| Issue ID | Description |
|---|---|
|
CFD-13082 (03046606) |
Addressed the issue where AP305C and AP410C reported a +2 dBm
transmit power control (TPC) value for the WIFI1 interface in
packet captures, while the correct value was displayed via the
AP CLI commands |
|
CFD-14035 (03098163) |
Addressed the issue where SNMP polling stopped working on AP3000 after an AP reboot in environments that also use ExtremeCloud IQ-SE. After rebooting, ExtremeCloud IQ-SE displayed the AP as disconnected and SNMP polling failed. The root cause was incorrect SNMPv3 user creation on the AP after reboot. |
|
CFD-14600 (03141235) |
Addressed the issue where a RADIUS user with no Filter-Id attribute was incorrectly assigned the user profile of a previously authenticated user who had a Filter-Id on a WPA2/802.1x CCMP SSID. The AP cached the user profile ID (UPID) from the previous authenticated session and applied it to the subsequent client authentication even when RADIUS returned no Filter-Id. |
|
CFD-15880 (000131745) |
Addressed the issue where the SNMP process failed intermittently on AP5020 devices running IQ Engine 10.8.2a. The failure persisted after AP reboots and full configuration pushes, and generated core dumps when the process crashed. |
|
CFD-15948 (03202131) |
Addressed the issue where Windows clients failed to connect to a WPA3 SSID on AP410C running IQ Engine 10.8.5, both with and without WPA3 transition mode enabled. macOS clients were not affected. Standard WPA-PSK support was added for Windows client compatibility in WPA3 transition mode. |
|
CFD-16013 (03223115, 03231632, 03233679, 03226780) |
Addressed the issue where Windows 11 clients could not connect to an 802.1x SSID when the AP acting as the RADIUS server ran firmware 10.8.5. Clients on Android and iOS connected successfully. The issue was specific to the RADIUS server AP running 10.8.5. The OpenSSL TLS version for the FreeRADIUS application was restricted to TLS 1.2 to resolve the issue. |
|
CFD-16019 (03213922) |
Addressed the issue where the AP sent a disassociate frame to a client that was actively attempting to reassociate after roaming, when the External Captive Web Portal (ECWP) Fallback option was enabled with MAC authentication. This caused frequent reconnection failures. The issue was specific to AP410C; the behavior was not observed when roaming between AP4000 units. |
|
CFD-16085 (03225809) |
Addressed the issue where the client count displayed in in ExtremeCloud IQ was incorrect for some APs. The AP reported the correct number of connected clients, but ExtremeCloud IQ displayed only one active client. The issue occurred in environments with both ExtremeCloud IQ-SE-managed and standard cloud-managed APs, and was caused by the DCD library not being initialized correctly. |
|
CFD-16175 (03230588) |
Addressed the issue where the QoS rate limit for upstream traffic was not enforced on AP5020 devices running IQ Engine 10.8.5. Downstream rate limiting and upstream rate limiting on AP4000 functioned correctly under the same configuration. The forwarding engine failed to detect the QoS flag on upstream packets, causing them to bypass the configured rate limit. |
|
CFD-16492 (03240753) |
Addressed the issue where the |
|
CFD-16508 (03220996, 03243636) |
Addressed the issue where port-based 802.1X authentication failed on APs running firmware 10.8.5 and 10.8.6. An OpenSSL upgrade caused the AP supplicant to fail when loading the private key, which caused EAP-TLS initialization to fail and authentication to be aborted. The fix loads the private key in the application and attaches it directly to the SSL object. |
|
CFD-16517 (03240349, 03241206) |
Addressed the issue where refreshing or navigating the AP web UI caused a CGI 500 Internal Error and restarted the php-cgi process on APs running IQ Engine 10.8.5 and 10.8.6. The issue was caused by a missing PHP 8 fix and increased memory usage by the PHP 8 process, which caused the process manager to terminate php-cgi when memory exceeded the configured limit. |
|
CFD-16706 (03250843) |
Addressed the issue where the authentication process on AP410C devices running IQ Engine 10.8.6 crashed when memory usage gradually increased beyond 20 MB. The crashes caused frequent connection failures on 802.1x eduroam SSIDs and occurred even when no clients were actively connected to the AP. |
|
CFD-16974 (03262594) |
Addressed the issue where the word "accounting" was misspelled as "accouting" in the AP log message for accounting interim update packets. |
|
HOS-23531 |
Addressed the issue where wireless clients connected with 802.11w (MFP) protection enabled were disconnected by deauthentication attacks. When Management Frame Protection (MFP) was configured in mandatory mode on WPA2 or WPA3 SSIDs, forged deauthentication frames from an attacker could still cause clients to disconnect, even though MFP is designed to protect against such attacks. This issue affected multiple AP models (AP510C, AP650, AP460S6C) and client operating systems (Windows, Apple, Android). This fix ensures that MFP-protected clients correctly ignore forged deauth frames and maintain their connection during deauthentication attacks. |