This is awesome news!
Wonderful version.
For my company it is very stable.
Alias, prediction of having it as stable?
It will be once a certain percentage of us use it, we run v16 on all our MXs bar one that runs v17 to test the IPv6 features.
Does that mean we're getting closer to paid Anyconnect?
>Does that mean we're getting closer to paid Anyconnect?
It's the same AnyConnect licences you already need to use it ... it's just on an honesty basis.
As per that BU, there won't be any license validation on the Dashboard, so as @PhilipDAth already said, it's still the trust based model.
Of course, this could change in the fututure. 😉
Hello, we have had a problem with the last upgrade to this version (MX 15.43 → MX 16.14).
Later than the upgrade we had several problems with the traffic between this SPOKE and the HUB. Concretly, the problems were found in Lan2Lan traffic, we didn't have traffic from LAN of Spoke to the LAN (servers) in the HUB.
Another problem that we found was with the NBAR applicattion: we don't know why this application recognized the local destination with IP 192.168.1.X as a Facebook traffic. We had to delete the Facebook layer 7 rule.
Finally, to resolve the problem, we had to do the rollback. Is it possible that 16.14 version has another bug?
for the time being, we have the automatic updates stopped.
Kind regards
Was 16.14 pulled? I no longer see it as an option to upgrade our devices.
Hello, it's still on stable release candidate.
Hello, it's still on stable release candidate.
Hello @cmr
On MX15.x release notes I can see this :
"
But I don't see this in 16.14, does it mean it doesn't validate the remote ID parameter strictly any more ?
@jay_b I don't know for sure, but I'd be willing to bet that this has carried forward and is only not noted due to it not being a new feature.
This is correct - between MX14 and MX15, we changed to a new IKE/IPsec management process, which lead to the stricter requirements
Any idea you could implement a debugging feature for the authentication part of IKE and perhaps more debugging for re-key phases? We can't use packet captures for this because the authentication messages are encrypted so we don't know how the remote IKE ID arrives and how we send the local IKE ID.
Yes, talks have been in the works for a while about this. Trust me, Support wants this as much as anyone, but we also need to make sure it's done right.
Oh god, yes, please!
I suspect this isn't as sexy as writing new features, or mundane as fixing bugs, so is less attractive for the developers to do.
Hello!
What's the difference between 16.14 and 16.14?
The beta simply moved to stable release candidate after enough stable deployments were seen
yes, but all my environment were with 16.14 version, and suddenly the new version appears and old version is excluded!
Its complicated.
@ViniciusFranca you can get support to install a non-current release, but why would you?
We have observed the issue after upgrading our MX400 (hub) on verison16.14. Post upgrade we had observed problem where the MX looks to performed a software initiated reboot intermittently. we also make our spare MX as primary but It did not resolve the problem. At last we had to roll back to version 14.53 and device seems to stable.
Does any one faced same issue ? or 16.14 version has a bug ?