Problems whit MX84 and the update 10.17.2

fabricio_cp
Here to help

Problems whit MX84 and the update 10.17.2

good morning

 

Last week I updated all my MX equipment to the latest stable version 10.17.2, in almost all of them I update correctly but in the MX84 models it is generating a problem at the connection level with the meraki cloud.

 

There is no problem with the provider, nor with the navigation policies, there are no restrictions. Only when I see the vpn status section I get the following message that I attach to the message

 

Imagen de WhatsApp 2022-12-05 a las 09.32.53.jpg

 

One of the options was to change the MX84 for a MX68W, that change was a success because all the configuration came to work correctly: SDWAN, Active directory, and in the VPN Status section it shows connected correctly.

 

I downgraded the firmware version to 10.17 but it was not successful.

 

Please, if someone is having this problem, can you tell me how to solve it?

 

Thank you very much, I am attentive to your comments.

10 REPLIES 10
GreenMan
Meraki Employee
Meraki Employee

If you haven't already - I strongly suggest contacting Meraki Support

Dunky
A model citizen

Thank you for highlighting this.

Can you please post how you get on.

I am planning on upgrading to 17.10.2 in the New Year and I have a pair of HA MX84's in Poland that have Auto-VPN connections to a vMX in Azure and the last thing I need to to break that.

Thanks in advance.

58C05448-6B66-419A-B04B-191F24FCD08F.jpeg

186393C6-68B9-44E4-A829-D1717C0AD540.jpeg

CB14D8B2-ABA7-4D65-91F0-3485DFE31942.jpeg

E47B2A01-E908-408F-838B-8EDB5C6CDEC0.jpeg

29DF3B84-993F-4545-9DF5-7F28B8CF4AEA.jpeg

C7CBA512-795C-4F24-A17E-A34481C6C890.jpeg





 

Hi 


First, schedule the update of all my MXs at midnight.

 

The next day the MX84 woke up completely without working, all the other MX (67, 68) are totally correct.

I got two new MX84 computers, I placed my networks on the new computers and since then they could not connect to the SD WAN that I have configured. At that time luckily I had an MX68 team, I changed one of my MX84 (the one in the main office) and placed the network that belonged to him and everything worked perfectly.

The other MX84 team that is in a branch has the same problem as that of the main office. The tests I did was to create a new, brand new subnet and connect to the SD WAN without any navigation policy or restriction. It connects to the SD WAN but I'm having a lot of problems with browsing certain web pages, I can't open sap from my computer, it takes too long to enter Windows with my Active Directory credentials, it doesn't let you navigate to Speedtest or pages like fast to see the speed of my ISP.

From the Dashboard I ping 8.8.8.8 and it doesn't respond, Ping to my default gateway of my LAN segment and there is no response either. There are multiple problems. Almost everything shows ok in the Dashboard except the VPN Status section that is unreachable to the Meraki cloud.

 

Right now I'm getting an MX68 to test at my branch office to see if the problem is solved, I'll do that in a few hours. I'll talk about how I'm doing.

Thanks, I appreciate the update and please keep me posted.

Captura de pantalla 2022-12-07 174101.jpg

 

 

Captura de pantalla 2022-12-07 174208.jpg

 

 

 

I'll tell you that with the same configuration and with an MX68 everything works correctly with version 17.10.2, I'll give you some screenshots that I took.

 

 

I hope Cisco takes action on the matter and can correctly solve the stable version for the MX84.

cmr
Kind of a big deal
Kind of a big deal

@fabricio_cp we have multiple sites running auto-VPN with HA pair of Meraki MX84s under 17.10.2, so it isn't that the MX84 doesn't work, but that there must be something in your configuration that causes these issues.  We also have single MX84s at a couple of sites, but not running the auto-VPN.  Seems odd that you had such a consistent failure! 😞

hi @cmr , ok

And how do you explain that when creating a new network, without any policy, without any routes, I still get the error in the vpn status section, or how can you explain that with another model like the mx68 it loads the configuration correctly.

 

I just want to know what could have happened with the update for the mx84.

 

I took the mx84 to my home thinking it was an internet issue, in the office I occupied a fixed public IP. at my home dhcp and it was another provider, and it couldn't connect.

Right now I am in contact with a Cisco technician to see what could have happened, since as I mentioned before it only affects that model of equipment

@fabricio_cp Did you get a resolution or explanation from Meraki

 

@Dunky 

 

tell you that the only solution was to generate an RMA and with the new equipment they worked correctly

That's great news, sounds like dodgy hardware then.

Thanks for letting me know, I will sleep easier knowing that I dont have to worry about hitting the same issue on my MX84's

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels