9037076-01 Extreme Campus Controller v05.36.02.0011 RelNotes

9037076-01, Extreme, Campus, Controller, v05.36.02.0011 RelNotes

ExtremeNetworks Extreme Networks, Inc.

Extreme Campus Controller version 5.36.02 Release Notes Jun 2021

Extreme Campus Controller Version 5.36 - Extreme Networks

PDF Viewing Options

Not Your Device? Search For Manuals or Datasheets below:


File Info : application/pdf, 18 Pages, 362.09KB

Document DEVICE REPORT9037076-01 Extreme Campus Controller v05.36.02.0011 RelNotes
Customer Release Notes
Extreme Campus Controller
Firmware Version V05.36.02.0011
June 29, 2021

6480 Via Del Oro San Jose, CA 95119
+1 888-257-3000

INTRODUCTION:
The Extreme Campus Controller, is a next generation orchestration application offering all the mobility services required for modern unified access deployments. The Extreme Campus Controller includes comprehensive critical network services for wireless and wired connectivity, wireless device secure onboarding, distributed and centralized data paths, role-based access control through the Application Layer (Layer 7), integrated location services, and IoT device onboarding through a single platform. Built on field proven architectures with the latest technology, the embedded operating system supports containerization of applications enabling future expansion of value-added applications for the unified access edge.
The E3120 is a large application appliance meeting the needs of high-density and mission critical deployments with support for up to 10,000 APs/Defenders, 2000 switches, and 100,000 mobility sessions in high-availability mode. An optional redundant power supply is available for ordering separately.
The E2120 is an application appliance meeting the needs of medium sized high-density and mission critical deployments with support for up to 4,000 APs/Defenders, 800 switches and 32,000 mobility sessions in highavailability mode. An optional redundant power supply is available for ordering separately.
The E2122 is an application appliance meeting the needs of medium sized high-density and mission critical deployments with support for up to 4,000 APs/Defenders, 800 switches and 32,000 mobility sessions in highavailability mode. An optional redundant power supply is available for ordering separately.
The E1120 is an entry to mid-level platform expandable to 250 APs/Defenders, 100 switches, and 4,000 mobility sessions in high-availability mode.
The VE6120 is an elastic virtual appliance that supports up to 1,000 APs/Defenders, up to 400 switches and 16,000 mobility sessions in high-availability mode depending on the hosting hardware.
The VE6120 and VE6120H offer elastic capacities to cover the full range of offering as VMWare/MS Hyper-V, ranging from VE6120/VE6120H-Small to VE6120/VE6120H-Large.
The VE6125 XL is an virtual appliance that supports up to 4,000 APs/Defenders, up to 400 switches and 32,000 mobility sessions in high-availability mode, depending on the hosting hardware.
The Extreme Campus Controller offers the ability to expand capacity to meet any growing business needs. The hardware and virtual packages are available for purchase using a traditional CAPEX model. The customer has the option to purchase adoption capacity via a Perpetual (CAPEX) model or as a Right-To-Use Subscription model, supporting flexible quantites (per managed device) and term (multiple-year extended term) option.

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 1 of 18

Extreme Campus Controller Customer Release Notes

Enhancements in 05.36.02.0011
Introduced WPA3-Enterprise as a new authentication type option for Network privacy definitions.
Increased the Organizational Identifiers from 2 to 8 for Hotspot 2.0 in support of the WiFi4EU Initiative.
Added support for configuring HEX-encoded pre-shared key for WPA-PSK WLANs.
Provided the ability to clone an existing configuration Profile for use with a device group that supports the same devce type.
Provided the ability to filter events on the Logs screen for Events, Station Events, Audit, and AP Logs. The filtered list will persist during your session. You can navigate away from the page and return to the same filtered list. The filter is cleared after you log out or reboot the controller.

XCC-1455 XCC-1400 XCC-1322 XCC-1219 XCC-981

Changes in 05.36.02.0011
GUI Mesh Report is missing the information about the Root AP with Ethernet connection. This problem will be addressed in a future release.

I.D ECA-565

Enhancements in 05.36.01.0013
Improved visualization of user location on floor plan by providing option to auto-refresh to pick up new-location of tracked devices. Provided automatic option to hide badges as a way to improve readabilty of location of device location relative to the underlying floor plans.
Added support for wired client connection for AP305C/X in Mesh.
Added warning on console access that configuration via CLI is not supported. Only supported configuration methods are GUI or REST API.
Added option for administrator to manually defined description per element of NAI Realm, Roaming Consortium, and 3GPP Network IDs.
Added discovery and display of attributes of Switch and Port where AP is connected.
Added detection of uplink failure to Root Mesh APs.
Increased supported resolution for floor plans.
Added support of Mesh (MCX) to AP302W.
Validated integration with A3/ExtremeNAC. Requires ExtremeNAC/A3 version 4.0 or higher.

XCC-1341
XCC-1205 XCC-1172
XCC-1130
XCC-979 XCC-971 XCC-957 XCC-956 XCC-880

Changes in 05.36.01.0013
Extreme Campus Controller 5.36.01 packages WiNG 7.6.2.0 image as default image. This AP firmware revision contains the protection for "Fragmentation" (aka "Frag") attacks for WiFi 6 Access Points. Firmware to protect FRAG attacks against WiFi 5 (AP39xx) is in the works and will be made available in a future release.
Corrected device type recognition for device group rules to match and filter intended devices.

I.D XCC-1506

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 2 of 18

Extreme Campus Controller Customer Release Notes

Changes in 05.36.01.0013

I.D

Extreme Campus Controller can detect device type for Apple devices running iOS v14 with build 5.36.01.0013/7.6.2.0-018R. The fix applies to the AP WiNG image and Extreme Campus Controller.

XCC-1407

Corrected the issue that prevented sending Link Aggregation Group (LAG) configuration from XCC-1298 Extreme Campus Controller to Extreme 220 Series switches.

Extreme Networks recommends that you thoroughly review this document prior to installing or upgrading this product.
For the latest firmware versions, visit the download site at: www.extremenetworks.com/support/

FIRMWARE SPECIFICATION:

Status Current Version Previous Version

Version No. V.05.36.02.0011 V.05.36.01.0013

Type Feature Release Feature Release

Release Date June 29, 2021 June 04, 2021

SUPPORTED APPLIANCES, ACCESS POINTS AND SWITCHES:

Product Name Extreme Campus Controller VE6120 VMware Min Supported ESXi version 5.1 or later, (tested 6.7) Extreme Campus Controller VE6120H (Windows server 2016 or later)
Extreme Campus Controller VE6125 Min Supported ESXi version 5.5 or later, (tested 6.7)
Extreme Campus Controller E1120
Extreme Campus Controller E2120
Extreme Campus Controller E2122
Extreme Campus Controller E3120
SA201
APVMAP7 APVMAP7
AP302W-CAN AP302W-FCC AP302W-IL AP302W-WR
AP305C-CAN AP305C-FCC AP305C-IL AP305C-WR

Image ECA-05.36.02.0011-1.dle ECA-05.36.02.0011-1.spe
ECA-05.36.02.0011-1.rse
ECA-05.36.02.0011-1.sme ECA-05.36.02.0011-1.jse ECA-05.36.02.0011-1.wze ECA-05.36.02.0011-1.ose AP391x-10.51.18.0002.img APVMAP7-7.6.3.0-012R.img
AP302W-LEAN-7.6.3.0-012R.img
AP3xxC-LEAN-7.6.3.0-012R.img

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 3 of 18

AP305CX-CAN AP305CX-FCC AP305CX-IL AP305C-WR

Product Name

AP310e-CAN AP310e-FCC AP310e-IL AP310e-WR AP310i-CAN AP310i-FCC AP310i-IL AP310i-WR

AP360e-CAN AP360e-FCC AP360e-IL AP360e-WR AP360i-CAN AP360i-FCC AP360i-IL AP360i-WR

AP3912i-FCC AP3912i-ROW

AP3915e-FCC AP3915e-ROW AP3915i-FCC AP3915i-ROW

AP3916ic-FCC AP3916ic-ROW

AP3916-camera

AP3917e-FCC AP3917e-ROW AP3917i-FCC AP3917i-ROW AP3917k-FCC AP3917k-ROW

AP3935e-FCC AP3935e-ROW AP3935i-FCC AP3935i-IL AP3935i-ROW

AP3965e-FCC

Extreme Campus Controller Customer Release Notes Image
AP3xx-LEAN-7.6.3.0-012R.img
AP3xx-LEAN-7.6.3.0-012R.img
AP391x-10.51.18.0002.img AP391x-10.51.18.0002.img AP391x-10.51.18.0002.img AP3916IC-V1-0-14-1.dlf AP391x-10.51.18.0002.img
AP3935-10.51.18.0002.img AP3935-10.51.18.0002.img

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 4 of 18

Extreme Campus Controller Customer Release Notes

AP3965e-ROW AP3965i-FCC AP3965i-ROW

Product Name

AP410C-CAN AP410C-FCC AP410C-IL AP410C-WR

AP410e-CAN AP410e- FCC AP410e-IL AP410e-WR AP410i-CAN AP410i-FCC AP410i-IL AP410i-WR

AP460C-CAN
AP460C-FCC
AP460C-IL
AP460C-WR
AP460S12C-CAN
AP460 S12C-FCC
AP460 S12C-IL
AP460 S12C-WR
AP460S6C-CAN
AP460S6C-FCC
AP460S6C-IL
AP460S6C-WR
AP460e-CAN AP460e-FCC AP460e-IL AP460e-WR AP460i-CAN AP460i-FCC AP460i-IL
AP460i-WR
AP505i-FCC
AP505i-WR
AP510e-FCC AP510e-WR AP510i-FCC
AP510i-WR
AP560h-FCC AP560h-WR AP560i-FCC
AP560i-WR

06/29/2021 P/N: 9037076-01 F0615-O

Image AP4xxC-LEAN-7.6.3.0-012R.img AP4xx-LEAN-7.6.3.0-012R.img
AP4xxC-LEAN-7.6.3.0-012R.img
AP4xx-LEAN-7.6.3.0-012R.img AP5xx-LEAN-7.6.3.0-012R.img AP5xx-LEAN-7.6.3.0-012R.img AP5xx-LEAN-7.6.3.0-012R.img
Subject to Change Without Notice

Page: 5 of 18

Product Name
Switches
210-12p-10GE2 210-24p-10GE2 210-48p-10GE2 210-12p-10GE2 POE 210-24p-10GE2 POE 210-48p-10GE2 POE
220-12p-10GE2 220-24p-10GE2 220-48p-10GE2 220-12p-10GE2 POE 220-24p-10GE2 POE 220-48p-10GE2 POE
X435-24P/T-4S
X440G2-12t-10G4 X440G2-24t-10G4 X440G2-48t-10G4 X440G2-12t-10G4 POE X440G2-24t-10G4 POE X440G2-48t-10G4 POE
X465_24W X465_48T X465_48P X465_48W X465_24MU X465_24MU_24W
X620-16x

Extreme Campus Controller Customer Release Notes
Image
210-series_V1.02.05.0013.stk fp-connector-3.3.0.4.pyz (cloud connector)
220-series_V1.02.05.0013.stk, fp-connector-3.3.0.4.pyz (cloud connector)
summitlite_arm-30.7.1.1.xos, summitlite_arm30.5.0.259-cloud_connector-3.4.2.6.xmod summitX-30.2.1.8-patch2-5.xos summitX-30.2.1.8-cloud_connector-3.4.1.20.xmod (cloud connector)
onie-30.2.1.8-patch2-5-vpex_controlling_bridge.lst, onie-30.2.1.8-cloud_connector-3.4.1.20.xmod onie-30.2.1.8-patch2-5-vpex_controlling_bridge.lst, onie-30.2.1.8-cloud_connector-3.4.1.20.xmod
summitX-30.2.1.8-patch2-5.xos, summitX-30.2.1.8cloud_connector-3.4.1.8.xmod (cloud connector)

NETWORK MANAGEMENT SOFTWARE SUPPORT
Network Management ExtremeManagementTM Center ExtremeControlTM ExtremeAnalyticsTM ExtremeCloudTM A3 ExtremeCloudTM IQ-Site Engine

8.5.6 or higher 8.5.6 or higher 8.5.6 or higher 4.0 21.4.11 (patch)

Version

Air Defense and Location

ExtremeAirDefenseTM

10.4

ExtremeLocationTM

3.1

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Version
Page: 6 of 18

ExtremeGuest ExtremeGuestTM

Extreme Campus Controller Customer Release Notes

6.0.1.0-001R

Version

Note:
Platform and AP Configuration functions are not supported by ExtremeManagementTM.
Extreme Campus Controller does not yet expose support for ExtremeLocationTM Calibration procedure. ExtremeLocation will work correctly for Zone and Occupancy level analytics but does not fully support Position Tracking with this release. Enhanced support for Position Tracking will be added to a future release of Extreme Campus Controller.

INSTALLATION INFORMATION:

E1120 E2120 E2122 E3120 VE6120/VE6125 VE6120H

Appliance Installations Extreme Campus Controller E1120 Installation Guide Extreme Campus Controller E2120 Installation Guide Extreme Campus Controller E2122 Installation Guide Extreme Campus Controller E3120 Installation Guide Extreme Campus Controller VE6120/VE6125 Installation Guide Extreme Campus Controller VE6120H Installation Guide

Known Restrictions and Limitations:
Known Restriction or Limitation
Certain wireless clients (such as Qualcomm Killer Wireless 1535 and Intel 7265D/8260/8265) have been known to not complete the 4-way handshake in order to fulfill the association process in networks that have both PMF/MFP (802.11w) and Fast-Transition (802.11r [FT]) enabled. The currently recommended workaround is to not enable PMF/MFP configuration on a service that is also using 802.11r. Such clients have been demonstrated to work correctly on services with just 802.11r (FT) enabled.
When infrastructure WLAN, used for connecting client bridge APs, has Quiet IE enable, the client bridge link becomes unstable. It is recomended to disable Quiet IE if a WLAN is used for client bridge connection.
Windows 10 clients are not able to connect to WPA3-Enterprise WLAN, and to WPA2 WLANs with Protected Management Frames required.
ExtremeCloud IQ-Site Engine 21.4.11 or Extreme Management Center 8.5.6 is minimum required revision for representation of Extreme Campus Controller 5.36.01 or later revisions.
A reboot of the peer Extreme Campus Controller is required when Availability is configured for the first time to ensure synchronization of the configuration of

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

I.D nse0003416
XCC-1570 XCC-1569 XCC-1486 ECA-622
Page: 7 of 18

Extreme Campus Controller Customer Release Notes

Known Restriction or Limitation ONBOARD attributes, such as device groups. This issue will be addressed in a future release.
The switch primary/backup availability is not supported on the EXOS switches running the 3.4.1.8 Cloud Connector. This affects the deployments where two appliances are configured in an Availability Pair. If the primary appliance is going down, then the EXOS switches will not send statistics to the backup appliance and will be marked in red "Critical" state. When the primary appliance is coming up again, the switches will resume sending statistics information to the primary appliance and the state of the switch will be marked with a green "Running" state.
Allow UTF-8 characters in JSON payload for all Rest API so non-ASCII / Unicode characters are accepted in Rest API requests to comply with current Rest API standards.
MAC-based authentication and WPA3-Compatibility (SAE or WPA2-PSK) and PMF "Required" may not work. This issue will be addressed in a future release.
AP310 models are not currently supported by ExtremeLocationTM. Do not enable ExtremeLocation settings in the configuration Profile for an AP310 device group. Doing so may have a negative impact on AP performance.
For Extreme Campus Controller configured for authentication of administrators over RADIUS server, the GUI responsiveness may be slow, possibly over 30 seconds if target server(s) are unavailable/unreachable at login time. If outage is extensive, system will eventually timeout to validate against local credentials when provisioned.
For High-Availability installations, on systems configured with RADIUS Accounting or Smart RF enabled, clients (end-systems) may experience a momentary disconnect during the upgrade process (maintenance window). Users immediately reconnect to the available infrastructure, so impact is negligible. For smoother session availability with fast-failover during a failover event, it is recommended to not run these options. This issue is being investigated and will be addressed in a future release.
Upgrade failure will occur when using special characters (escape back slash) in topology.
In SmartRF mode, the AP510 power may temporarily drop to 0dBm and returns to 4dBm.
With on-air-busy channel conditions, it is possible for the ACS not to produce the expected results. In this instance, perform manual channel selection.
Widgets do not show tooltips for lower and upper values. This issue will be addressed in a future release.
Firmware for ExtremeWireless AP3900 series access points does not currently support Smart RF. No Smart RF data is displayed.
Released revisions of Extreme Management Center (XMC) do not recognize the new Extreme Campus Controller (XCC) 5.36.01 revision. ExtremeCloud IQ ­ Site Engine (XIQ-SE) is the defined upgrade path for XMC installations. To properly visualize state of wireless installations and manage policy configuration of an XCC 5.36.01, a minimum revision of XIQ-SE 21.4.11 (patch, available through GTAC) or greater, or a minimum revision of XMC 8.5.6 or greater, is required. We recommend delaying the upgrade of Extreme Campus Controller appliances (physical or virtual) to 5.36.01 until notice of general availability of Extreme Management Center 8.5.6 or confirmation by GTAC on availability of ExtremeCloud

I.D ECA-455
ECA-321 ECA-1961 ECA-1620 ECA-1396 ECA-1264
ECA-466 ECA-469 ECA-528 ECA-567 ECA-1484
Info

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 8 of 18

Extreme Campus Controller Customer Release Notes

Known Restriction or Limitation IQ ­ Site Engine 21.4,11. Both updated revisions are in plan towards the end-of-July 2021 timeline.
Several old Intel clients (i.e. Intel dual band Wireless AC ­ 7260) if they are using old drivers are NOT seeing BSSID / SSID advertising 11x capability. This is a client issue (forward compatibility). Other older clients may have this issue.

See: [https://www.intel.com/content/www/us/en/support/articles/000054799/network-and-io/wireless-networking.html|http://example.com] See KB: [https://gtacknowledge.extremenetworks.com/articles/Solution/AP510-Unable-to-seethe-SSID-on-my-laptop|http://example.com] NB ­ The client driver update must be done from Intel\drivers' site because the Windows update reports that the client is running the latest driver. If the client driver cannot be controlled (in a BYOD environment), then the AP radios must be configured on a/n/ac (disable ax) until all clients will upgrade to the latest driver.
Default router/gateway should be configured with a next-hop associated with one of the physical interfaces. Pointing the default route to the Admin interface will lead to issues because access points will not get the correct services from the data plane. We recommend setting the default route via data ports, and if necessary, configuring static routes on the Admin port for administration level access.
Before installing a new Extreme Campus Controller license, you must configure Network Time Protocol (NTP) Server settings. Licensing management is dependent on accurate NTP configuration. Configure NTP via the Extreme Campus Controller initial Configuration Wizard, or go to Admin > System > Network Time to configure and verify the NTP settings.
For AP deployments in remote locations where access points and controllers may need to be discovered and connected over firewalls, a best practice is to leverage DNS or DHCP Option 60/43 methods for zero-touch-provisioning discovery. These methods provide direct connectivity to the defined IP address. DHCP Option 78, which refers to the controller as a Service Location Protocol ­ Directory Agent (SLPDA), requires the exchange of SLP protocol between the AP and the appliance at the core, necessitating that UDP 427 be allowed by any firewall in the path. For such installations, discovery over DHCP Option 78 assist is not recommended. When using SLP, for an AP to establish connection with a controller, it must first exchange SLP Directory Agent registration before IPSEC establishment with the eventual controller. That means that SLP UDP 427 must be open along the path. Further issues can occur if Network Address Translation (NAT) is involved. While this method is popular and widely deployed within a homogenous campus, it may result in inadvertent complications for remote connections. Therefore, it should not be used in favor of an alternate method (DHCP 60/43, DNS, or static override).
When configuring system for NTP time assignment, ensure that the NTP server is properly configured. Incorrect time settings (like timestamps far in the future) may adversely affect system operation, such as certificate expiration that may trigger failures in device registration or system instability.
Appliances in a High-Availability pair must be of the same model and at the same exact software revision (and time synched) for configuration synchronization to propagate to the peer. During the upgrade process of a High-Availability pair, any configuration changes made while only one appliance has been upgraded (and therefore resulting in a version mismatch) will not be propagated until the peer is

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

I.D Info
Info Info Info
Info nse0003696
Info nse0005086
Page: 9 of 18

Extreme Campus Controller Customer Release Notes

Known Restriction or Limitation correspondingly upgraded to the same revision. We recommend that you NOT perform configuration changes to one of the members of a High-Availability pair while the peer has a different software revision.
For High-Availability configurations, during upgrade phases or configuration restore operations, wait until the availability link is established and synchronized before attempting to make any new configuration changes. The Availability status will only re-establish to Synched status when both appliances are running the exact same firmware revision.
During upgrade periods, the Availability link will only re-establish when both the appliance status of availability link and synchronization status can be found. Go to: · "Network Health" widget on the Dashboard, or · Administration -> System -> Availability
Recommendation settings for setup of redundant RADIUS server authentication: · Response Window to 5s [Default: 20s] · Revival Interval to 10s [Default: 60s]

I.D Info ECA-776
Info ECA-875

SUPPORTED WEB BROWSERS
For Extreme Campus Controller management GUI, the following Web browsers were tested for interoperability:
· Firefox 81.0 · Google Chrome 86.0 Note: Microsoft IE browser is not supported for UI management.

The Wireless Clients (Captive Portal, AAA):

Browsers Chrome

Version 75.0.37770.142

Microsoft IE

11

Microsoft Edge Firefox Safari Safari

42.17134 68.0 Preinstalled with iOS 12.2 Preinstalled with iOS 9.3.5

OS Windows 7 Windows 10
Windows 7 Windows 8.1 Windows 10
Windows 10
Windows 10
iOS 12.2
iOS 9.3.5

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 10 of 18

Extreme Campus Controller Customer Release Notes

PORT LIST

The following list of ports may need to remain open so that the Appliances and APs will function properly on a network that includes protection equipment like a firewall.

Extreme Campus Controller TCP/UDP Port Assignment Reference

Comp. Source

Comp. Dest

Protocol Src (TCP/UDP) Port

Dest Port

Service

Ports for AP/Appliance Communication

Remark

Open Firewall Req'd

Appliance Access Point

UDP

Any 13910

Access Appliance Point

UDP

Any 13910

Appliance Access Point

UDP

4500 Any

Access Appliance Point

UDP

Any 4500

Access Point
Access Point

Appliance Appliance

UDP UDP

Any 13907

Any

67

Access Appliance Point

UDP

Any

68

Access Appliance Point

UDP

Any 427

Appliance Access TCP/UDP Any

69

Point

Access Appliance TCP/UDP Any

69

Point

Appliance Access TCP/UDP Any

22

Point

Any

Access

TCP

Any 2002,

Point

2003

WASSP
WASSP
Secured WASSP Secured WASSP WASSP DHCP Server DHCP Server
SLP TFTP TFTP SCP RCAPD

Management and Data Tunnel
between AP and Appliance
Management and Data Tunnel
between AP and Appliance
Management Tunnel between AP
and Appliance
Management Tunnel between AP
and Appliance
AP Registration to Appliance
If Appliance is DHCP Server for
AP
If Appliance is DHCP Server for
AP
AP Registration to Appliance
AP image transfer

Yes
Yes
Optional Optional
Yes Optional Optional Optional
Yes

AP image transfer Yes

AP traces

Yes

AP Real Capture (if Optional enabled)

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 11 of 18

Extreme Campus Controller Customer Release Notes

Comp. Source
Any Any Any
Any Any Any Any Any
Any Any Any Any Any Any
Appliance Appliance Appliance Appliance

Comp. Dest

Protocol Src (TCP/UDP) Port

Dest Port

Service

Remark

Access TCP/UDP Any

22

Point

SSH

Remote AP login (if enabled)

Access TCP/UDP Any 445 Point

Microsoft CIFS

LDAP support

Access TCP/UDP Any 137,

Point

138,

139

NetBIOS

LDAP support

Ports for Appliance Management

Appliance TCP/UDP Any

22

SSH

Appliance CLI access

Appliance TCP/UDP Any 5825

HTTPS

Appliance GUI access

Appliance TCP/UDP Any 161

SNMP

Appliance SNMP access

Appliance TCP/UDP Any

162 SNMP Trap Appliance SNMP access

Appliance

TCP

Any

80

HTTP

Appliance SNMP access ICP Self
Registration

Appliance

TCP

Any 443

HTTPS

ICP Self Registration

Appliance UDP

500 500

IKE

IKE phase 1

Appliance TCP/UDP Any

69

TFTP

TFTP support

Appliance UDP

Any 4500

IPSec

IPSec NAT traversal

Appliance UDP

Any 13907 Discovery Used by Discovery

Appliance UDP

Any 13910 WASSP

Used by L3 WASSP

Ports for Inter Controller Mobility1 and Availability

Appliance UDP

Any 13911 WASSP

Mobility and Availability Tunnel

Appliance

TCP

Any 427

SLP

SLP Directory

Appliance

TCP

Any 20506 Langley

Remote Langley Secure

Appliance

TCP

Any 60606 Mobility

VN MGR

Open Firewall Req'd Optional Optional Optional
Yes Yes Yes Yes Yes
Yes Yes Yes Yes Yes Yes
Yes Yes Yes Yes

1For extension of ExtremeWireless deployment via Inter Controller Mobility.

06/29/2021 P/N: 9037076-01

Subject to Change Without Notice

F0615-O

Page: 12 of 18

Extreme Campus Controller Customer Release Notes

Comp. Source

Comp. Dest

Appliance Appliance

Appliance
DHCP Server

DHCP Server
Appliance

Appliance Appliance

DNS Server
Syslog Server

Appliance RADIUS Server

Appliance Appliance

RADIUS Server
RADIUS server

Appliance
Dynamic Auth. Server (NAC)
Appliance

RADIUS server
Appliance
AeroScout Server

AeroScout Appliance Server

Appliance Extreme Cloud IQ

Protocol (TCP/UDP)
TCP

Src Port
Any

Dest Port
123

UDP

Any

67

UDP

Any

68

Service NTP SLP SLP

Core Back-End Communication

UDP

Any

53

DNS

UDP

Any 514

Syslog

UDP
UDP UDP
UDP UDP

Any 1812 RADIUS Authenticatio n and Authorization

Any 1813 RADIUS Accounting

Any 1814 RADIUS Authenticatio n and Authorization

Any 1815 RADIUS Accounting

Any 3799

DAS

UDP UDP TCP

1144 12092 12092 1144
Any 443

Location Based Service Proxy
Location Based Service Proxy
NSight

Remark
Availability time sync
Asking DHCP Server for SLP DA RespoECA from DHCP Server for
SLP DA request
If using DNS
If Appliance logs to external syslog server If using RADIUS AAA
If enabled RADIUS accounting
If using RADIUS AAA
If enabled RADIUS Accounting
Request from DAS client to disconnect
a specific client
Aeroscout Location-Based
Service
Aeroscout Location-Based
Service
Statistics Report into ExtremeCloud
IQ

Open Firewall Req'd
Yes Yes Yes
Optional Optional Optional
Optional Optional
Optional Optional
Optional
Optional
Yes

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 13 of 18

Extreme Campus Controller Customer Release Notes

IETF STANDARDS MIB SUPPORT:

RFC No. Draft version of 802.11 1213 1573 1907 1493 2674 2674

Title IEEE802dot11-MIB RFC1213-MIB IF-MIB SNMPv2-MIB BRIDGE-MIB P-BRIDGE-MIB Q-BRIDGE-MIB

Groups Supported
Most of the objects supported ifTable and interface scalar supported System scalars supported EWC supports relevant subset of the MIB EWC supports relevant subset of the MIB EWC supports relevant subset of the MIB

EXTREME NETWORKS PRIVATE ENTERPRISE MIB SUPPORT
Extreme Networks Private Enterprise MIBs are available in ASN.1 format from the Extreme Networks website at: https://extremeportal.force.com/.

Standard MIBs
Title IEEE802dot11-MIB RFC1213-MIB.my IF-MIB SNMPv2-MIB BRIDGE-MIB P-BRIDGE-MIB Q-BRIDGE-MIB

Description Standard MIB for wireless devices Standard MIB for system information Interface MIB Standard MIB for system information VLAN configuration information that pertains to EWC VLAN configuration information that pertains to EWC VLAN configuration information that pertains to EWC

Siemens Proprietary MIB

Title HIPATH-WIRELESS-HWC-MIB.my
HIPATH-WIRELESS-PRODUCTS-MIB.my HIPATH-WIRELESS-DOT11-EXTNS-MIB.my
HIPATH-WIRELESS-SMI.my

Description
Configuration and statistics related to EWC and associated objects
Defines product classes
Extension to IEEE802dot11-MIB that complements standard MIB
Root for Chantry/Siemens MIB

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 14 of 18

Extreme Campus Controller Customer Release Notes

802.11AC AND 802.11N CLIENTS

Please refer to the latest release notes for ExtremeWirelessTM 10.41.09 or later and/or ExtremeWireless WiNG 5.9.02 or later for the list of compatibility test devices.

RADIUS SERVERS AND SUPPLICANTS RADIUS Servers Used During Testing

Vendor FreeRADIUS
FreeRADIUS IAS
SBR50 NPS

1.1.6

Model OS

1.0.1

5.2.3790.3959

6.1.6 6.0.6002.18005

Version FreeRADIUS FreeRADIUS Microsoft Server 2003 IAS SBR Enterprise edition Microsoft Server 2008 NPS

802.1x Supplicants Supported

Vendor

Model OS

Juniper Networks® / Funk Odyssey client

Version Version 5.10.14353.0 Version 5.00.12709.0

Version 4.60.49335.0

Wireless Zero Configuration

Version Windows XP-4K891859-Beta1

Microsoft®

Wireless Network Connection Configuration
Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) update for Windows XP with Service Pack 2

Version Microsoft Window Server 2003, Enterprise Edition R2 SP2
Version WindowsXPKB893357-v2-x86-ENU.exe

Intel®

Intel PRO Set/Wireless

Version 13.0.0.x (with Windows® Intel® driver version 13.0.0.x)

Microsoft® Wireless Zero

Windows 7, 8, 8.1 Pro, 10 Pro
Windows Phone 8.1, Windows Mobile 10

Provided with Windows®

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 15 of 18

Appliance LAN Switch Verification

Extreme Campus Controller Customer Release Notes

Vendor

Model OS

Version

Role

Extreme Extreme Extreme Extreme
Extreme Extreme Extreme Extreme Extreme Cisco

X-460-G2

12.5.4.5

ECA connection

X440G2-48p-10G4 21.1.1.4

ECA connectivity

Summit 300-48

7.6e1.4

ECA connection

VSP-4850GTS-PWR (6.0.1.1_B003) (PRIVATE)Â HW ECA connection Base: ERS 4850

K6

 08.63.02.0004

ECA connection

K6

08.42.03.0006

ECA connection

X440G2-48p-10GE4 21.1.5.2

ECA connection

X440-G2-12p

21.1.1.4

ECA connection

X460-48p

12.5.4.5

ECA connection

Catalyst 3550

12.1(19)EA1c

ECA connection

CERTIFICATION AUTHORITY

Server Vendor Microsoft CA Microsoft CA OpenSSL

Model OS

Version

Windows Server 2003 Enterprise Edition 5.2.3790.1830

Windows Server 2008 Enterprise Edition 6.0

Linux

1.1.1g

RADIUS ATTRIBUTES SUPPORT

RADIUS Authentication and Authorization Attributes

Attribute Called-Station-Id Calling-Station-Id Class EAP-Message Event-Timestamp Filter-Id Framed-IPv6-Pool Framed-MTU Framed-Pool Idle-Timeout

RFC Source RFC 2865, RFC 3580 RFC 2865, RFC 3580 RFC 2865 RFC 3579 RFC 2869 RFC 2865, RFC 3580 RFC 3162 RFC 2865, RFC 3580 RFC 2869 RFC 2865, RFC 3580

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 16 of 18

Extreme Campus Controller Customer Release Notes

Attribute Message-Authenticator NAS-Identifier NAS-IP-Address NAS-IPv6-Address NAS-Port NAS-Port-Id NAS-Port-Type Password-Retry Service-Type Session-Timeout State Termination-Action Tunnel Attributes User-Name Vendor-Specific

RFC Source RFC 3579 RFC 2865, RFC 3580 RFC 2865, RFC 3580 RFC 3162 RFC 2865, RFC 3580 RFC 2865, RFC 3580 RFC 2865, RFC 3580 RFC 2869 RFC 2865, RFC 3580 RFC 2865 RFC 2865 RFC 2865, RFC 3580 RFC 2867, RFC 2868, RFC 3580 RFC 2865, RFC 3580 RFC 2865

RADIUS Accounting Attributes

Attribute Acct-Authentic

RFC 2866

Acct-Delay-Time

RFC 2866

Acct-Input-Octets

RFC 2866

Acct-Input-Packets

RFC 2866

Acct-Interim-Interval

RFC 2869

Acct-Output-Octets

RFC 2866

Acct-Output-Packets

RFC 2866

Acct-Session-Id

RFC 2866

Acct-Session-Time

RFC 2866

Acct-Status-Type

RFC 2866

Acct-Terminate-Cause

RFC 2866

RFC Source

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 17 of 18

Extreme Campus Controller Customer Release Notes

GLOBAL SUPPORT: By Phone: +1 800-998-2408 (toll-free in U.S. and Canada)
For the toll-free support number in your country: https://extremeportal.force.com/

By Email: [email protected]

By Web: https://extremeportal.force.com/

By Mail:

Extreme Networks, Inc. 6480 Via Del Oro San Jose, CA 95119 USA

For information regarding the latest software release, recent release note revisions and documentation, or if you require additional assistance, please visit the Extreme Networks Support website.
Extreme Networks and the Extreme Networks logo are trademarks or registered trademarks of Extreme Networks, Inc. in the United States and/or other countries. All other names (including any product names) mentioned in this document are the property of their respective owners and may be trademarks or registered trademarks of their respective companies/owners. Extreme Networks IPS includes software whose copyright is licensed from MySQL AB.
For additional information on Extreme Networks trademarks, please see: www.extremenetworks.com/company/legal/trademarks/

06/29/2021 P/N: 9037076-01 F0615-O

Subject to Change Without Notice

Page: 18 of 18


ExtremeNetworks Adobe PDF Library 21.5.80

Search Any Device: