Thank you so much for your feedback!

I have a question: Is it not recommended to stay on CS 17.2.2, as shown in the screenshot below?

Is it better to update to iOS XE 17.12.4?

If I update to 17.12.4, I won't be able to manage my device through Meraki Cloud.

Any tips for migrating from 17.2.2 to 17.12.4?

Have a look in Organization/Firmware Upgrades.  🙂

https://documentation.meraki.com/General_Administration/Firmware_Upgrades/Managing_Firmware_Upgrades

Personally, I would upgrade to 17.12.4.

Hi,

since you've converted your Catalyst 9300 into "Configuration Source: Cloud" mode (formerly known as "Cloud Management" mode), you have the choice between staying on CS 17.2.2 (stable), going to IOS XE 17.15.4 (stable release candidate) or going to IOS XE 17.18.1 (beta). You can't upgrade/migrate to anything else or an arbitrary IOS XE release but only to the versions the Dashboard offers you. Choosing between the different releases really comes down to what you want to do with the switch and the features you need.

If you're just doing "simple" Layer 2 stuff (access ports, voice vlan, maybe 802.1X/MAB, ...), you can either stay on CS 17.2.2 (stable) or go to IOS XE 17.15.4 (stable release candidate). Keep in mind that there's no full feature parity between those releases which means that CS 17.2.2 has some features which IOS XE 17.15.4 doesn't support and also the other way round.

If you want to do some "fancy" Layer 3 stuff like BGP routing, VRFs, routed ports, ... then you have no choice but need to go to IOS XE 17.18.1 (beta) because these features were introduced with this release.

Personally, I'm running either IOS XE 17.15.4 (stable release candidate) or IOS XE 17.18.1 (beta) depending on the requirements of the network. From my experience, they're both running pretty stable and I haven't had any major issues so far. For me, the IOS XE firmware has many advantages over the CS firmware such as native Meraki integration (the CS firmware is basically IOS XE 17 with a Meraki container on top), support for all Catalyst 9200/9300/9350/9500H models (with IOS XE 17.18.1), new features (like 802.1X on trunks), Cloud CLI, ... and so on.

My advice for you would be to check out the release notes of all releases in the Dashboard and then decide which way you want to go.

One more thing: Once IOS XE becomes a stable release, the CS firmware won't be developed any further and you'd need to switch to IOS XE at some point anyway (see "Why are we noticing a firmware name change from CS to IOS XE for cloud-managed Catalyst switches with cloud configuration?" section of the Cloud Managed Catalyst Switches FAQs).

Best regards,

Chris

Thank you very much for the explanation.

I'm thinking about upgrading to version 17.12.4.

I'm having issues with wired 802.1x.

802.1x works fine, but when the switch is restarted, all clients don't automatically authenticate with 802.1x or MAB. For clients to authenticate, I need to manually disable and re-enable the ports. After this process,

everything works again.

Do you know what this could be?

You can see that the is Unauth.

It's on the failed VLAN.