MX 17 enters Beta: 17.3 has been released

CptnCrnch
Kind of a big deal
Kind of a big deal

MX 17 enters Beta: 17.3 has been released

Security appliance firmware versions MX 17.3 changelog

Important notice

  • This is an early-phase beta version for the MX 17 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 15 or MX 16 releases will provide a more stable upgrade alternative. Additionally, while firmware support for several new features is available, it will be some time before all are available for configuration within the Meraki Dashboard.
  • While Meraki appliances have traditionally relied on UDP port 7351 for cloud communication and TCP ports 80 and 443 for backup communications, with MX 16 we are beginning a transition to using TCP port 443 as the primary means for cloud connectivity. In order to ensure proper connectivity to the Meraki cloud after this upgrade, please ensure that traffic using TCP port 443 between 209.206.48.0/20 is allowed through any firewalls that may be deployed upstream of your Meraki appliances.
  • HTTP proxy, which allows default management traffic from MX appliances to be sent through a proxy, is deprecated on MX 16 and higher firmware versions.
  • The transition to Cisco Talos intelligence for our content filtering services means that some URL categories have changed names, some categories are no longer available, and multiple new categories are now available. Please review your configuration after upgrading to ensure content filtering is effectively tailored to your needs and deployment environment.

Legacy products notice

  • When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.56.
  • When configured for this version, MX400 and MX600 devices will run MX 16.14.

New features

  • Content Filtering is now powered by Talos Intelligence.
  • Added firmware support for core IPv6 support. This will be available to enable later in November.
  • Added firmware support for Mandatory DHCP.
  • Added firmware support for configuring how flows on a secondary uplink should be handled after the primary WAN uplink becomes available again.

Known issues

  • After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions
  • Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page
  • Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.
  • BGP-learned routes may not be properly reflected in the Route Table page on the Meraki Dashboard, despite BGP and packet routing operating correctly.
  • Due to an MX 17 regression, USB cellular modems cannot currently be utilized for primary or backup connectivity.
  • Due to an MX 17 regression, MX67C, MX68CW, and Z3C appliances using integrated cellular modems may need to be rebooted to establish connectivity after upgrading to MX 17.
  • MX84 and MX100 appliances have significantly reduced VPN throughput.
  • There is an increased risk of encountering device stability and performance issues on all platforms and across all configurations.
5 REPLIES 5
cmr
Kind of a big deal
Kind of a big deal

Please note that if you are in the closed MX IPv6 beta program, you should not upgrade to this public beta version.

MilesMeraki
Head in the Cloud

Do you know when the ability to use madatory DHCP and WAN failover threshold configuration will be available for this beta version?

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)

This is currently gated. If you wish, you can call support to enable this in your organization.

PhilipDAth
Kind of a big deal
Kind of a big deal

"Added firmware support for configuring how flows on a secondary uplink should be handled after the primary WAN uplink becomes available again."

 

Where can this be configured?

This feature is called the "Enhanced WAN failover and failback". Only enabled via Meraki support.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels