New MX 16.16.2 stable release - fix for interface flapping on smaller MXs and more

Kind of a big deal
Kind of a big deal

New MX 16.16.2 stable release - fix for interface flapping on smaller MXs and more

Security appliance firmware versions MX 16.16.2 changelog

Important notice

  • While Meraki appliances have traditionally relied on UDP port 7351 for cloud communication and TCP ports 80 and 443 for backup communications, with MX 16 we are beginning a transition to using TCP port 443 as the primary means for cloud connectivity. In order to ensure proper connectivity to the Meraki cloud after this upgrade, please ensure that traffic using TCP port 443 between is allowed through any firewalls that may be deployed upstream of your Meraki appliances.
  • HTTP proxy, which allows default management traffic from MX appliances to be sent through a proxy, is deprecated on MX 16 and higher firmware versions.

Legacy products notice

  • When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.56.

Bug fixes

  • Resolved an MX 16.16 regression that resulted in Event Log messages for Source IP and/or VLAN mismatch events not populating correctly.
  • Corrected an issue that could result in spurious error messages being generated in the Windows Event Log when Active Directory group policy integration was configured with MX appliances.
  • Resolved a rare case that could result in a device reboot when FTP traffic was present in the network.
  • Corrected several issues that could result in wireless clients being unable to successfully connect and communicate on the network.
  • Fixed an issue on MX67(C,W), MX68(W,CW), MX75, and MX85 appliances that could cause ports to occasionally disconnect and reconnect (“flap”) when connected to some devices.
  • Resolved an issue that could result in the power LED on MX95 and MX105 erroneously not being set to white.
  • Update the AnyConnect VPN service

Known issues

  • After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions
  • Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems
  • Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page
  • Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.
Getting noticed

I was really hoping to see the observed/reported NBAR and Site to Site VPN issues addressed.   I'll keep hoping

A model citizen

Me too, L7 NBAR blocking is nothing but a pain.  Need to be able to add ALLOW rules and specify src/dst to make it useable

Here to help

Same here. Has it been noted as a known bug anywhere? It's causing us a lot of issues with shadowing PCs on VPN

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.