@alemabrahao I believe that is the CS rules.  In IOS-XE the management traffic uses one of the SVIs as it's IP. ... View more

What switch models and firmware are you running?  I've seen it before where the devices dropped off the client table, but still worked due to to internet usage and there could be a bug for them falling out of the arp table, but we'd need to know more to be sure. ... View more

As explained in my other post, you have to use the management VLAN for the default route out and therefore it needs to be part of the main routing design.  This will change in the future, but for now it is the only option.  In my case I changed the management interface to be on the transit VLAN to the firewalls and everything worked, apart from the warning alert mentioned in the other post. ... View more

I have an open case with support where a switch stack was configured to be in the recommended scenario 4a whilst running the latest cs firmware.  In case you aren't familiar with the scenarios, 4a is where the management interface is using a static IP address and is on the same VLAN as the one that goes to the internet, in other words the traffic does not have to route through the device you are configuring.  In my case there are about 20 SVIs on the stack as it is a core.   After the upgrade, all of the network operates correctly, but there is a warning about a bad IPv4 address on the management interface.  The only options are static (that is set) which just points you towards the L3 config of the stack, and DHCP which allows you to choose a VLAN.   I think the answer is to change to DHCP (which it isn't really doing as there is no longer a separate management IP) as the switch does think it is using DHCP despite the configured static IP that was there before the upgrade.   However support are completely confused and keep telling me to configure the management interface statically, even though I have shown them that you cannot and the documentation explains how it does not exist any more... ... View more

@albealt not at all.   With native IOS-XE the Meraki management interface doesn't exist as a separate interface any more (for the moment).  It uses the SVI of the VLAN that you choose it to be on. ... View more

Thank you 🎉 ... View more

How can you go below zero? 😉😈 ... View more

I'm not sure why the features are listed again at then end in other with references that look like they might be fix numbers...   Also, one of the MS150 known issues says fixed - again hopefully this will be clarified. ... View more

This is listed as an MS150 known issue - but perhaps it is fixed?   Resolved an issue that caused some MS150 switches in stack configurations to incorrectly flood unknown multicast traffic while the setting was disabled ... View more

Switches - MS software versions MS 18.1.6 changelog   New feature highlights Group Policy ACL on MS130 & MS150 Maximum MAC support in MAC Allowlists 802.1x limited access mode with pre-auth GPACL Local Status Page connectivity diagnostics enhancements Layer 2 multicast live tool Traffic Mirroring: RSPAN & VLAN Based SPAN General fixed issues Fixed an issue affecting SGT tag configuration when a corresponding policy or VLAN mapping is not present Resolved an issue that sometimes caused incorrect profile assignment when using Smartport Automations Fixed an issue that caused some clients to fail to authenticate and resolve DHCP in voice VLANs Fixed a bug that sometimes caused ports connected to 100Mbps devices on MS210, MS225 and MS250 switches to fail to pass traffic Ms130 fixed issues Resolved an issue that sometimes caused MS130 switches to fail to pass traffic until the switch was rebooted Ms150 fixed issues Resolved an issue that caused ports to fail to show their accurate connection status when a stacking cable was disconnected or reconnected Fixed a bug that sometimes caused MS150 switches to experience spikes of sdma_tx errors and lose connectivity until they were rebooted Fixed a bug that occasionally caused ports to flap, which caused clients to experience DHCP and other connectivity issues General known issues In rare circumstances switches may experience uplink instability when IPv6 link-local addresses are enabled. If this issue is encountered it can be resolved by enabling IPv6 RA Guard to block ICMPv6 neighbor discovery messages. MS130 and MS150 switches may not properly display IPv6 RA packets in dashboard packet captures Some switches may experience multicast packet loss when storm control is enabled Some MS130 switches may fail to provide PoE after upgrading from factory firmware to MS 18.1.6 Ms120 known issues Switches may fail to provide PoE power to legacy access points (always present) Cable tests may report incorrect cable lengths Ms130 known issues MS130X mGig ports may fail to establish a link when both sides are forced to 100 Mbps full-duplex. If either side of the connection uses auto-negotiation the link will be established normally Ms150 known issues MS150 switches may intermittently negotiate USB-C Ethernet adapters at 10 Mbps half-duplex instead of the expected speed for the switchport, requiring a physical reseat to correct the issue. MS150 switches may produce a flood of unicast traffic when their uplink is using a LAG and is connected to a C9300X Resolved an issue that caused some MS150 switches in stack configurations to incorrectly flood unknown multicast traffic while the setting was disabled Ms350x known issues Switches may experience an unexpected reboot (present since MS 15) Ms355 known issues Switches in stack configuration may experience some ports failing to reconnect after a firmware upgrade Ms410 known issues Some MS410 switches may encounter alerts for fan failures that will eventually self-resolve Ms425 known issues In rare circumstances MS425 switches may encounter a software crash that results in a reboot In rare circumstances MS425 switches in stack configurations may encounter a software crash that results in a reboot Other New Feature Highlights • MS-21883: Group Policy ACL on MS130 & MS150 • MS-21889: Maximum MAC support in MAC Allowlists • MS-21885: 802.1x limited access mode with pre-auth GPACL • MS-28340: Local Status Page connectivity diagnostics enhancements • MS-23684: Layer 2 multicast live tool • MS-24285: Traffic Mirroring: RSPAN & VLAN Based SPAN ... View more

This is the January beta release moving to stable. ... View more

Cameras software versions MV 7.2 changelog   New Added support for Video Clips API Added support for Rapid Review Bug fixes Resolved an issue on MV84 series cameras where a short recording disruption could occur immediately after a firmware upgrade. Resolved an issue where privacy windows might not appear on the video stream when using Standard video quality settings on MV84X General security and stability improvements General Improvements to video recording stability on MV84X Improvements to Image Quality for MV84X Notice When configured for this version, MV21 & MV71 cameras will run MV4.15 MV7.2 is the last supported firmware branch for MV12, MV2, MV22, MV32, MV52 and MV72 series. Future updates for these models will be limited to maintenance and security patches ... View more

I also note that backup WAN was available on port 4, but is now available on port 3...? ... View more

From 17.15.4 or 18.x there is a built in Meraki service in the standard IOS-XE build.  You simply make sure the switch has internet access and start the service.  In the dashboard you choose cloud configured or device configured. ... View more

There is no container on the IOS-XE releases, all the commands are natively in the OS and you just start the Meraki service, or you don't, depending on if you want to use them with the dashboard or not. ... View more

@d0rk is there a reason not to try the GA IOS-XE releases, I run 17.18.2 on a 9300L and it has been reliable. ... View more

Security appliances software versions MX 26.1.3 changelog   Executive summary This is the first Generally Available release for MX 26.1. The MX 26.1 release contains significant feature updates enabling support for entire new topologies while further expanding routing and security capabilities. For customers already running MX 26.1, this release contains a variety of fixes concentrated in key areas like VRFs and MultiWAN Multi-Uplink configurations. Please have a look at the full details below. With the promotion of MX 26.1 to Stable Release Candidate / Generally Available release and the promotion of MX 19.2 to Stable / Recommended release, we strongly encourage customers to begin their process of migrating from older releases. We do not intend for additional fixes to become available through future MX 19.1 releases. New feature highlights Added support for configuring Virtual Router Forwarding domains (VRF) through the Early Access feature program. Added support for configuring up to 4 WAN interfaces on C8455-G2-MX, C8111-G2-MX, and C8121-G2 MX appliances. Added expanded VPN NAT solutions. There is now support for configuring IPv4 subnet translation, VPN host translation rules, and VPN port forwarding rules. Added support for non-NATed WAN uplinks (Routed interfaces) and the ability to manually configure the L3 inbound firewall rules. Expanded support for Adaptive Policy, adding Secure Group Tag (SGT) assignment based on Group Policy and SGT to group policy mapping support. Expanded BGP attribute support to include outbound well-known and custom communities and increased route integrity with inbound filtering. Client VPN now supports IKEv2 for establishing connections. VPN full-tunnel exclusion now includes source-based and NBAR application-based exclusion definitions. Added support for encrypted (TLS) syslog Bug fixes - general fixes Fixed an issue that resulted in MX appliances failing to upload XDR flow telemetry data. (MX-46251) Resolved a potential disruption to IPv6 connectivity that could erroneously occur when modifying IPv4 address configuration on MX appliances. (MX-45132) Resolved a case that could result in duplicate DHCP Event Log messages when VRF is configured. (MX-45492) Fixed an issue that resulted in client traffic from outside the default VRF being unable to reach Internet destinations when the traffic traveled across a full tunnel Auto VPN connection. (MX-45723) Resolved an issue that could result in DHCP leases failing to be offered for clients outside of the default VRF. (MX-45306) Fixed a rare issue that could result in traffic failing to route to IPsec VPN peers when 1) Primary and Secondary IPsec VPN tunnels were configured, and 2) a large number of route VPN subnets were configured. (MX-45248) Resolved an issue that caused outdated route information to persist in the MX appliance after updating the MX’s VLAN interface IP address and VRFs were enabled. (MX-45090) Corrected an issue that resulted in Dashboard packet captures being empty when 1) the capture was taking IPsec VPN traffic, 2) the VPN peer connections are established using IKEv2 and 3) Multi-Uplink IPsec VPN was enabled. (MX-41291) Fixed a very rare issue that could result in Client VPN sessions disconnecting unexpectedly when IKEv1 client VPN was used. (MX-33904) Resolved several cases that could cause an unexpected device reboot. (MX-45849)(MX-46042) (MX-45616) Bug fixes - limited platform fixes Fixed an issue that could result in C8111-G2-MX and C8121-G2-MX appliances failing to perform content filtering lookups after 6 or more months of operation. (MX-45452) Corrected several issues that could result in disruptions to client connectivity after converting interfaces between WAN and LAN mode for MultiWAN Multi-Uplink functionality on C8111-G2-MX and C8121-G2-MX appliances. (MX-46128) (MX-45423) (MX-45594) (MX-45118) (MX-45747) Fixed an issue that caused the Internet 2 interface to be incorrectly reported as “Port 2” on the device local status page for C8111-G2-MX and C8121-G2-MX appliances. (MX-45309) Corrected an issue that resulted in the WAN3 interface using an incorrect MAC address on MX75, MX85, MX95, and MX105 appliances when MultiWAN Backup Uplink was configured. (MX-45583) Fixed an MX 26.1 regression that could prevent IPv6 connectivity over cellular on Z4C appliances.” (MG-5500) Legacy products notice When configured for this version, Z3(C) devices will run MX 19.2.7. When configured for this version, MX64(W), MX65(W), MX84, MX100, and vMX100 devices will run MX 18.107.13. Known issues Once VRF is enabled, all AutoVPN communication between devices running firmware releases older than MX 26.1 will be dropped. (Tracking ID available soon) Once VRF is enabled, communications from MX appliances running MX 26.1 releases will be dropped by Secure Connect. (Tracking ID available soon) Other The product complies with EN 18031-1:2024 and EN 18031-2: 2024 ... View more

Thank you and postumous congratulations to Caroline who fittingly gets the last Employee of the month before the community is absorbed into the Cisco one. ... View more

How about if it is enabled, but just one plugged in, that should work...? ... View more

Ah, I see.  So you want to know if you create a smartports automation for a device (for example a device with MAC address starting as:bb:cc*) and the switch then loses contact with the Meraki cloud, does the automation still work.   To be honest I haven't tested that, but will see if I can and report here. ... View more

Access points software versions MR 32.2.2 changelog   Bug fixes   General stability, performance, and experience improvements. APs don’t forward mDNS traffic out wireless interface when using named VLANs (Wi-Fi 7) ... View more

It is getting better, but many old, in particular IoT, devices don't support it and WPA transition mode has had many issues for me.  Even WPA3 native mode has also been less stable than WPA2 mode in my testing. ... View more