Solved! Go to solution.
Someone is listening !!!
This was added to the current changelogs :
Known issues - november 20th update
[...]
That is a good number of AnyConnect improvements.
Whoa. More Known Issues than fixes 😳
The golden question - how many unknown bugs are there ...
I always wonder.. are these bugs on 18.107.6. Or is it also present in all/some previous fw.
It should say, present since fwxx
I don't know how far back it goes, but they did update at least some older versions and included this note:
With my luck and the complexity of our setup pretty sure I'm going to hit every single "Due to a rare bla" and "Due to unknown reasons" haha !
"In rare circumstances the intrusion detection and prevention process may crash and restart. In some circumstances this can cause a minor disruption to network traffic. This issue is expected to be resolved through an update to the IDS/IPS container rather than the MX firmware version."
Our network has been experiencing these issues, and it's concerning that this hasn't been more widely communicated. I'm quite surprised by this. We've been told that the Snort process is crashing and have been informed that it requires a patch from Meraki support. However, the patch seems to be hit or miss. When can we expect this issue to be addressed?
Is this what is causing me a 15-30 second outage every 20 minutes or so? I've been having a go at my ISP... it still might be them as I'm using a very lightly loaded MX75.
Disable for an hour and see if it clears up. Ours was roughly every 20-30 minutes when there was traffic on the network. Extremely frustrating. Also, if you're pinging your local router's interface and seeing drops, that's the culprit. If you're not dropping packets to your router internally, it's most likely ISP. When Snort crashes, it locks up the MX so it cannot process anything in/out, which would affect all local and egress traffic.
Disabled just now... This is what I was seeing and nobody was using the network in the gap...:
From what I understand this should ( could , must ? ) be present on any MX 18.1 firmware since this is mostly coming from SNORT anyway ?
What IPS/IDS settings are you running ? I will compare with mine , not sure if we are hiting that issue ( I hope not lol )
MX 18.107.2
AMP = Enabled
ID&P = Prevention & Security
We had to call support to have them apply a patch that downgraded us from SNORT v3 to SNORT v2. It's been about 5 hours with no dropped packets.
18.107.5 and 18.107.6
AMP = Enabled
ID&P = Prevention & Balanced
Last outage was when I changed the setting, monitoring now and will confirm...
Looks like it might be the ISP, yellow highlight shows when I turned off ID&P
New list of changes :
Resolved an issue where MX appliances could encounter latency issues when 1) the appliance was configured in high availability, 2) the appliance was acting as an AutoVPN hub, and 3) IPv6 traffic was traversing AutoVPN.
changed to :
^^^^^^^^^ was so fun to troubleshoot 🙂
Added :
I wish the firmware bot would post the news changes everytime it gets updated 🙂
It was @MeredithW who introduced me to the firmwarebot, @AmyReyes would you know who in Meraki developed the code and could it be modified to update us when release notes get updated?
Great question! I'll take this back to the Community team and see if anyone knows. Tagging in @Leinad77 for visibility as this falls into his domain of platform management 😊
In the chaos of my last week before leave, I forgot to follow up on this! The code was developed by a Meraki SE, and unfortunately, he made it publish everything that it can. Posting updates and changes as they happen is outside the scope of what it can do and would require a manual effort from someone. But that is definitely worth our consideration for the future as something to pursue!
Updated 2023-11-30
Added :
Appending the latest changes to the bottom + timestamp would also help !
Someone is listening !!!
This was added to the current changelogs :
Known issues - november 20th update
[...]