1.0 Executive Summary

This document addresses a critical issue affecting the Cisco SG350X-48MP Small Business switch model where all Power over Ethernet (PoE) functionality ceases after upgrading the device firmware to version 2.5.9.18. This issue has been observed to be model-specific, as other switches in the same product family, such as the SG350X-24P, continue to operate correctly on the same firmware version. The root cause appears to be a regression bug in firmware 2.5.9.18 that specifically impacts the PoE subsystem of the 48-port high-power (MP) models.

The immediate and confirmed solution is to perform a firmware downgrade on the affected SG350X-48MP switch to a known stable version, such as 2.5.8.13. This document provides a detailed analysis of the problem, step-by-step instructions for the downgrade procedure, and recommendations for long-term management.

2.0 Affected Products

• Primary Affected Model: Cisco SG350X-48MP
• Problematic Firmware Version: 2.5.9.18
• Known Stable Firmware Version: 2.5.8.13 (and likely other preceding versions)

Note: While the report specifically identifies the SG350X-48MP, other high-density 48-port PoE models within the 350X and 550X series running this firmware version may be susceptible and should be monitored closely.

3.0 Problem Description and Symptoms

Network administrators will observe the following symptoms immediately after upgrading an SG350X-48MP switch to firmware version 2.5.9.18:

• Total PoE Outage: No power is delivered to any connected Powered Devices (PDs), such as IP phones, wireless access points, or security cameras.
• GUI/CLI Status Mismatch: The switch’s management interface (Web GUI or CLI) may show that PoE is administratively enabled on the ports, but the operational status will indicate no power delivery. Power allocation and consumption metrics will read zero.
• Physical Indicators: The PoE status LEDs on the switch’s front panel for all ports will remain unlit, even when a compliant PD is connected.
• Troubleshooting Ineffectiveness: Standard troubleshooting steps, including rebooting the switch, disabling/re-enabling PoE on individual ports, and changing PoE settings (e.g., class, priority), will have no effect.
• Issue Persistence: The problem is directly tied to the firmware and will persist through reboots until the firmware is changed.

4.0 Root Cause Analysis

The evidence strongly suggests a firmware-specific software defect. The fact that the SG350X-24P model works correctly on the same firmware indicates the bug is not in the core PoE protocol stack but likely resides in the low-level driver or Hardware Abstraction Layer (HAL) that interacts with the PoE controller hardware.

The SG350X-48MP, with its larger port count and significantly higher 740W power budget, utilizes a more complex PoE hardware architecture than the smaller 24-port models. It likely employs multiple PoE controller chipsets to manage power distribution across all 48 ports. The bug in version 2.5.9.18 appears to cause a failure in the initialization or communication with this specific hardware configuration, resulting in a complete failure of the PoE subsystem upon boot. The downgrade to version 2.5.8.13 resolves the issue because that version contains the correct, stable driver for the SG350X-48MP’s hardware.

5.0 Recommended Solution: Firmware Downgrade Procedure

The following steps provide the immediate workaround to restore PoE functionality. It is critical to follow these instructions carefully.

Prerequisite: Download the stable firmware image (e.g., Sx350x_2.5.8.13.stk) from the official Cisco Software Download page for your device.

Step 1: Backup Current Configuration
Before any firmware change, it is a critical best practice to back up your switch’s configuration.

1. Navigate to Administration > File Management > Copy/Save Configuration.
2. Select Source File Name: Running Configuration.
3. Select Destination File Name: startup-config (to save running to startup). Click Apply.
4. Next, to save the file externally, select Administration > File Management > Backup/Restore Configuration.
5. Under the Backup section, select HTTP/HTTPS as the transfer method.
6. Click Apply and save the configuration file (config.txt) to a safe location on your local machine.

Step 2: Upload the Stable Firmware Image

1. Navigate to Administration > File Management > Firmware Operations.
2. Under Operations, select Upgrade Firmware.
3. For File Name, click Browse and select the stable firmware file (Sx350x_2.5.8.13.stk) you downloaded.
4. Click Apply to begin the upload process. This may take several minutes. Do not interrupt the process or power off the switch.

Step 3: Change the Active Firmware Image
Once the upload is complete, the new firmware will be stored in the non-active image partition. You must manually set it to be the active image for the next boot.

1. In the Firmware Operations page, you will see two images listed (e.g., Image 1 and Image 2).
2. Identify the newly uploaded version (2.5.8.13). It will be marked as Inactive.
3. Select the radio button next to the 2.5.8.13 image.
4. From the Active Image After Reboot dropdown menu, ensure the correct image (e.g., Image 2 if that’s where it was loaded) is selected.
5. Click Apply. A confirmation pop-up will appear; confirm the change.

Step 4: Reboot the Switch
The firmware change only takes effect after a reboot.

1. Navigate to Administration > Reboot.
2. Ensure Clear Startup Configuration File is NOT checked.
3. Click Reboot. The switch will now restart and boot using the 2.5.8.13 firmware.

Step 5: Verification
After the switch comes back online:

1. Log in to the Web GUI and navigate to Administration > System Settings to confirm the Firmware Version is now 2.5.8.13.
2. Connect a known-good PoE device (e.g., an IP phone).
3. Verify that the device powers on and that the PoE LED for the corresponding port on the switch is illuminated.
4. Navigate to PoE > Properties to check the global PoE status and power consumption, which should now reflect active devices.

6.0 Long-Term Strategy and Recommendations

While the downgrade provides an immediate fix, it is not an ideal long-term solution as it may lack recent security patches.

• Avoid Problematic Firmware: Do not deploy firmware version 2.5.9.18 on any SG350X-48MP switches or other potentially affected models.
• Monitor for Updates: Cisco will likely address this bug in a subsequent firmware release (e.g., 2.5.9.xx or later). Regularly check the Cisco Software Download page for a new version and review the release notes specifically for a fix related to “PoE failure on 48-port models.”
• Open a TAC Case: For customers with an active support contract, it is recommended to open a formal case with the Cisco Technical Assistance Center (TAC) to report the issue. This ensures the bug is officially tracked and prioritized for a fix.
• Test in a Lab Environment: Before deploying any new firmware in a production environment, always test it on a non-critical device to validate core functionalities like PoE.