USB modems with MX/Z series devices running firmware MX 18 or newer will be limited to best effort support and will not be receiving any future firmware fixes or improvements.
Bug fixes
Corrected an MX 18.2 regression that caused MX appliances configured in passthrough mode to be unable to establish VPN tunnels to tunneled SSIDs configured on MR devices.
Fixed an MX 18.2 regression that resulted in MX appliance improperly dropping traffic from non-Meraki VPN peers when that traffic was received over a PPPoE uplink.
Legacy products notice
When configured for this version, Z1 devices will run MX 14.56.
When configured for this version, MX400 and MX600 devices will run MX 16.16.9.
When configured for this version, MX64(W), MX65(W), MX84, MX100, and vMX100 devices will run MX 18.107.8.
Known issues status
This list is being reviewed and updated. Many existing issue reports have not been confirmed to affect MX 18.2XX firmware versions.
Known issues
There is an increased risk of encountering device stability and performance issues on all platforms and across all configurations.
Due to a rare issue with no known method of reproduction, MX75, MX85, MX95, MX105, MX250, and MX450 appliances may fail to forward traffic from some clients.
MX appliances that have configured adaptive policy may encounter frequent connectivity state changes for AutoVPN tunnels.
Devices manufactured by Ingenico may experience an unstable physical Ethernet connection when directly connected to MX68(W,CW) appliances.
Due to rare issues, MX250 and 450 appliances may encounter unexpected device reboots.
Due to an MX 18.107.7 regression, MX appliances that 1) have Mandatory DHCP enabled and 2) are rebooted, can encounter severe disruptions to network traffic. We recommend customers with Mandatory DHCP enabled do not upgrade to this firmware version.
Due to rare issues, MX250 and 450 appliances may encounter unexpected device reboots.
Due to an MX 18.2 regression, MX appliances do not honor flow preferences for Internet traffic when the preferred uplink is cellular and the license edition is Advanced Security. Devices operating under the SD-WAN+ license are not affected.
The Non-Meraki VPN service may fail to properly establish IKEv2 tunnels when the MX appliance is acting as the IKEv2 responder and many allowed subnets are configured.
In rare cases, MX67C, MX68CW, and Z3C appliances may fail to enter into a "Ready" state despite being able to register to a cellular network and obtain an IP address for the modem.
Due to an issue with no known method of reproduction, the IDS and IPS process may unexpectedly restart.
MX75, MX85, MX95, MX105, MX250, and MX450 appliances in VPN concentrator mode may fail to forward traffic received from AutoVPN clients.
MX75, MX85, MX95, MX105, MX250, and MX450 appliances may inconsistently forward traffic to clients with a 1:1 NAT rule configured.
Due to an MX 18.2 regression, MX75, MX85, MX95, MX105, MX250, and MX450 appliances will fail to form AutoVPN tunnels with other MX appliances via their LAN interfaces.
Due to an MX 18.2 regression, MX75, MX85, MX95, MX105, MX250, and MX450 appliances will fail to form AutoVPN tunnels with other MX appliances via their LAN interfaces.
The Non-Meraki VPN service may fail to properly establish IKEv2 tunnels when the MX appliance is acting as the IKEv2 responder and many allowed subnets are configured. ?
As i am facing same when i have configured IKev2 between meraki and FTD all child SA are working fine but after it does Rekey SA only come up when initiated from FTD side but does not work if initiated from meraki kindly help how to fix this
note: I am using FQDN instead IP and remote Identity as email
Get notified when there are additional replies to this discussion.
