switchport VLAN interface after portmanager DIED event
CSCwb57988 The smConLogger traceback is caused by memory leak.
CSCwb85516 Update the entity mib with new EPM details for WA-B/TPK
CSCwb89065 Warn when TPK borough/temple fpga versions are below minimum
CSCwc37196 FPR3100: 8x1G copper netmod may incorrectly report obsolete firmware on boot
CSCwb02689 FXOS should check reference clock stratum instead of NTP server's local clock stratum
CSCwb40662 ENH: FCM should include option for modifying the interface 'link debounce time'
CSCwb46385 REST API Support for debounce time configuration
CSCwb85391 TPK Ctrl-FPGA version check broken
Resolved bugs in FXOS 2.12.0.450
The following table lists the previously release-noted and customer-found bugs that were resolved in FXOS
2.12.0.450:
Caveat ID Number Description
CSCwb12119 CIAM: expat - CVE-2022-25235 and others
CSCwb24367 Evaluation of ssp for Dirty Pipe vulnerability
CSCwb70138 CIAM: python CVE-2015-20107
CSCwc30692 TPK 3140 Maryland: %ERROR% - Switch device not found! during reboot
CSCwb44662 CIAM: zlib - CVE-2018-25032
CSCwb62105 CIAM: glibc 2.33 CVE-2022-23219 and others
CSCwb71554 CIAM: libxml - CVE-2022-23308
CSCwc30239 CIAM: apache-http-server - CVE-2022-31813 and Others
CSCwc34082 CIAM: curl - CVE-2022-22576 and others
CSCwc75082 25G-SR should default to RS-FEC (IEEE CL108) instead of FC-FEC
CSCwb80192 WR6, WR8 commit id update in CCM layer(Seq 30)
CSCwb84967 Firepower 9300 chassis troubleshoot file caused outage
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
7
Resolved bugs in FXOS 2.12.0.450
Caveat ID Number Description
CSCwc08676 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 32)
CSCwc25207 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 33)
CSCwc46569 WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 34)
CSCwc60907 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 35)
CSCwc69036 In TPK 3110, baseline boot from rommon failed as "unable to unlock or revert SED"
CSCwc83037 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 36)
CSCwb71582 CIAM: strongswan - CVE-2021-45079
CSCwb83166 Upgrade to CiscoSSL FOM 7.3sp and CiscoSSL 1.1.1o.7.3sp.143-fips in SSP MIO
CSCwc03393 Lina traceback and core file size is beyond 40G and compression fails on FTD
CSCwc08374 Azure ASA NIC MAC address for Gigeth 0/1 and 0/2 become out of order when adding
interfaces
CSCwd07413 FMC - Editing member interfaces on port-channel is stuck on "Updating interface"
window
CSCvz19364 FXOS does not send any syslog messages when the duplex changes to "Half Duplex"
CSCwb21037 FCM smart license error when smart licensing reports synced
CSCwb80108 FP2100/FP1000: Built-in RJ45 ports randomly not coming up after portmanager restart
events
CSCwb95383 KP FDM-HA is in suspended state with no failover after reverting from 7.3 to 7.1
CSCwc25523 Registering the device for Telemetry is failing in DEV images due to missing security
certificates
CSCwc31619 TPK: DME error for invalid card id with SwitchCardPowerCtrlModule
CSCwc47386 vFMC WebUI inaccessible after CC mode was enabled in 7.3.0-1553:
ERR_CONNECTION_REFUSED
CSCwc51827 Getting portmanager Died Error after installing 7.3.x build on wm1010
CSCwc61106 Unable to configure domain\username under cfg-export-policy in FXOS
CSCwc75061 FMC allows shell access for user name with "." but external authentication will fail
CSCwc76195 Fail-To-Wire interfaces flaps intermittently due to watchdog timeout in KP platform
CSCwd08626 FTW: port pairs unexpectedly going to bypass due to failure
CSCwd09546 WA: portmanager sfp OIR routine uses insufficient table for module debounce
CSCvz42084 Update msmtp driver to fix FMC SMTP email send failures
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
8
Resolved bugs in FXOS 2.12.0.450
Caveat ID Number Description
CSCvz44638 FXOS changes for CSCvy86319 - Data are not getting destroy after formatting disk0
on ISA3K
CSCwb57524 FTD upgrade fails - not enough disk space from old FXOS bundles in distributables
partition
CSCwb73678 /var/tmp partition fullness warning on FXOS
CSCwb88090 FXOS:after fxos config import new port-channel creation causing existing port-channel
flap
CSCwb94573 3140 - Platform fault - Code: F1374 - Severity: Critical
CSCwb94980 TPK: SFP insertion events are missed for base fiber ports including mgmt port.
CSCwc08683 The interface's LED remains green blinking when the optical fiber is unplugged on
FPR1150
CSCwc29384 KP - Add DMA memory segments to corefile generated by livecore
CSCwc37061 SNMP: FMC doesn't reply to OID 1.3.6.1.2.1.25.3.3.1.2
CSCwc41591 [IMS_7_3_0] core.portmgr_ipc found on WM1010 during redeploy all policies
CSCwc46847 FXOS partition opt_cisco_platform_logs on FP1K/FPR2K may go Full due to
ucssh_*.log
CSCwc60463 FXOS is not rotating log messages files for partition opt_cisco_platform_logs
CSCwc94062 [FTDv/Kenton/ISA3k - FXOS] Add sshd monitor capability to restart sshd in case it
fails.
CSCwc94670 TPK svc_sam_statsAG memory leak
CSCvz77202 RMU read stale entries on the int ctrl link between x86 Denverton CPU and Marvel
88E6390X switch
CSCwb77818 Telemetry stays in enabled state even after SL is deregistered from CLI
CSCwc77879 Autopsy Uncore utility support for Vermont branch
CSCwc32584 WM 1150: Upgrade to asa image "99.16.4.24-198" fails on Wm1150 platform
CSCwb48166 FXOS upgrade to 2.11 is stuck
CSCwb66175 MIO is not able to register. appAG process issue
CSCwc76849 link state propagation stops working when performing full chassis reboot
CSCwc26489 ENH - Setting the zmqio sched policy and priority for MIO heartbeat channel
CSCwc74905 FXOS: FPR-X-NM-8X10G ports 7 and 8 are unconfigurable.
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
9
Resolved bugs in FXOS 2.12.0.467
Resolved bugs in FXOS 2.12.0.467
The following table lists the previously release-noted and customer-found bugs that were resolved in FXOS
2.12.0.467:
Caveat ID Number Description
CSCwc37695 In addition to the c_rehash shell command injection identified in CVE-2022-1292
CSCwc82169 FPR4100/9300 Blade discovery may hang due to internal communication failure with
blade adapter
CSCwd31427 FMC allowing explicit format version of EC parameters with syslog over TLS in CC
mode
CSCwd34662 LTS18 and LTS21 commit id update in CCM layer (seq 39)
CSCwb89257 Remote user login via SSH access with password authentication method fails after
FXOS upgrade
CSCwc57204 FXOS not responding to SSH connection
CSCwc87441 for system processes limit the CPUs used to the number of system CPUs
CSCwd06758 No input validation for logical device DNS servers in bootstrap configuration on chassis
manager
CSCwd37560 Adding forceReboot option for bundle install REST API
CSCwd45784 FXOS SWIMS Engine update to version 3.0.4
CSCwd45904 Livecore does not return proper error code when there is no space
CSCwd47340 Potential memory leak in svc_sam_envAG process
CSCwb52656 SNM trace logs have incorrect timestamps
CSCwd47481 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 40)
CSCwd65327 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 41)
CSCwc96726 R2130 use the Wind River CIS_LTS21_R2130 OS branch for the 7.3.0 Beta2 release.
Resolved bugs in FXOS 2.12.0.498
The following table lists the previously release-noted and customer-found bugs that were resolved in FXOS
2.12.0.498:
Caveat ID Number Description
CSCwe07734 ASA goes to failsafe mode after FXOS upgrade
CSCwb24306 Duplicate log entry for /mnt/disk0/log/asa_snmp.log
CSCwc49353 QP MI FTD HA pair goes to disabled state
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
10
Resolved bugs in FXOS 2.12.0.498
Caveat ID Number Description
CSCwc83495 Add abort in switch_driver to crash portmanager in case udbs are corrupted
CSCwd58188 Inline-pair's state could not able to auto recover from hardware-bypass to standby
mode.
CSCwd68346 ASA MIO-blade heartbeat failure due to kernel crash, leads to MEZZ core
CSCwd72680 FXOS: FP2100 FTW timeout triggered by high CPU usage during FTD Access Control
Policy deploy.
CSCwd74839 30+ seconds data loss when unit re-join cluster
CSCwd89349 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (seq 42)
CSCwd95415 The Standby device going in failed state due to snort heartbeat failure
CSCwd96766 41xx: Blade does not capture or log a reboot signal
CSCwd99885 Bad code change to portmgr_ipc.c
CSCwe14619 The standby device going in failed state due to snort heartbeat failure( Precommit
Build Failure)
CSCwe20714 7.4.0-1603 WA/TPK-HA Traffic doesn't work for non static mac address interface
CSCwe24532 Multiple instances of nvram.out log rotated files under /opt/cisco/platform/logs/
CSCwe25025 8x10Gb netmod fails to come online
CSCwe30653 FTD upgrade failure at "999_finish/999_zz_install_bundle.sh" due to bad key cert
CSCwe32394 ssp abort/reload: terminate called after throwing an instance of 'Stb::bad_alloc' from
overload.cpp
CSCwe51412 Port-channel down with Suspended status on member-ports
CSCvx71936 FXOS: Fault "The password encryption key has not been set." displayed on FPR1000
and FPR2100 devices
CSCwa75392 Missing warning message when upgrading FXOS
CSCwb30042 SA for msglyr and switch/src/HAL_Layer code
CSCwc10545 system_pid_specific_misc_defs.json has incorrect system cores for TPK
CSCwc12719 Modify tech-support to capture additional debug info (show portmanager switch vlans)
CSCwc34801 [IMS_7_3_0]REST_API:Network::getMTU [ERROR] when setting network
information during firstboot
CSCwc69977 Null pointer check missing in sfp display routine
CSCwc83851 OIR errors in portmgr.out
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
11
Resolved bugs in FXOS 2.12.0.498
Caveat ID Number Description
CSCwd10139 Ping to ipv6 gw with system fails, works without it
CSCwd12978 WA-B: ASA show env command displays PSU information incorrectly
CSCwd43666 Analyze why there is no logrotate for /opt/cisco/config/var/log/ASAconsole.log
CSCwd53448 FPR3100: 4x40 network module LEDs do not blink with traffic
CSCwd56266 KP- FTP under local-mgmt not working
CSCwd56462 LLDP:Neighbors not getting discovered on the first breakout port without deleting the
lldp config
CSCwd68159 LLDP::Removing a member port from the port channel completely removes the lldp
neighbors
CSCwd82787 Upgrade request errors flood portmgr.out after netmod removal
CSCwd92804 FAN LED flashing amber on FPR2100
CSCwd95063 npu accel - nam_client ipc_recv_timeouts - effects FXOS npu-accel local-mgmt, lina
stats calls
CSCwe02421 FPR-X-NM-6X1SX-F not recognized on FP3100 or FP4200
CSCwe13577 Audit log is missing for Mgmt port change
CSCwe18145 Interface speed is not updated on FTD
CSCwe21569 Improve CLI options for management IP with dhcp option
CSCwe22302 Partition "/opt/cisco/config" gets full due to wtmp file not getting logrotated
CSCwe32972 stdout_env_manager.log is full of unknown board type 3 messages
CSCwe33910 sr_build.log has the same three messages repeated every minute
CSCwe33943 svc_sam_serviceOrchAG.log is filled with repeating worthless messages every minute
CSCwe36758 3105: F78672 after a reboot
CSCwe48918 LTS18 CCM Sequence number 44 to update the libjitterentropy to version 3.4.1
CSCwe59989 Workaround to fix build breakage introduced by Wind River CCM commit
CSCwe63794 Reduce fault severity level for RAID degrade due to disk is still in spare state
CSCwb88729 FTD - %FTD-3-199015: port-manager: Error: DOM Block Read failure, port X, st =
X log false/positive
CSCwe24440 disk-controller remove/remove-secure description doesn't match
CSCwe34512 JENT: Add JENT library to fxos to support KP.
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
12
Resolved bugs in FXOS 2.12.1.29
Caveat ID Number Description
CSCwd35074 Telemetry registration is failing in 2.13.
CSCwd99813 Supervisor does not reboot unresponsive module/blade due to CATERR with minor
severity sensor ID 50
CSCwe33130 Supervisor does not reboot unresponsive module/blade due to IERR with minor severity
sensor ID 79
CSCvx62999 Non-zero input discards in MI CCL interface
CSCwb40008 Sometimes device goes for reboot, when powering on of alperton netmod in 4100
device
CSCwb80881 CSSMGR_log core found while testing snmp trap on 2.8.1.184
CSCwc79216 Update Broadcom SDK patch for field alert notification for Trident2
CSCwe22152 SNMPD cores seen in in snmp_sess_close and notifyTable_register_notifications
CSCwe19968 Enhance to log FTW kicking delay and compensate the delay for kicking
CSCwe59809 WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (seq 45)
CSCwc49180 Statsclient hap reset and boot loop after enabling SNMP unification in 92.13
Resolved bugs in FXOS 2.12.1.29
The following table lists the previously release-noted and customer-found bugs that were resolved in FXOS
2.12.1.29:
Identifier Headline
CSCwb75786 Deploy failure seen as "argument content is null" in 730.
CSCwd34288 FP1000 - During boot process in LINA mode, broadcasts leaked between interfaces
resulting in storm.
CSCwd94183 Blade not coming up after FXOS update support on multi-instance due to ssp_ntp.log
log rotation prob.
CSCwe30867 Workaround to set hwclock from ntp logs on low end platforms.
CSCwe74916 Interface remains DOWN in an Inline-set with propagate link state.
CSCwe88600 vFTD sshd silent crash, possibly due to probes in Azure with LB.
CSCwe93802 WR6, LTS18 and LTS21 commit id update in CCM layer (Seq 46).
CSCwf08515 FPR3100: ASA/FTD High traffic impact on all data interfaces with high counter of
"demux drops".
CSCwf014729 Need to use CiscoSSL with FOM 7.3 for Intel Builds.
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
13
Resolved bugs in FXOS 2.12.1.29
Identifier Headline
CSCwf17858 node is leaving TPK cluster due to interface health check failure.
CSCwc76419 Unnecessary FAN error logs needs to be removed from thermal file.
CSCwd67101 FPR1150 : Exec format error seen and the device hung until reload when erase secure
all is executed.
CSCwd81123 High CPU Utilization on FXOS for processes smConlogger.
CSCwe50993 SNMP on SFR module goes down and won't come back up.
CSCwe70472 Upgrade third-party component rng-tools to latest 6.16 version.
CSCwe90524 Enh: Add timestamp in interface IPC message.
CSCwf03490 portmanager.sh outputing continuous bash warnings to log files.
CSCwf16278 TPK 2.12 MGMT Port not able to ping gateway after application installation.
CSCwf22483 SSH to Chassis allows a 3-way handshake for IPs that are not allowed by the config.
CSCwf37871 Attempt go 1.19.4 in LTS18 Branches but go back to 1.12.12 release.
CSCwf40113 TPK/WA - OSPF packets land in multiple RX rings.
CSCwf18647 Brentwood and Maryland squelch settings modification missing from _X netmod
variants.
CSCvz91293 ENH: Include exported chassis configuration in chassis show-tech file.
CSCwc12716 modify tech-support to capture additional debug info (control link register details).
CSCwd34920 ENH: Need to preserve topout.log to contain data of last 5 days minimum.
CSCwe45653 ENH: FXOS need to track Security Module for Disk quota exceeded related issue.
CSCwe79517 ENH: TPK show portmanager counters to dump counters for default drop rules.
CSCwe64773 core.svc_sam_dcosAG file seen on device after erase configuration
CSCwe83544 After upgrade ha interface remains down on one node.
CSCwa98094 MI information is missing in tech-support
CSCwf16886 Universal p4tickets are in plaintext in source code
CSCvz69950 Include output of 'show storage detail command in FPR3100 FPRM/tech_support_brief
file
CSCwb06934 Include output of 'show slot expand detail' command in FPR3100 tech_support_brief
file
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
14
Resolved bugs in FXOS 2.12.1.48
Resolved bugs in FXOS 2.12.1.48
The following table lists the previously release-noted and customer-found bugs that were resolved in FXOS
2.12.1.48:
Caveat ID Number Description
CSCwe87745 FXOS CLI to show last programming changes
CSCwf57856 FXOS Traceback and reload caused by leak on MTS buffer queue
CSCwh22888 FXOS: Remove enforcement of blades going into degraded state after multiple DIMM
correctable errors
CSCwb71519 ENH: F1661 More details on failure reason and log location
CSCwh82859 SSHd cores found after Azure VPN Performance test
CSCvx44261 SNMPv3: Special characters used in FXOS SNMPv3 configuration causes
authentication errors
CSCwf82279 Excessive logging of ssp-multi-instance-mode messages to
/opt/cisco/platform/logs/messages
CSCwa65801 "show ntp all" logs are not clear enough and lead to uncertainty and confusion
CSCwh04730 ASA/FTD HA checkheaps crash where memory buffers are corrupted
CSCwe81841 FXOS needs to provide a command that will display the total power on hours of
chassis/blade
CSCwf36066 WM/TPK/WA "FTD only": Packet drops observed after removing PC member from
Port-channel
CSCwh54477 The FMC is showing "The password encryption key has not been set" alert for a
Firepower 1100/2100 and Secure Firewall 3100 series devices
CSCwh55178 FXOS: svc_sam_dcosAG process getting crashed repeatedly on FirePower 4100
CSCwc48701 Secure Firewall 3100 MI: ftd instance failed to come online after chassis reboot
CSCwf95288 Firepower 1000 Switchport passing CDP traffic
CSCwh17366 Upgrade to CiscoSSH 1.12.39 in FXOS
CSCwh18967 Include "show env tech" in FXOS FPRM troubleshoot
CSCwh24321 FXOS: Alperton 100G NetMod not being acknowledged properly
CSCwf44354 JENT: Expand JENT library support to CiscoSSL for all FXOS targets
CSCwf55654 Secure Firewall 3100/4200 - Incorrect 'Management1/1' interface status on Lina &
FTD
CSCwf63589 FTD snmpd process traceback and restart
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
15
Related Documentation
Caveat ID Number Description
CSCwh09113 FPR1010 in HA failed to send or receive to GARP/ARP with error "edsa_rcv: out_drop"
CSCwb97626 FXOS should display ROMMON logs
CSCwf35500 FXOS/SSP: System should provide better visibility of DIMM Correctable error events
CSCwf88124 Switch ports in Trunk mode do not pass vlan traffic after power loss
CSCwh02371 CCM ID 53 - WR8, LTS18, LTS21
Related Documentation
For additional information on the Firepower 9300 or 4100 series security appliance and FXOS, see Navigating
the Cisco FXOS Documentation.
Online Resources
Cisco provides online resources to download documentation, software, and tools, to query bugs, and to open
service requests. Use these resources to install and configure FXOS software and to troubleshoot and resolve
technical issues.
• Cisco Support & Download site: https://www.cisco.com/c/en/us/support/index.html
• Cisco Bug Search Tool: https://tools.cisco.com/bugsearch/
• Cisco Notification Service: https://www.cisco.com/cisco/support/notifications.html
Access to most tools on the Cisco Support & Download site requires a Cisco.com user ID and password.
Contact Cisco
If you cannot resolve an issue using the online resources listed above, contact Cisco TAC:
• Email Cisco TAC: [email protected]
• Call Cisco TAC (North America): 1.408.526.7209 or 1.800.553.2447
• Call Cisco TAC (worldwide): Cisco Worldwide Support Contacts
Communications, Services, and Additional Information
• To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.
• To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.
• To submit a service request, visit Cisco Support.
• To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit
Cisco Marketplace.
• To obtain general networking, training, and certification titles, visit Cisco Press.
• To find warranty information for a specific product or product family, access Cisco Warranty Finder.
Cisco Firepower 4100/9300 FXOS Release Notes, 2.12
16
