New MX 18.102 beta firmware - AutoVPN fix, see below and in the firmware blog

cmr
Kind of a big deal
Kind of a big deal

New MX 18.102 beta firmware - AutoVPN fix, see below and in the firmware blog

Security appliance firmware versions MX 18.102 changelog

Important notice

  • While Meraki appliances have traditionally relied on UDP port 7351 for cloud communication and TCP ports 80 and 443 for backup communications, with MX 16 we are beginning a transition to using TCP port 443 as the primary means for cloud connectivity. In order to ensure proper connectivity to the Meraki cloud after this upgrade, please ensure that traffic using TCP port 443 between 209.206.48.0/20 is allowed through any firewalls that may be deployed upstream of your Meraki appliances.
  • HTTP proxy, which allows default management traffic from MX appliances to be sent through a proxy, is deprecated on MX 16 and higher firmware versions.
  • The transition to Cisco Talos intelligence for our content filtering services means that some URL categories have changed names, some categories are no longer available, and multiple new categories are now available. Please review your configuration after upgrading to ensure content filtering is effectively tailored to your needs and deployment environment.

Legacy products notice

  • When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.56.
  • When configured for this version, MX400 and MX600 devices will run MX 16.16.6.

New features

  • Added IPv6 support for AMP and ThreatGrid.

Bug fixes

  • Corrected a rare issue that resulted in AutoVPN connectivity failing to form when cellular active uplink was configured.
  • Performance and traffic reliability improvements.
  • Resolved an issue that resulted in IPv6 traffic from client VPN and AnyConnect clients would always go out WAN 1.
  • Stability improvements for MX67(C,W), MX68(W,CW), MX75, MX85, and vMX appliances.
  • Fixed an issue that could result in IPv4 eBGP routes not showing status in the Route table page on Dashboard.
  • Corrected an issue that could result in scheduled group policy firewall rules still being enforced when outside of the scheduled time.
  • Resolved an issue that could result in period packet loss on Z3(C) appliances when 802.1X port authentication was configured.

Known issues

  • After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions
  • Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page
  • Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.
  • There is an increased risk of encountering device stability and performance issues on all platforms and across all configurations.
If my answer solves your problem please click Accept as Solution so others can benefit from it.
3 Replies 3
CptnCrnch
Kind of a big deal
Kind of a big deal

Tried upgrading but for whatever reason, outbound web traffic was not possible anymore. Rolling back to 17.10(.1) solved the issue. I'll try again using another network and will investigate further.

 

EDIT: Everything's running fine after another try.

DHAnderson
Head in the Cloud

I just installed it on my MX65 and so far so good.  Speed test gives me 250 mbps x 10 mbps.

Dave Anderson
couchbob
Comes here often

New beta 18.103 is released , had to rollback to 17.10.2 on MX64 due to poor performance, went from 100/100Mbit/s to 15/15Mbit/s.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels