Skip to content

Instantly share code, notes, and snippets.

@halmartin

halmartin/firmware_upgrades

Created June 27, 2021 13:11
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save halmartin/b75eb141a2643b1052501ed61390a3e0 to your computer and use it in GitHub Desktop.
Save halmartin/b75eb141a2643b1052501ed61390a3e0 to your computer and use it in GitHub Desktop.
Download ZIP
Meraki Dashboard release notes
Raw
firmware_upgrades
<!DOCTYPE html>
<html class='no-js'>
<head>
<script>window.NREUM||(NREUM={});NREUM.info={"beacon":"bam-cell.nr-data.net","errorBeacon":"bam-cell.nr-data.net","licenseKey":"ec197d872d","applicationID":"32971086","transactionName":"J1xbFUBbClVWQRhaUQpSUgQdWxReUl1eTVEQWloPHVIPS15EVkVVO0ZFBkBVAlxA","queueTime":1,"applicationTime":346,"agent":""}</script>
<script>(window.NREUM||(NREUM={})).loader_config={xpid:"UQYBWFBACwEJU1BSDwc=",licenseKey:"ec197d872d",applicationID:"32971086"};window.NREUM||(NREUM={}),__nr_require=function(t,e,n){function r(n){if(!e[n]){var o=e[n]={exports:{}};t[n][0].call(o.exports,function(e){var o=t[n][1][e];return r(o||e)},o,o.exports)}return e[n].exports}if("function"==typeof __nr_require)return __nr_require;for(var o=0;o<n.length;o++)r(n[o]);return r}({1:[function(t,e,n){function r(t){try{c.console&&console.log(t)}catch(e){}}var o,i=t("ee"),a=t(29),c={};try{o=localStorage.getItem("__nr_flags").split(","),console&&"function"==typeof console.log&&(c.console=!0,o.indexOf("dev")!==-1&&(c.dev=!0),o.indexOf("nr_dev")!==-1&&(c.nrDev=!0))}catch(s){}c.nrDev&&i.on("internal-error",function(t){r(t.stack)}),c.dev&&i.on("fn-err",function(t,e,n){r(n.stack)}),c.dev&&(r("NR AGENT IN DEVELOPMENT MODE"),r("flags: "+a(c,function(t,e){return t}).join(", ")))},{}],2:[function(t,e,n){function r(t,e,n,r,c){try{p?p-=1:o(c||new UncaughtException(t,e,n),!0)}catch(f){try{i("ierr",[f,s.now(),!0])}catch(d){}}return"function"==typeof u&&u.apply(this,a(arguments))}function UncaughtException(t,e,n){this.message=t||"Uncaught error with no additional information",this.sourceURL=e,this.line=n}function o(t,e){var n=e?null:s.now();i("err",[t,n])}var i=t("handle"),a=t(30),c=t("ee"),s=t("loader"),f=t("gos"),u=window.onerror,d=!1,l="nr@seenError";if(!s.disabled){var p=0;s.features.err=!0,t(1),window.onerror=r;try{throw new Error}catch(h){"stack"in h&&(t(13),t(12),"addEventListener"in window&&t(6),s.xhrWrappable&&t(14),d=!0)}c.on("fn-start",function(t,e,n){d&&(p+=1)}),c.on("fn-err",function(t,e,n){d&&!n[l]&&(f(n,l,function(){return!0}),this.thrown=!0,o(n))}),c.on("fn-end",function(){d&&!this.thrown&&p>0&&(p-=1)}),c.on("internal-error",function(t){i("ierr",[t,s.now(),!0])})}},{}],3:[function(t,e,n){var r=t("loader");r.disabled||(r.features.ins=!0)},{}],4:[function(t,e,n){function r(){L++,T=g.hash,this[u]=y.now()}function o(){L--,g.hash!==T&&i(0,!0);var t=y.now();this[h]=~~this[h]+t-this[u],this[d]=t}function i(t,e){E.emit("newURL",[""+g,e])}function a(t,e){t.on(e,function(){this[e]=y.now()})}var c="-start",s="-end",f="-body",u="fn"+c,d="fn"+s,l="cb"+c,p="cb"+s,h="jsTime",m="fetch",v="addEventListener",w=window,g=w.location,y=t("loader");if(w[v]&&y.xhrWrappable&&!y.disabled){var x=t(10),b=t(11),E=t(8),R=t(6),O=t(13),N=t(7),M=t(14),P=t(9),C=t("ee"),S=C.get("tracer");t(16),y.features.spa=!0;var T,L=0;C.on(u,r),b.on(l,r),P.on(l,r),C.on(d,o),b.on(p,o),P.on(p,o),C.buffer([u,d,"xhr-done","xhr-resolved"]),R.buffer([u]),O.buffer(["setTimeout"+s,"clearTimeout"+c,u]),M.buffer([u,"new-xhr","send-xhr"+c]),N.buffer([m+c,m+"-done",m+f+c,m+f+s]),E.buffer(["newURL"]),x.buffer([u]),b.buffer(["propagate",l,p,"executor-err","resolve"+c]),S.buffer([u,"no-"+u]),P.buffer(["new-jsonp","cb-start","jsonp-error","jsonp-end"]),a(M,"send-xhr"+c),a(C,"xhr-resolved"),a(C,"xhr-done"),a(N,m+c),a(N,m+"-done"),a(P,"new-jsonp"),a(P,"jsonp-end"),a(P,"cb-start"),E.on("pushState-end",i),E.on("replaceState-end",i),w[v]("hashchange",i,!0),w[v]("load",i,!0),w[v]("popstate",function(){i(0,L>1)},!0)}},{}],5:[function(t,e,n){function r(t){}if(window.performance&&window.performance.timing&&window.performance.getEntriesByType){var o=t("ee"),i=t("handle"),a=t(13),c=t(12),s="learResourceTimings",f="addEventListener",u="resourcetimingbufferfull",d="bstResource",l="resource",p="-start",h="-end",m="fn"+p,v="fn"+h,w="bstTimer",g="pushState",y=t("loader");if(!y.disabled){y.features.stn=!0,t(8),"addEventListener"in window&&t(6);var x=NREUM.o.EV;o.on(m,function(t,e){var n=t[0];n instanceof x&&(this.bstStart=y.now())}),o.on(v,function(t,e){var n=t[0];n instanceof x&&i("bst",[n,e,this.bstStart,y.now()])}),a.on(m,function(t,e,n){this.bstStart=y.now(),this.bstType=n}),a.on(v,function(t,e){i(w,[e,this.bstStart,y.now(),this.bstType])}),c.on(m,function(){this.bstStart=y.now()}),c.on(v,function(t,e){i(w,[e,this.bstStart,y.now(),"requestAnimationFrame"])}),o.on(g+p,function(t){this.time=y.now(),this.startPath=location.pathname+location.hash}),o.on(g+h,function(t){i("bstHist",[location.pathname+location.hash,this.startPath,this.time])}),f in window.performance&&(window.performance["c"+s]?window.performance[f](u,function(t){i(d,[window.performance.getEntriesByType(l)]),window.performance["c"+s]()},!1):window.performance[f]("webkit"+u,function(t){i(d,[window.performance.getEntriesByType(l)]),window.performance["webkitC"+s]()},!1)),document[f]("scroll",r,{passive:!0}),document[f]("keypress",r,!1),document[f]("click",r,!1)}}},{}],6:[function(t,e,n){function r(t){for(var e=t;e&&!e.hasOwnProperty(u);)e=Object.getPrototypeOf(e);e&&o(e)}function o(t){c.inPlace(t,[u,d],"-",i)}function i(t,e){return t[1]}var a=t("ee").get("events"),c=t("wrap-function")(a,!0),s=t("gos"),f=XMLHttpRequest,u="addEventListener",d="removeEventListener";e.exports=a,"getPrototypeOf"in Object?(r(document),r(window),r(f.prototype)):f.prototype.hasOwnProperty(u)&&(o(window),o(f.prototype)),a.on(u+"-start",function(t,e){var n=t[1],r=s(n,"nr@wrapped",function(){function t(){if("function"==typeof n.handleEvent)return n.handleEvent.apply(n,arguments)}var e={object:t,"function":n}[typeof n];return e?c(e,"fn-",null,e.name||"anonymous"):n});this.wrapped=t[1]=r}),a.on(d+"-start",function(t){t[1]=this.wrapped||t[1]})},{}],7:[function(t,e,n){function r(t,e,n){var r=t[e];"function"==typeof r&&(t[e]=function(){var t=i(arguments),e={};o.emit(n+"before-start",[t],e);var a;e[m]&&e[m].dt&&(a=e[m].dt);var c=r.apply(this,t);return o.emit(n+"start",[t,a],c),c.then(function(t){return o.emit(n+"end",[null,t],c),t},function(t){throw o.emit(n+"end",[t],c),t})})}var o=t("ee").get("fetch"),i=t(30),a=t(29);e.exports=o;var c=window,s="fetch-",f=s+"body-",u=["arrayBuffer","blob","json","text","formData"],d=c.Request,l=c.Response,p=c.fetch,h="prototype",m="nr@context";d&&l&&p&&(a(u,function(t,e){r(d[h],e,f),r(l[h],e,f)}),r(c,"fetch",s),o.on(s+"end",function(t,e){var n=this;if(e){var r=e.headers.get("content-length");null!==r&&(n.rxSize=r),o.emit(s+"done",[null,e],n)}else o.emit(s+"done",[t],n)}))},{}],8:[function(t,e,n){var r=t("ee").get("history"),o=t("wrap-function")(r);e.exports=r;var i=window.history&&window.history.constructor&&window.history.constructor.prototype,a=window.history;i&&i.pushState&&i.replaceState&&(a=i),o.inPlace(a,["pushState","replaceState"],"-")},{}],9:[function(t,e,n){function r(t){function e(){s.emit("jsonp-end",[],l),t.removeEventListener("load",e,!1),t.removeEventListener("error",n,!1)}function n(){s.emit("jsonp-error",[],l),s.emit("jsonp-end",[],l),t.removeEventListener("load",e,!1),t.removeEventListener("error",n,!1)}var r=t&&"string"==typeof t.nodeName&&"script"===t.nodeName.toLowerCase();if(r){var o="function"==typeof t.addEventListener;if(o){var a=i(t.src);if(a){var u=c(a),d="function"==typeof u.parent[u.key];if(d){var l={};f.inPlace(u.parent,[u.key],"cb-",l),t.addEventListener("load",e,!1),t.addEventListener("error",n,!1),s.emit("new-jsonp",[t.src],l)}}}}}function o(){return"addEventListener"in window}function i(t){var e=t.match(u);return e?e[1]:null}function a(t,e){var n=t.match(l),r=n[1],o=n[3];return o?a(o,e[r]):e[r]}function c(t){var e=t.match(d);return e&&e.length>=3?{key:e[2],parent:a(e[1],window)}:{key:t,parent:window}}var s=t("ee").get("jsonp"),f=t("wrap-function")(s);if(e.exports=s,o()){var u=/[?&](?:callback|cb)=([^&#]+)/,d=/(.*)\.([^.]+)/,l=/^(\w+)(\.|$)(.*)$/,p=["appendChild","insertBefore","replaceChild"];Node&&Node.prototype&&Node.prototype.appendChild?f.inPlace(Node.prototype,p,"dom-"):(f.inPlace(HTMLElement.prototype,p,"dom-"),f.inPlace(HTMLHeadElement.prototype,p,"dom-"),f.inPlace(HTMLBodyElement.prototype,p,"dom-")),s.on("dom-start",function(t){r(t[0])})}},{}],10:[function(t,e,n){var r=t("ee").get("mutation"),o=t("wrap-function")(r),i=NREUM.o.MO;e.exports=r,i&&(window.MutationObserver=function(t){return this instanceof i?new i(o(t,"fn-")):i.apply(this,arguments)},MutationObserver.prototype=i.prototype)},{}],11:[function(t,e,n){function r(t){var e=i.context(),n=c(t,"executor-",e,null,!1),r=new f(n);return i.context(r).getCtx=function(){return e},r}var o=t("wrap-function"),i=t("ee").get("promise"),a=t("ee").getOrSetContext,c=o(i),s=t(29),f=NREUM.o.PR;e.exports=i,f&&(window.Promise=r,["all","race"].forEach(function(t){var e=f[t];f[t]=function(n){function r(t){return function(){i.emit("propagate",[null,!o],a,!1,!1),o=o||!t}}var o=!1;s(n,function(e,n){Promise.resolve(n).then(r("all"===t),r(!1))});var a=e.apply(f,arguments),c=f.resolve(a);return c}}),["resolve","reject"].forEach(function(t){var e=f[t];f[t]=function(t){var n=e.apply(f,arguments);return t!==n&&i.emit("propagate",[t,!0],n,!1,!1),n}}),f.prototype["catch"]=function(t){return this.then(null,t)},f.prototype=Object.create(f.prototype,{constructor:{value:r}}),s(Object.getOwnPropertyNames(f),function(t,e){try{r[e]=f[e]}catch(n){}}),o.wrapInPlace(f.prototype,"then",function(t){return function(){var e=this,n=o.argsToArray.apply(this,arguments),r=a(e);r.promise=e,n[0]=c(n[0],"cb-",r,null,!1),n[1]=c(n[1],"cb-",r,null,!1);var s=t.apply(this,n);return r.nextPromise=s,i.emit("propagate",[e,!0],s,!1,!1),s}}),i.on("executor-start",function(t){t[0]=c(t[0],"resolve-",this,null,!1),t[1]=c(t[1],"resolve-",this,null,!1)}),i.on("executor-err",function(t,e,n){t[1](n)}),i.on("cb-end",function(t,e,n){i.emit("propagate",[n,!0],this.nextPromise,!1,!1)}),i.on("propagate",function(t,e,n){this.getCtx&&!e||(this.getCtx=function(){if(t instanceof Promise)var e=i.context(t);return e&&e.getCtx?e.getCtx():this})}),r.toString=function(){return""+f})},{}],12:[function(t,e,n){var r=t("ee").get("raf"),o=t("wrap-function")(r),i="equestAnimationFrame";e.exports=r,o.inPlace(window,["r"+i,"mozR"+i,"webkitR"+i,"msR"+i],"raf-"),r.on("raf-start",function(t){t[0]=o(t[0],"fn-")})},{}],13:[function(t,e,n){function r(t,e,n){t[0]=a(t[0],"fn-",null,n)}function o(t,e,n){this.method=n,this.timerDuration=isNaN(t[1])?0:+t[1],t[0]=a(t[0],"fn-",this,n)}var i=t("ee").get("timer"),a=t("wrap-function")(i),c="setTimeout",s="setInterval",f="clearTimeout",u="-start",d="-";e.exports=i,a.inPlace(window,[c,"setImmediate"],c+d),a.inPlace(window,[s],s+d),a.inPlace(window,[f,"clearImmediate"],f+d),i.on(s+u,r),i.on(c+u,o)},{}],14:[function(t,e,n){function r(t,e){d.inPlace(e,["onreadystatechange"],"fn-",c)}function o(){var t=this,e=u.context(t);t.readyState>3&&!e.resolved&&(e.resolved=!0,u.emit("xhr-resolved",[],t)),d.inPlace(t,g,"fn-",c)}function i(t){y.push(t),h&&(b?b.then(a):v?v(a):(E=-E,R.data=E))}function a(){for(var t=0;t<y.length;t++)r([],y[t]);y.length&&(y=[])}function c(t,e){return e}function s(t,e){for(var n in t)e[n]=t[n];return e}t(6);var f=t("ee"),u=f.get("xhr"),d=t("wrap-function")(u),l=NREUM.o,p=l.XHR,h=l.MO,m=l.PR,v=l.SI,w="readystatechange",g=["onload","onerror","onabort","onloadstart","onloadend","onprogress","ontimeout"],y=[];e.exports=u;var x=window.XMLHttpRequest=function(t){var e=new p(t);try{u.emit("new-xhr",[e],e),e.addEventListener(w,o,!1)}catch(n){try{u.emit("internal-error",[n])}catch(r){}}return e};if(s(p,x),x.prototype=p.prototype,d.inPlace(x.prototype,["open","send"],"-xhr-",c),u.on("send-xhr-start",function(t,e){r(t,e),i(e)}),u.on("open-xhr-start",r),h){var b=m&&m.resolve();if(!v&&!m){var E=1,R=document.createTextNode(E);new h(a).observe(R,{characterData:!0})}}else f.on("fn-end",function(t){t[0]&&t[0].type===w||a()})},{}],15:[function(t,e,n){function r(t){if(!c(t))return null;var e=window.NREUM;if(!e.loader_config)return null;var n=(e.loader_config.accountID||"").toString()||null,r=(e.loader_config.agentID||"").toString()||null,f=(e.loader_config.trustKey||"").toString()||null;if(!n||!r)return null;var h=p.generateSpanId(),m=p.generateTraceId(),v=Date.now(),w={spanId:h,traceId:m,timestamp:v};return(t.sameOrigin||s(t)&&l())&&(w.traceContextParentHeader=o(h,m),w.traceContextStateHeader=i(h,v,n,r,f)),(t.sameOrigin&&!u()||!t.sameOrigin&&s(t)&&d())&&(w.newrelicHeader=a(h,m,v,n,r,f)),w}function o(t,e){return"00-"+e+"-"+t+"-01"}function i(t,e,n,r,o){var i=0,a="",c=1,s="",f="";return o+"@nr="+i+"-"+c+"-"+n+"-"+r+"-"+t+"-"+a+"-"+s+"-"+f+"-"+e}function a(t,e,n,r,o,i){var a="btoa"in window&&"function"==typeof window.btoa;if(!a)return null;var c={v:[0,1],d:{ty:"Browser",ac:r,ap:o,id:t,tr:e,ti:n}};return i&&r!==i&&(c.d.tk=i),btoa(JSON.stringify(c))}function c(t){return f()&&s(t)}function s(t){var e=!1,n={};if("init"in NREUM&&"distributed_tracing"in NREUM.init&&(n=NREUM.init.distributed_tracing),t.sameOrigin)e=!0;else if(n.allowed_origins instanceof Array)for(var r=0;r<n.allowed_origins.length;r++){var o=h(n.allowed_origins[r]);if(t.hostname===o.hostname&&t.protocol===o.protocol&&t.port===o.port){e=!0;break}}return e}function f(){return"init"in NREUM&&"distributed_tracing"in NREUM.init&&!!NREUM.init.distributed_tracing.enabled}function u(){return"init"in NREUM&&"distributed_tracing"in NREUM.init&&!!NREUM.init.distributed_tracing.exclude_newrelic_header}function d(){return"init"in NREUM&&"distributed_tracing"in NREUM.init&&NREUM.init.distributed_tracing.cors_use_newrelic_header!==!1}function l(){return"init"in NREUM&&"distributed_tracing"in NREUM.init&&!!NREUM.init.distributed_tracing.cors_use_tracecontext_headers}var p=t(26),h=t(17);e.exports={generateTracePayload:r,shouldGenerateTrace:c}},{}],16:[function(t,e,n){function r(t){var e=this.params,n=this.metrics;if(!this.ended){this.ended=!0;for(var r=0;r<l;r++)t.removeEventListener(d[r],this.listener,!1);e.aborted||(n.duration=a.now()-this.startTime,this.loadCaptureCalled||4!==t.readyState?null==e.status&&(e.status=0):i(this,t),n.cbTime=this.cbTime,u.emit("xhr-done",[t],t),c("xhr",[e,n,this.startTime]))}}function o(t,e){var n=s(e),r=t.params;r.host=n.hostname+":"+n.port,r.pathname=n.pathname,t.parsedOrigin=s(e),t.sameOrigin=t.parsedOrigin.sameOrigin}function i(t,e){t.params.status=e.status;var n=v(e,t.lastSize);if(n&&(t.metrics.rxSize=n),t.sameOrigin){var r=e.getResponseHeader("X-NewRelic-App-Data");r&&(t.params.cat=r.split(", ").pop())}t.loadCaptureCalled=!0}var a=t("loader");if(a.xhrWrappable&&!a.disabled){var c=t("handle"),s=t(17),f=t(15).generateTracePayload,u=t("ee"),d=["load","error","abort","timeout"],l=d.length,p=t("id"),h=t(22),m=t(21),v=t(18),w=window.XMLHttpRequest;a.features.xhr=!0,t(14),t(7),u.on("new-xhr",function(t){var e=this;e.totalCbs=0,e.called=0,e.cbTime=0,e.end=r,e.ended=!1,e.xhrGuids={},e.lastSize=null,e.loadCaptureCalled=!1,e.params=this.params||{},e.metrics=this.metrics||{},t.addEventListener("load",function(n){i(e,t)},!1),h&&(h>34||h<10)||window.opera||t.addEventListener("progress",function(t){e.lastSize=t.loaded},!1)}),u.on("open-xhr-start",function(t){this.params={method:t[0]},o(this,t[1]),this.metrics={}}),u.on("open-xhr-end",function(t,e){"loader_config"in NREUM&&"xpid"in NREUM.loader_config&&this.sameOrigin&&e.setRequestHeader("X-NewRelic-ID",NREUM.loader_config.xpid);var n=f(this.parsedOrigin);if(n){var r=!1;n.newrelicHeader&&(e.setRequestHeader("newrelic",n.newrelicHeader),r=!0),n.traceContextParentHeader&&(e.setRequestHeader("traceparent",n.traceContextParentHeader),n.traceContextStateHeader&&e.setRequestHeader("tracestate",n.traceContextStateHeader),r=!0),r&&(this.dt=n)}}),u.on("send-xhr-start",function(t,e){var n=this.metrics,r=t[0],o=this;if(n&&r){var i=m(r);i&&(n.txSize=i)}this.startTime=a.now(),this.listener=function(t){try{"abort"!==t.type||o.loadCaptureCalled||(o.params.aborted=!0),("load"!==t.type||o.called===o.totalCbs&&(o.onloadCalled||"function"!=typeof e.onload))&&o.end(e)}catch(n){try{u.emit("internal-error",[n])}catch(r){}}};for(var c=0;c<l;c++)e.addEventListener(d[c],this.listener,!1)}),u.on("xhr-cb-time",function(t,e,n){this.cbTime+=t,e?this.onloadCalled=!0:this.called+=1,this.called!==this.totalCbs||!this.onloadCalled&&"function"==typeof n.onload||this.end(n)}),u.on("xhr-load-added",function(t,e){var n=""+p(t)+!!e;this.xhrGuids&&!this.xhrGuids[n]&&(this.xhrGuids[n]=!0,this.totalCbs+=1)}),u.on("xhr-load-removed",function(t,e){var n=""+p(t)+!!e;this.xhrGuids&&this.xhrGuids[n]&&(delete this.xhrGuids[n],this.totalCbs-=1)}),u.on("addEventListener-end",function(t,e){e instanceof w&&"load"===t[0]&&u.emit("xhr-load-added",[t[1],t[2]],e)}),u.on("removeEventListener-end",function(t,e){e instanceof w&&"load"===t[0]&&u.emit("xhr-load-removed",[t[1],t[2]],e)}),u.on("fn-start",function(t,e,n){e instanceof w&&("onload"===n&&(this.onload=!0),("load"===(t[0]&&t[0].type)||this.onload)&&(this.xhrCbStart=a.now()))}),u.on("fn-end",function(t,e){this.xhrCbStart&&u.emit("xhr-cb-time",[a.now()-this.xhrCbStart,this.onload,e],e)}),u.on("fetch-before-start",function(t){function e(t,e){var n=!1;return e.newrelicHeader&&(t.set("newrelic",e.newrelicHeader),n=!0),e.traceContextParentHeader&&(t.set("traceparent",e.traceContextParentHeader),e.traceContextStateHeader&&t.set("tracestate",e.traceContextStateHeader),n=!0),n}var n,r=t[1]||{};"string"==typeof t[0]?n=t[0]:t[0]&&t[0].url?n=t[0].url:window.URL&&t[0]&&t[0]instanceof URL&&(n=t[0].href),n&&(this.parsedOrigin=s(n),this.sameOrigin=this.parsedOrigin.sameOrigin);var o=f(this.parsedOrigin);if(o&&(o.newrelicHeader||o.traceContextParentHeader))if("string"==typeof t[0]||window.URL&&t[0]&&t[0]instanceof URL){var i={};for(var a in r)i[a]=r[a];i.headers=new Headers(r.headers||{}),e(i.headers,o)&&(this.dt=o),t.length>1?t[1]=i:t.push(i)}else t[0]&&t[0].headers&&e(t[0].headers,o)&&(this.dt=o)})}},{}],17:[function(t,e,n){var r={};e.exports=function(t){if(t in r)return r[t];var e=document.createElement("a"),n=window.location,o={};e.href=t,o.port=e.port;var i=e.href.split("://");!o.port&&i[1]&&(o.port=i[1].split("/")[0].split("@").pop().split(":")[1]),o.port&&"0"!==o.port||(o.port="https"===i[0]?"443":"80"),o.hostname=e.hostname||n.hostname,o.pathname=e.pathname,o.protocol=i[0],"/"!==o.pathname.charAt(0)&&(o.pathname="/"+o.pathname);var a=!e.protocol||":"===e.protocol||e.protocol===n.protocol,c=e.hostname===document.domain&&e.port===n.port;return o.sameOrigin=a&&(!e.hostname||c),"/"===o.pathname&&(r[t]=o),o}},{}],18:[function(t,e,n){function r(t,e){var n=t.responseType;return"json"===n&&null!==e?e:"arraybuffer"===n||"blob"===n||"json"===n?o(t.response):"text"===n||""===n||void 0===n?o(t.responseText):void 0}var o=t(21);e.exports=r},{}],19:[function(t,e,n){function r(){}function o(t,e,n){return function(){return i(t,[f.now()].concat(c(arguments)),e?null:this,n),e?void 0:this}}var i=t("handle"),a=t(29),c=t(30),s=t("ee").get("tracer"),f=t("loader"),u=NREUM;"undefined"==typeof window.newrelic&&(newrelic=u);var d=["setPageViewName","setCustomAttribute","setErrorHandler","finished","addToTrace","inlineHit","addRelease"],l="api-",p=l+"ixn-";a(d,function(t,e){u[e]=o(l+e,!0,"api")}),u.addPageAction=o(l+"addPageAction",!0),u.setCurrentRouteName=o(l+"routeName",!0),e.exports=newrelic,u.interaction=function(){return(new r).get()};var h=r.prototype={createTracer:function(t,e){var n={},r=this,o="function"==typeof e;return i(p+"tracer",[f.now(),t,n],r),function(){if(s.emit((o?"":"no-")+"fn-start",[f.now(),r,o],n),o)try{return e.apply(this,arguments)}catch(t){throw s.emit("fn-err",[arguments,this,t],n),t}finally{s.emit("fn-end",[f.now()],n)}}}};a("actionText,setName,setAttribute,save,ignore,onEnd,getContext,end,get".split(","),function(t,e){h[e]=o(p+e)}),newrelic.noticeError=function(t,e){"string"==typeof t&&(t=new Error(t)),i("err",[t,f.now(),!1,e])}},{}],20:[function(t,e,n){function r(t){if(NREUM.init){for(var e=NREUM.init,n=t.split("."),r=0;r<n.length-1;r++)if(e=e[n[r]],"object"!=typeof e)return;return e=e[n[n.length-1]]}}e.exports={getConfiguration:r}},{}],21:[function(t,e,n){e.exports=function(t){if("string"==typeof t&&t.length)return t.length;if("object"==typeof t){if("undefined"!=typeof ArrayBuffer&&t instanceof ArrayBuffer&&t.byteLength)return t.byteLength;if("undefined"!=typeof Blob&&t instanceof Blob&&t.size)return t.size;if(!("undefined"!=typeof FormData&&t instanceof FormData))try{return JSON.stringify(t).length}catch(e){return}}}},{}],22:[function(t,e,n){var r=0,o=navigator.userAgent.match(/Firefox[\/\s](\d+\.\d+)/);o&&(r=+o[1]),e.exports=r},{}],23:[function(t,e,n){function r(){return c.exists&&performance.now?Math.round(performance.now()):(i=Math.max((new Date).getTime(),i))-a}function o(){return i}var i=(new Date).getTime(),a=i,c=t(31);e.exports=r,e.exports.offset=a,e.exports.getLastTimestamp=o},{}],24:[function(t,e,n){function r(t){return!(!t||!t.protocol||"file:"===t.protocol)}e.exports=r},{}],25:[function(t,e,n){function r(t,e){var n=t.getEntries();n.forEach(function(t){"first-paint"===t.name?d("timing",["fp",Math.floor(t.startTime)]):"first-contentful-paint"===t.name&&d("timing",["fcp",Math.floor(t.startTime)])})}function o(t,e){var n=t.getEntries();n.length>0&&d("lcp",[n[n.length-1]])}function i(t){t.getEntries().forEach(function(t){t.hadRecentInput||d("cls",[t])})}function a(t){if(t instanceof h&&!v){var e=Math.round(t.timeStamp),n={type:t.type};e<=l.now()?n.fid=l.now()-e:e>l.offset&&e<=Date.now()?(e-=l.offset,n.fid=l.now()-e):e=l.now(),v=!0,d("timing",["fi",e,n])}}function c(t){d("pageHide",[l.now(),t])}if(!("init"in NREUM&&"page_view_timing"in NREUM.init&&"enabled"in NREUM.init.page_view_timing&&NREUM.init.page_view_timing.enabled===!1)){var s,f,u,d=t("handle"),l=t("loader"),p=t(28),h=NREUM.o.EV;if("PerformanceObserver"in window&&"function"==typeof window.PerformanceObserver){s=new PerformanceObserver(r);try{s.observe({entryTypes:["paint"]})}catch(m){}f=new PerformanceObserver(o);try{f.observe({entryTypes:["largest-contentful-paint"]})}catch(m){}u=new PerformanceObserver(i);try{u.observe({type:"layout-shift",buffered:!0})}catch(m){}}if("addEventListener"in document){var v=!1,w=["click","keydown","mousedown","pointerdown","touchstart"];w.forEach(function(t){document.addEventListener(t,a,!1)})}p(c)}},{}],26:[function(t,e,n){function r(){function t(){return e?15&e[n++]:16*Math.random()|0}var e=null,n=0,r=window.crypto||window.msCrypto;r&&r.getRandomValues&&(e=r.getRandomValues(new Uint8Array(31)));for(var o,i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",a="",c=0;c<i.length;c++)o=i[c],"x"===o?a+=t().toString(16):"y"===o?(o=3&t()|8,a+=o.toString(16)):a+=o;return a}function o(){return a(16)}function i(){return a(32)}function a(t){function e(){return n?15&n[r++]:16*Math.random()|0}var n=null,r=0,o=window.crypto||window.msCrypto;o&&o.getRandomValues&&Uint8Array&&(n=o.getRandomValues(new Uint8Array(31)));for(var i=[],a=0;a<t;a++)i.push(e().toString(16));return i.join("")}e.exports={generateUuid:r,generateSpanId:o,generateTraceId:i}},{}],27:[function(t,e,n){function r(t,e){if(!o)return!1;if(t!==o)return!1;if(!e)return!0;if(!i)return!1;for(var n=i.split("."),r=e.split("."),a=0;a<r.length;a++)if(r[a]!==n[a])return!1;return!0}var o=null,i=null,a=/Version\/(\S+)\s+Safari/;if(navigator.userAgent){var c=navigator.userAgent,s=c.match(a);s&&c.indexOf("Chrome")===-1&&c.indexOf("Chromium")===-1&&(o="Safari",i=s[1])}e.exports={agent:o,version:i,match:r}},{}],28:[function(t,e,n){function r(t){function e(){t(a&&document[a]?document[a]:document[o]?"hidden":"visible")}"addEventListener"in document&&i&&document.addEventListener(i,e,!1)}e.exports=r;var o,i,a;"undefined"!=typeof document.hidden?(o="hidden",i="visibilitychange",a="visibilityState"):"undefined"!=typeof document.msHidden?(o="msHidden",i="msvisibilitychange"):"undefined"!=typeof document.webkitHidden&&(o="webkitHidden",i="webkitvisibilitychange",a="webkitVisibilityState")},{}],29:[function(t,e,n){function r(t,e){var n=[],r="",i=0;for(r in t)o.call(t,r)&&(n[i]=e(r,t[r]),i+=1);return n}var o=Object.prototype.hasOwnProperty;e.exports=r},{}],30:[function(t,e,n){function r(t,e,n){e||(e=0),"undefined"==typeof n&&(n=t?t.length:0);for(var r=-1,o=n-e||0,i=Array(o<0?0:o);++r<o;)i[r]=t[e+r];return i}e.exports=r},{}],31:[function(t,e,n){e.exports={exists:"undefined"!=typeof window.performance&&window.performance.timing&&"undefined"!=typeof window.performance.timing.navigationStart}},{}],ee:[function(t,e,n){function r(){}function o(t){function e(t){return t&&t instanceof r?t:t?f(t,s,a):a()}function n(n,r,o,i,a){if(a!==!1&&(a=!0),!p.aborted||i){t&&a&&t(n,r,o);for(var c=e(o),s=m(n),f=s.length,u=0;u<f;u++)s[u].apply(c,r);var l=d[y[n]];return l&&l.push([x,n,r,c]),c}}function i(t,e){g[t]=m(t).concat(e)}function h(t,e){var n=g[t];if(n)for(var r=0;r<n.length;r++)n[r]===e&&n.splice(r,1)}function m(t){return g[t]||[]}function v(t){return l[t]=l[t]||o(n)}function w(t,e){p.aborted||u(t,function(t,n){e=e||"feature",y[n]=e,e in d||(d[e]=[])})}var g={},y={},x={on:i,addEventListener:i,removeEventListener:h,emit:n,get:v,listeners:m,context:e,buffer:w,abort:c,aborted:!1};return x}function i(t){return f(t,s,a)}function a(){return new r}function c(){(d.api||d.feature)&&(p.aborted=!0,d=p.backlog={})}var s="nr@context",f=t("gos"),u=t(29),d={},l={},p=e.exports=o();e.exports.getOrSetContext=i,p.backlog=d},{}],gos:[function(t,e,n){function r(t,e,n){if(o.call(t,e))return t[e];var r=n();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(t,e,{value:r,writable:!0,enumerable:!1}),r}catch(i){}return t[e]=r,r}var o=Object.prototype.hasOwnProperty;e.exports=r},{}],handle:[function(t,e,n){function r(t,e,n,r){o.buffer([t],r),o.emit(t,e,n)}var o=t("ee").get("handle");e.exports=r,r.ee=o},{}],id:[function(t,e,n){function r(t){var e=typeof t;return!t||"object"!==e&&"function"!==e?-1:t===window?0:a(t,i,function(){return o++})}var o=1,i="nr@id",a=t("gos");e.exports=r},{}],loader:[function(t,e,n){function r(){if(!N++){var t=O.info=NREUM.info,e=m.getElementsByTagName("script")[0];if(setTimeout(f.abort,3e4),!(t&&t.licenseKey&&t.applicationID&&e))return f.abort();s(E,function(e,n){t[e]||(t[e]=n)});var n=a();c("mark",["onload",n+O.offset],null,"api"),c("timing",["load",n]);var r=m.createElement("script");0===t.agent.indexOf("http://")||0===t.agent.indexOf("https://")?r.src=t.agent:r.src=p+"://"+t.agent,e.parentNode.insertBefore(r,e)}}function o(){"complete"===m.readyState&&i()}function i(){c("mark",["domContent",a()+O.offset],null,"api")}var a=t(23),c=t("handle"),s=t(29),f=t("ee"),u=t(27),d=t(24),l=t(20),p=l.getConfiguration("ssl")===!1?"http":"https",h=window,m=h.document,v="addEventListener",w="attachEvent",g=h.XMLHttpRequest,y=g&&g.prototype,x=!d(h.location);NREUM.o={ST:setTimeout,SI:h.setImmediate,CT:clearTimeout,XHR:g,REQ:h.Request,EV:h.Event,PR:h.Promise,MO:h.MutationObserver};var b=""+location,E={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net",agent:"js-agent.newrelic.com/nr-spa-1209.min.js"},R=g&&y&&y[v]&&!/CriOS/.test(navigator.userAgent),O=e.exports={offset:a.getLastTimestamp(),now:a,origin:b,features:{},xhrWrappable:R,userAgent:u,disabled:x};if(!x){t(19),t(25),m[v]?(m[v]("DOMContentLoaded",i,!1),h[v]("load",r,!1)):(m[w]("onreadystatechange",o),h[w]("onload",r)),c("mark",["firstbyte",a.getLastTimestamp()],null,"api");var N=0}},{}],"wrap-function":[function(t,e,n){function r(t,e){function n(e,n,r,s,f){function nrWrapper(){var i,a,u,l;try{a=this,i=d(arguments),u="function"==typeof r?r(i,a):r||{}}catch(p){o([p,"",[i,a,s],u],t)}c(n+"start",[i,a,s],u,f);try{return l=e.apply(a,i)}catch(h){throw c(n+"err",[i,a,h],u,f),h}finally{c(n+"end",[i,a,l],u,f)}}return a(e)?e:(n||(n=""),nrWrapper[l]=e,i(e,nrWrapper,t),nrWrapper)}function r(t,e,r,o,i){r||(r="");var c,s,f,u="-"===r.charAt(0);for(f=0;f<e.length;f++)s=e[f],c=t[s],a(c)||(t[s]=n(c,u?s+r:r,o,s,i))}function c(n,r,i,a){if(!h||e){var c=h;h=!0;try{t.emit(n,r,i,e,a)}catch(s){o([s,n,r,i],t)}h=c}}return t||(t=u),n.inPlace=r,n.flag=l,n}function o(t,e){e||(e=u);try{e.emit("internal-error",t)}catch(n){}}function i(t,e,n){if(Object.defineProperty&&Object.keys)try{var r=Object.keys(t);return r.forEach(function(n){Object.defineProperty(e,n,{get:function(){return t[n]},set:function(e){return t[n]=e,e}})}),e}catch(i){o([i],n)}for(var a in t)p.call(t,a)&&(e[a]=t[a]);return e}function a(t){return!(t&&t instanceof Function&&t.apply&&!t[l])}function c(t,e){var n=e(t);return n[l]=t,i(t,n,u),n}function s(t,e,n){var r=t[e];t[e]=c(r,n)}function f(){for(var t=arguments.length,e=new Array(t),n=0;n<t;++n)e[n]=arguments[n];return e}var u=t("ee"),d=t(30),l="nr@original",p=Object.prototype.hasOwnProperty,h=!1;e.exports=r,e.exports.wrapFunction=c,e.exports.wrapInPlace=s,e.exports.argsToArray=f},{}]},{},["loader",2,16,5,3,4]);</script>
<link href="/stylesheets/minified/wishes_feedback.css" media="all" rel="stylesheet" type="text/css" />
<script type="text/javascript">
if (document.namespaces) {
document.namespaces.add('v', 'urn:schemas-microsoft-com:vml', "#default#VML");
}
</script>
<title>Firmware Upgrade Manager - Meraki Dashboard</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="keywords" content="" />
<meta name="description" content="Cisco Systems, Inc." />
<meta name="robots" content="none">
<meta name="MSSmartTagsPreventParsing" content="true" />
<meta name="Copyright" content="Copyright (c) 2021 Cisco Systems, Inc." />
<meta http-equiv="Content-Language" content="en-us" />
<meta http-equiv="imagetoolbar" content="false" />
<link rel="Shortcut Icon" href="/favicon.ico" type="image/x-icon" />
<script src="/javascripts/modernizr.min.js" type="text/javascript"></script>
<link href="/stylesheets/jquery-themes/meraki/screen.css" media="all" rel="stylesheet" type="text/css" />
<link href="/stylesheets/minified/manage.css" media="all" rel="stylesheet" type="text/css" />
<style type="text/css" media="screen">
</style>
<script>
window.dataLayer = window.dataLayer || [];
window.dataLayer.push({
"anonymize_ip": true,
"userId": "1126137",
"gtm.whitelist": ["ua", "opt", "gcs", "google"],
"gtm.blacklist": ["customScripts", "customPixels"],
"userGroup": "end_user"
});
</script>
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer', 'GTM-KCB4G6P');</script>
</head>
<body class="">
<!-- meraki-critical-test-flag -->
<div class="react-layout " id="sidetabs_container">
<div id="main-nav">
<div id='logo_react' class=''>
<div id='logoContainer'>
<a href='https://n176.meraki.com/Lab/n/kF_ybcWc/manage/dashboard' class='logo-link'>
<img alt="Dashboard Home" id="logoImg" src="/images/cisco-meraki-white.svg" />
</a>
</div>
</div>
<div id="nav-controls"></div>
</div>
<div id="content" class=&#x27;no_tabs&#x27;>
<header class="" id="masthead-react">
<div id="magic-search-react">
</div>
<form accept-charset="UTF-8" action="https://n176.meraki.com/manage/dashboard/magic_search" id="magic_search_react_form" method="get"><div style="margin:0;padding:0;display:inline"><input name="utf8" type="hidden" value="&#x2713;" /></div>
<input id="magic_search_box" name="magic_search_box" type="hidden" />
<input id="magic_search_group" name="magic_search_group" type="hidden" />
<input id="magic_search_is_cross_org" name="magic_search_is_cross_org" type="hidden" />
<input id="magic_search_item_id" name="magic_search_item_id" type="hidden" />
</form>
<div id="profile-bar-react">
</div>
<div id="GlobalAlertView"></div>
<div>
</div>
<div id="sidebar"></div>
<div>
</div>
</header>
<div id="sidetabs_body_container" >
<div id='notice_4a6dfeca955a10bc4fcba576abfb446fc7532508' class='alert alert-info acknowledgeable new_features ssid-admin-hidden strict-network-admin-hidden'><span class='notice_close_button'><img alt="close" class="delete_img" src="/images/onebyone.gif" /></span>New in Dashboard: <i isolate><span isolate>New data visualization update for MT12</span>.</i>&nbsp;&nbsp;&nbsp;<a href="https://n176.meraki.com/Lab/n/kF_ybcWc/manage/support/change_log">Read more.</a></div><div id='notice_44e686eb8b06db2dee28e5201ac0cefbe32ed786' class='alert alert-danger ssid-admin-hidden strict-network-admin-hidden'>This network has been disabled for non-payment. Please contact Meraki Sales for assistance.</div><div id='notice_m662029145223482122' class='alert alert-warning acknowledgeable ssid-admin-hidden strict-network-admin-hidden'><span class='notice_close_button'><img alt="close" class="delete_img" src="/images/onebyone.gif" /></span> <div class="alert-header"><strong>Account recovery action needed</strong></div>
<div>You are the only administrator for this organization. If you lose access, you will need to contact support to recover access to this organization. <br><a
href='https://n176.meraki.com/o/9Pfoed/manage/organization/admins'
onclick='(function () { jQuery("#notice_662029145223482122").hide(); jQuery.post("/Lab/n/kF_ybcWc/manage/dashboard/acknowledge_notice?notice_id=m662029145223482122&s=92569b5ae8ef17f0e9c8298954dd17c7",{},function(){}); })()'
>
Add another administrator to ensure you can recover access.
</a></div>
</div>
<script type="text/javascript">
//<![CDATA[
Mkiconf = window.Mkiconf || {};
Mkiconf.images = "/images/";
Mkihelp = window.Mkihelp || {};
Mkiconf.sync_help_messages = true;
//]]>
</script>
<noscript>
<div id="javascript_failure_container" class="notice_explanation_container">
<div class="notice_explanation bad">Your browser must have Javascript enabled to use Dashboard.</div>
</div>
<div style='clear:both'>&nbsp;</div>
</noscript>
<style>
#cookie_failure_container {
display: none;
}
html.no-cookies #cookie_failure_container {
display: block;
}
</style>
<div id="cookie_failure_container">
<div class="notice_explanation_container">
<div class="notice_explanation bad">Your browser must have cookies enabled to use Dashboard.</div>
</div>
</div>
<div id="OrgFirmwareUpgradesUi"></div>
</div>
<div id="trailer_react" class="clear">
</div>
<div class="hidden">
<form accept-charset="UTF-8" action="https://n176.meraki.com/Lab/n/kF_ybcWc/manage/support/wish?page_name=manage%2Forganization%3Afirmware_upgrades" enctype="multipart/form-data" id="wish_form" method="post"><div style="margin:0;padding:0;display:inline"><input name="utf8" type="hidden" value="&#x2713;" /><input name="authenticity_token" type="hidden" value="QGYo6GZaFqlV3YSdLFkfkwYimSCOFLmycI42Mxqz0zU=" /></div>
<input id="wish_form_wish" name="wish" type="hidden" value="" />
<input id="wish_form_hash" name="wish_hash" type="hidden" value="" />
<input id="wish_form_screenshot" name="wish_screenshot" type="hidden" value="" />
</form></div>
</div>
</div>
<script type="text/javascript">
window.performance && window.performance.mark && window.performance.mark("page-js-start");
</script>
<!--[if lte IE 8]><script src="/javascripts/excanvas.min.js" type="text/javascript"></script><![endif]-->
<script src="/javascripts/vendor.pack.js" type="text/javascript"></script>
<script src="/javascripts/manage.pack.js" type="text/javascript"></script>
<script src="/javascripts/mki.pack.js" type="text/javascript"></script>
<script src="/javascripts/build/pages/manifest.bundle.min.js" type="text/javascript"></script><script src="/javascripts/build/pages/vendor.bundle.min.js" type="text/javascript"></script><script src="/javascripts/build/pages/manage.bundle.min.js" type="text/javascript"></script><script src="/javascripts/build/pages/organization.firmware_upgrades.bundle.min.js" type="text/javascript"></script>
<script src="/javascripts/build/pages/navigation.bundle.min.js" type="text/javascript"></script>
<script type="text/javascript">
window.performance && window.performance.mark && window.performance.mark("page-js-manage-body-done");
window.performance && window.performance.mark && window.performance.mark("page-js-end-body-start");
</script>
<script type="text/javascript">
window.performance && window.performance.mark && window.performance.mark("page-js-end-body-done");
window.performance && window.performance.mark && window.performance.mark("page-js-end-body-js-pre");
</script>
<script type="text/javascript">//<![CDATA[
window.performance && window.performance.mark && window.performance.mark("page-js-end-body-js-start");
$j(window).bind('page_changed', function(e){
$j(".notice_explanation").not(".acknowledgeable").hide();
});
jQuery('#notice_4a6dfeca955a10bc4fcba576abfb446fc7532508 .notice_close_button img').click(function(){hide_notice('#notice_4a6dfeca955a10bc4fcba576abfb446fc7532508', true);})
$j('.alert.new_features .notice_close_button').click(dismiss_new_features);;jQuery('#notice_m662029145223482122 .notice_close_button img').click(function(){hide_notice('#notice_m662029145223482122', true);jQuery.post("/Lab/n/kF_ybcWc/manage/dashboard/acknowledge_notice?notice_id=m662029145223482122&s=6093588fbd087e878b6ec515520111a3",{},function(){});});
window.performance && window.performance.mark && window.performance.mark("page-js-end-body-js-done");
$(function() {
window.initializeReactMagicSearch(
"magic-search-react",
{"user_email":"halmartin@gmail.com","advanced_search_groups":[],"filters":["Access point","Appliance","Concentrator","Sensor","Switch","Configuration","Device","Client","Network","Support","SM Device","Community"],"show":{"admin_search":false}}
);
});
MkiRedux.getStore().dispatch({ type: "UPDATE_USER", update: {"id":"1126137","name":"Hal Martin","email":"halmartin@gmail.com","organization_id":"909519","company_name":"","unacked_features":null,"mcn":"","is_eng":false,"is_sales_demo_admin":false,"is_acting_admin":false,"is_acting_write_admin":false,"is_enterprise_read_admin":false,"has_idle_timeout_exemption":false,"actual_email":"halmartin@gmail.com","is_meraki_sso_admin":false,"can_write_ng":true} });
MkiRedux.getStore().dispatch({ type: "UPDATE_SESSION", update: {"was_admin_id":null,"disable_idle_timeout":false} });
MkiRedux.getStore().dispatch({
type: "UPDATE_CONTEXT",
update: {
currentShard: {"server_modes":{"ruby22":{"name":"Ruby 2.2","on_current_shard":true},"railsnext":{"name":"Ruby 2.6","on_current_shard":true}},"current_server_mode":"railsnext"},
network: {"id":"662029145223504029","name":"Lab","type":"switch","country_code":null,"organization_id":"909519","locale_id":"","tag":"Lab","eid":"kF_ybcWc","txpow_control":"auto","config_template_node_group_id":"","is_config_template":false,"has_firmware_eco":false,"has_underdog":false,"time_zone":"America/Los_Angeles","push_url_enabled":null,"has_wireless":false,"has_wired":true,"has_switch":true,"has_vm_concentrator":false,"has_pcc":false,"has_phone":false,"use_stp":true,"is_missing_floorplans":false,"has_track_by_locale_available":null,"client_tracking_method":"mac","wired_node_group_eid":"","ipv6_enabled":true,"has_ipv6_support":false,"ipv6_capable":false,"has_adaptive_policy_enabled":false,"product_edition":"enterprise"},
currentOrg: {"id":"909519","name":"Hal Martin","block_meraki_admins":false,"sm_licensing_enabled":true,"licensing_model":"coterm","primary_admin":null},
},
});
const isDemoAdmin = false;
if (!$.cookie("demo_language") && isDemoAdmin) {
$.cookie("demo_language", "en", { domain: "meraki.com", path: "/" });
}
window.initializeReactProfileBar(
"profile-bar-react",
{"show":{"profile_link":true,"mcn":false,"features_link":true,"branding_preview":false,"followed_organizations_summary":null,"demo_networks":false,"demo_resources":null,"admin":false,"products_to_hide":{},"sign_out":true,"pcc_devel_toggle":false,"translations_toggle":false,"teamcity_status":false,"license_problem":true,"mr_wifi6_refresh":false,"help":{"show_section":true,"get_help":true,"community":true,"marketplace":true,"cases":true,"pii":true,"new_features":true,"firewall_info":true,"api_docs":true,"am_i_affected":true,"privilege_escalation_vulnerability":false,"mx_log_exposure_vulnerability":true,"http_receivers_deprecation":true}},"currentPage":{"controller":"manage/organization","action":"firmware_upgrades"},"urls":{"demo_networks":"https://n176.meraki.com/manage/dashboard/cool_networks","meraki_community":"https://community.meraki.com?utm_source=dashboard&utm_medium=help-menu","meraki_marketplace":"https://apps.meraki.io"},"constants":{"meraki_tld":"meraki.com"},"ngIds":{"switch":"662029145223504029"},"currNgId":"662029145223504029","cookies":{"translations_on":false,"mp_off":false,"force_baidu":false},"localizeOpts":{"key":"2rkhJF9vEjWB6","targetLanguage":"\"en\"","saveNewPhrasesFromSource":true,"autodetectLanguage":false,"rememberLanguage":false,"translateBody":true,"blockedClasses":["profiler-results","flex-table-body","SimpleTable__body","backtrace","adminhighlight","chosen-container","ReactFlexTable__body","admin-dropdown-menu","NetworkSelector","flex-editor-body","NodeSelector","network_map_div","flot-text","notranslate","adminOnly","pac-container"],"basePath":"/o/9Pfoed/","disableWidget":true,"debug":false,"saveNewPhrases":false,"translateTitle":true},"languages":[{"code":"en","label":"English","apps":["dashboard","ssp","go"]},{"code":"de","label":"Deutsch","apps":["dashboard","ssp","go"]},{"code":"es","label":"Español","apps":["dashboard","ssp","go"]},{"code":"fr","label":"Français","apps":["dashboard","ssp","go"]},{"code":"ja","label":"日本語","apps":["dashboard","go"]},{"code":"ko","label":"한국어","apps":["dashboard"]},{"code":"pt-BR","label":"Português Brasileiro","apps":["dashboard"]},{"code":"ru","label":"Русский","apps":["dashboard"]},{"code":"zh-Hans","label":"中文(简体)","apps":["dashboard"],"moment_code":"zh-cn"},{"code":"zh-TW","label":"中文(繁體)","apps":["dashboard"],"moment_code":"zh-tw"}],"preferredLanguageCode":"en"}
);
window.initializeGlobalAlertView({divId: 'GlobalAlertView'})
window.initializeSidebar('sidebar')
MkiRedux.getStore().dispatch({ type: "UPDATE_USER", update: {"is_eng":false,"is_acting_admin":false,"is_pm":false,"is_support":false,"is_subscribed_to_page":false} });
MkiRedux.getStore().dispatch({ type: "UPDATE_SESSION", update: {"previous_session":{"created_at":"2021-06-22T18:38:48Z","time_since":"5 days","location":"Paris, France","request_ip":"82.65.0.229","login_from":"82.65.0.229"},"current_session":{"time_since":"1 minute","shard_ids":["1"]}} });
window.initializeReactFooter(
"trailer_react",
{"constants":{"meraki_copyright_html":"&copy; 2021 Cisco Systems, Inc.","meraki_tld":"meraki.com","shard_zone":"Europe"},"show":{"wish_box":true,"new_session_info":true,"env":false},"currentPage":"manage/organization:firmware_upgrades"}
);
var setBodyMinHeight = function() {
$("#sidetabs_body_container").css(
"min-height",
"calc(100vh - " +
$("#masthead-react").outerHeight() + "px - " +
$("#trailer_react").outerHeight() + "px - 1px)"
);
}
setBodyMinHeight();
window.addEventListener("resize", setBodyMinHeight);
$(function() {
window.initGoogleAnalyticsTabNames({"show":{"custom_logo":false,"network_selector":true,"org_name":null,"org_selector":true,"tag_selector":null,"tab_menu":true},"network_selector":{"ng_id":"662029145223504029","ng_name":"Lab","org_id":"909519","locale_id":null},"org_selector":{"org_id":"909519","org_name":"Hal Martin"},"tab_menu":{"tabs":[{"name":"Network-wide","menus":{"Monitor":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/usage/list","name":"Clients","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/nodes/topology","name":"Topology","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/dashboard/tcpdump","name":"Packet capture","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/dashboard/event_log","name":"Event log","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/dashboard/floorplans","name":"Map & floor plans","admin_only":false},null,null]},"Configure":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/system_settings","name":"General","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/alerts","name":"Alerts","admin_only":false},null,{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/guests","name":"Users","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/add_devices","name":"Add devices","admin_only":false},null]}},"is_current":false},{"name":"Switch","menus":{"Monitor":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/nodes/list","name":"Switches","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switchports","name":"Switch ports","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/dhcp_servers","name":"DHCP servers & ARP","admin_only":false}]},"Configure":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switch_l3","name":"Routing & DHCP","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/ospf","name":"OSPF routing","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/acl","name":"ACL","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switch_access","name":"Access policies","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/port_schedules","name":"Port schedules","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switch_settings","name":"Switch settings","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/firmware_upgrades","name":"Staged upgrades","admin_only":false},null]}},"is_current":false},{"name":"Organization","menus":{"Monitor":{"items":[{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/overview","name":"Overview","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/change_log","name":"Change log","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/login_attempts","name":"Login attempts","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/analytics","name":"Location analytics","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/templates","name":"Configuration templates","admin_only":false},{"is_current":true,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/firmware_upgrades","name":"Firmware upgrades","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/o/9Pfoed/manage/new_reports","name":"Summary report","admin_only":false}]},"Configure":{"items":[{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/edit","name":"Settings","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/bulk_editor","name":"Configuration sync","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/admins","name":"Administrators","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/roles","name":"Camera roles","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/o/9Pfoed/manage/dashboard/license_info","name":"License info","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/new_network","name":"Create network","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/inventory","name":"Inventory","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/o/9Pfoed/manage/network_objects/objects","name":"Policy objects","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/adaptive_policies","name":"Adaptive policy","admin_only":false}]}},"is_current":true}]}})
window.initGoogleAnalyticsPageView()
MkiRedux.getStore().dispatch({ type: "UPDATE_USER", update: {"can_see_org_stuff":true,"can_see_msp_portal":true,"can_create_networks_on_org":true,"is_msp":null,"has_merged_ap_list_page":true} });
MkiRedux.getStore().dispatch({ type: "UPDATE_SESSION", update: {"is_mobile":false} });
MkiRedux.getStore().dispatch({ type: "UPDATE_CONTEXT", update: { tld: "meraki.com" } });
// delete cookie for welcome modal as modal is getting removed
var welcomeModalCookieWasSet = $.cookie("react_welcome_modal_dismissed") === "true";
if (welcomeModalCookieWasSet) {
var newWelcomeModalCookieOpts = { expires: 365, domain: "meraki.com", path: "/" };
$.cookie("react_welcome_modal_dismissed", null, newWelcomeModalCookieOpts);
}
window.patchDOMForTranslations();
window.initializeSideNavigation(
"nav-controls",
{"show":{"custom_logo":false,"network_selector":true,"org_name":null,"org_selector":true,"tag_selector":null,"tab_menu":true},"network_selector":{"ng_id":"662029145223504029","ng_name":"Lab","org_id":"909519","locale_id":null},"org_selector":{"org_id":"909519","org_name":"Hal Martin"},"tab_menu":{"tabs":[{"name":"Network-wide","menus":{"Monitor":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/usage/list","name":"Clients","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/nodes/topology","name":"Topology","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/dashboard/tcpdump","name":"Packet capture","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/dashboard/event_log","name":"Event log","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/dashboard/floorplans","name":"Map & floor plans","admin_only":false},null,null]},"Configure":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/system_settings","name":"General","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/alerts","name":"Alerts","admin_only":false},null,{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/guests","name":"Users","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/add_devices","name":"Add devices","admin_only":false},null]}},"is_current":false},{"name":"Switch","menus":{"Monitor":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/nodes/list","name":"Switches","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switchports","name":"Switch ports","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/dhcp_servers","name":"DHCP servers & ARP","admin_only":false}]},"Configure":{"items":[{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switch_l3","name":"Routing & DHCP","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/ospf","name":"OSPF routing","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/acl","name":"ACL","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switch_access","name":"Access policies","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/port_schedules","name":"Port schedules","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/switch_settings","name":"Switch settings","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/Lab/n/kF_ybcWc/manage/configure/firmware_upgrades","name":"Staged upgrades","admin_only":false},null]}},"is_current":false},{"name":"Organization","menus":{"Monitor":{"items":[{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/overview","name":"Overview","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/change_log","name":"Change log","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/login_attempts","name":"Login attempts","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/analytics","name":"Location analytics","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/templates","name":"Configuration templates","admin_only":false},{"is_current":true,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/firmware_upgrades","name":"Firmware upgrades","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/o/9Pfoed/manage/new_reports","name":"Summary report","admin_only":false}]},"Configure":{"items":[{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/edit","name":"Settings","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/bulk_editor","name":"Configuration sync","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/admins","name":"Administrators","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/roles","name":"Camera roles","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/o/9Pfoed/manage/dashboard/license_info","name":"License info","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/new_network","name":"Create network","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/inventory","name":"Inventory","admin_only":false},{"is_current":false,"url":"https://n176.meraki.com/o/9Pfoed/manage/network_objects/objects","name":"Policy objects","admin_only":false},{"is_current":null,"url":"https://n176.meraki.com/o/9Pfoed/manage/organization/adaptive_policies","name":"Adaptive policy","admin_only":false}]}},"is_current":true}]}}
);
window.initializeCurrentNetworkContext({"locale":null,"node_group_types":["switch"],"node_groups":{"switch":{"id":"662029145223504029","eid":"kF_ybcWc","name":"Lab","url_tag":"Lab","is_current_node_group":true,"has_networking_clients":true,"has_wireless_clients":false}}});
});
window.performance && window.performance.mark && window.performance.mark("page-js-layout-init-done");
(function() {
var batches = [];
var users = [];
var upgrades = [];
var nodeGroups = [{"id":"662029145223504029","eid":"kF_ybcWc","name":"Lab","versionId":"1864","type":"switch","nodeCount":1,"tz":"America/Los_Angeles","isTemplateChild":false,"templateId":"","isTemplate":false,"numTemplateChildren":0,"childrenIds":[],"scheduledTime":"No","lastUpgradeTime":null,"scheduledVersionId":"","upgradeStarted":false,"upgradeStartingSoon":false,"upgradePartiallyCompleted":false,"upgradePending":false,"hasFirmwareEco":false,"numTemplateChildrenPendingUpgrade":0,"hasVersionLimit":false,"majorNumberLimit":null,"minorNumberLimit":null}];
var versions = [{"id":"1864","name":"MS 11.22","major":11,"minor":22,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Bug Fixes] The attribute cdpCacheDeviceIndex value in the SNMP cdpCacheEntry table may exceed its upper limit. (Addresses an issue with Cisco Emergency Responder - CER)\r\n[Bug Fixes] Stack member can fail to route incoming packets under specific conditions\r\n[Bug Fixes] MS220/320 series switches can incur port authentication failures after access policy mode changes\r\n[Bug Fixes] Port isolation is non-functional (introduced in MS 11.21)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Switch ports can fail to correctly detect LLDP/CDP neighbors in specific cases\r\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1560540821,"updatedAt":1620376340},{"id":"385","name":"SM 0.0","major":0,"minor":0,"patch":0,"changelog":null,"networkType":"systems_manager","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1154729160,"updatedAt":1201035537},{"id":"1361","name":"MX 0.0","major":0,"minor":0,"patch":0,"changelog":"","networkType":"vmx_host","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1456760423,"updatedAt":1456760423},{"id":"1120","name":"MX 22.16","major":22,"minor":16,"patch":0,"changelog":"Security patches and bug fixes.","networkType":"vm_concentrator","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1416263815,"updatedAt":1450129522},{"id":"1713","name":"MC 1.12","major":1,"minor":12,"patch":0,"changelog":"Bug Fixes\r\nResolved an issue where DNS servers were not being honored on Voice VLANs\r\nResolved an issue in which some Bluetooth devices could not be seen from the MC\r\nAdded support for more consistent 7 digit dialing was inconsistent on MCs without DIDs\r\nFixed a bug where call history was not being shown correctly\r\nResolved a regression where audio would drop out with more than 4 participants in an Ad-Hoc conference room","networkType":"phone","isBeta":false,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1522114895,"updatedAt":1536107070},{"id":"2172","name":"MV 4.13","major":4,"minor":13,"patch":0,"changelog":"[New] Initial stable firmware for MV2\r\n[Bug Fixes] Resolved an issue related to MQTT SSL/TLS connectivity\r\n[General] Improved 2nd generation cameras NTP implementation. Per our upstream firewall rules guidelines, public NTP should be permitted to allow for proper camera operations.\r\n[General] Improved performance of motion recap image generation \r\n[General] General stability and performance improvements","networkType":"camera","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1622134232,"updatedAt":1624381502},{"id":"2150","name":"MS 12.28.1","major":12,"minor":28,"patch":1,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.27 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing, RADIUS CoA\n[Bug fixes] General stability and security improvements\n[Bug Fixes] Ports configured for Access mode on MS390s can incur a 30sec delay before they forward traffic\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-12-08T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1617026547,"updatedAt":1620215157},{"id":"1909","name":"MG 1.9","major":1,"minor":9,"patch":0,"changelog":"[New Features] MG appliances will now report their cellular uplink’s DNS and default gateway IP information to the Meraki Dashboard.\n[Bug Fixes] Resolved an issue that resulted in the cellular APN not displayed on the local status page.\n[Bug fixes] Fixed an issue that resulted in the cellular modem configuration not properly updating when the cellular override setting on the local status page was 1) toggled to override SIM settings and 2) the default override settings were not modified.\n[Known Issues] Devices plugged into port 1 and port 2 of the MG will not be able to communicate with each other. Devices plugged into either port will still be able to communicate across the cellular connection successfully.","networkType":"cellular_gateway","isBeta":false,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1576629770,"updatedAt":1623983673},{"id":"1767","name":"M 15.2","major":15,"minor":2,"patch":0,"changelog":"[Bug Fixes] Resolved a rare issue where an MX could attempt to route a VPN flow via an uplink that did not have a valid VPN tunnel to the remote destination, when configured in NAT mode with two WAN uplinks. This would result in the incorrectly routed packet being dropped.\r\n[Security Fixes] CVE-2017-13704\r\n[Security Fixes] CVE-2017-14496\r\n[Security Fixes] CVE-2017-14495\r\n[Security Fixes] CVE-2017-14494\r\n[Security Fixes] CVE-2017-14493\r\n[Security Fixes] CVE-2017-14492\r\n[Security Fixes] CVE-2017-14491\r\n[Known Issues] A regression introduced in MX 13.5 could result in a routing loop for subnet(s) advertised by multiple one-armed VPN concentrators within the Auto VPN topology, when Auto VPN tunnels between the concentrators are formed.\r\n[Known Issues] In extended operation, the MX250 and MX450 may encounter an issue resulting in no VPN traffic being processed correctly until a system reboot is performed. This is resolved in MX 14.19.","networkType":"power","isBeta":true,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1533764412,"updatedAt":1533764412},{"id":"2132","name":"MR 27.6","major":27,"minor":6,"patch":0,"changelog":"[New] Support for Meraki MT sensors - https://documentation.meraki.com/MT (Wi-Fi 6 MRs)\n[New] Support for the MR44 to operate in \"low power mode\" - https://documentation.meraki.com/MR/MR_Overview_and_Specifications/MR44_Datasheet#Specifications (MR44)\n[Security Fixes] CVE-2020-11022 / CVE-2020-11023 (All MRs)\n[Bug Fixes] MR may experience frequent reboots in networks where UNII-1 channels are not supported, such as Bangladesh, Bolivia, Guyana, Indonesia, Jamaica, Nigeria, Pakistan, Qatar, Tanzania (Wi-Fi 6 MRs)\n[Bug Fixes] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Bug Fixes] MR may experience intermittent Ethernet connectivity issues when negotiated at mGig speeds (Wi-Fi 6 MRs)\n[Bug Fixes] Scanning API v3 data intermittently did not provide data for some MRs in the network (All MRs)\n[Bug Fixes] When two clients had an established data flow between each other on the same MR & SSID, followed by one of the clients roaming away from the MR and then back to the original MR, packet loss was experienced (All MRs)\n[Bug Fixes] MR may send several RTS frames to clients who leave BSS without stateful 802.11 deauthentication or disassociation, resulting in packet loss for other clients in the BSS (Wi-Fi 5 MRs)\n[Bug Fixes] \"Request failed\" error shown when attempting to use the \"Cycle port\" live tool for MR30H LAN ports (MR30H)\n[Bug Fixes] MR may get into a state where it stops responding to 802.11 probe requests while still sending 802.11 beacons (MR45/MR55)\n[Bug Fixes] MAC addresses were getting altered, leading to MRs being unable to check-in to Dashboard (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Bug Fixes] If a client roamed away and then roamed back to the original MR within 5 minutes, the MR would disassociate the client (All MRs)\n[Bug Fixes] Beamforming interoperability issues with certain clients resulted in disconnections and/or poor performance (MR45/55)\n[Bug Fixes] AutoTX power may reduce too aggressively, potentially impacting connectivity for associated clients with low RSSI (All MRs)\n[Bug Fixes] General performance & stability improvements\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1611333004,"updatedAt":1616174626},{"id":"2139","name":"MT 1.3","major":1,"minor":3,"patch":0,"changelog":"Added support for MT11 Probe Sensor","networkType":"sensor","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2022-06-16T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1614032850,"updatedAt":1623706407},{"id":"2155","name":"MX 15.42.1","major":15,"minor":42,"patch":1,"changelog":"[MX 15 Feature Highlights] Added support for Cisco Umbrella integration\n[MX 15 Feature Highlights] Added support for establishing non-Meraki VPN tunnels using IKEv2\n[MX 15 Feature Highlights] Added support for configuring source-based default routes\n[MX 15 Feature Highlights] Local breakout of SaaS applications to use public Internet links instead of Auto VPN tunnels. L3 breakout policies are available with all license tiers. Smart application breakouts are available with the Secure SD-WAN Plus license.\n[Important Notice] Please note MX 15.41 and higher includes a change that resolved an issue that caused MX appliances to not source DHCP messages from the shared virtual MAC address when configured in High Availability (HA). DHCP messages from MX appliances configured in HA will now be sourced from the shared virtual MAC address.\n[Important Notice] Due to underlying changes present in MX 15, MX appliances will now strictly validate the remote ID parameter during VPN tunnel formation. If you notice issues with non-Meraki VPN tunnel connectivity after upgrading to MX 15 for the first time, please ensure the remote ID configured in the site-to-site VPN page for a given non-Meraki peer matches what is configured as the local ID on that device.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.55.\n[Bug Fixes] Corrected an issue that prevented Z1, MX60, MX60W, MX80, and MX90 appliances from upgrading to MX 14.55 when configured for MX 15.42.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Due to issues still under investigation, Z3(C) appliances are more likely to experience a device reboot when the wireless functionality is being utilized.","networkType":"wired","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":true,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1617845434,"updatedAt":1622200341},{"id":"2179","name":"MR 27.7.1","major":27,"minor":7,"patch":1,"changelog":"[Bug Fixes] Wi-Fi 6 MRs might exhibit unexpected reboots (Wi-Fi 6 MRs)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Known Issues] UNII-2e channels not available for indoor APs in Israel IL regulatory domain (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)","networkType":"wireless","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":true,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1624481840,"updatedAt":1624568411},{"id":"2175","name":"MS 14.24","major":14,"minor":24,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.19 or later will result in minimal impact to client traffic\n[Branch Additions] SNMP support for MS390s\n[Branch Additions] RADIUS accounting support for MS390s\n[Branch Additions] Alternate Management Interface support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Branch Additions] QoS support for MS390s\n[Branch Additions] CoA support for MS390s\n[Branch Additions] STP anomaly detection events for non-MS390 series switches\n[Branch Additions] Adaptive policy support for MS390 series switches\n[Branch Additions] SecureConnect support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Bug Fixes] A port's STP configuration could be placed into a disabled state incorrectly if the port was removed from an LACP bundle\n[Bug Fixes] MS390 stability enhancements\n[Bug Fixes] MS120/125 series switches with multi-host authentication would not update hardware with new client information resulting in all traffic being inspected\n[Bug Fixes] Adaptive Policy tag configurations on non-SGT peer interfaces received incorrect port configurations\n[Bug Fixes] MS390 series switches have the option to have uplink client sampling disabled by Support. This is helpful for some deployments (https://documentation.meraki.com/MS/Monitoring_and_Reporting/Last_Seen_Switch_Port_of_Client_Keeps_Changing)\n[Known Issues] Multiple RADIUS timeouts can lead to the switch rebooting\n[Known Issues] In rare instances, a stack member may go offline until rebooted (present since MS 12)\n[Known Issues] In rare instances, non-390 stack members will reboot (present since 12.29+)\n[Known Issues] Due to FEC incompatibility between MS450 and Cisco Fabric Interconnect 6454, 100GbE links do not establish\n[Known Issues] MS120s switchports with MAB authentication may randomly deauthenticate clients. In order to resume client authentication on that port, a switch reboot is required (present since MS 12)\n[Known Issues] Packet loss is observed when pinging the MS390 management IP\n[Known Issues] MS120s on rare occasions will reboot (present since MS 11)\n[Known Issues] Stackpower is not enabled on MS390s by default\n[Known Issues] Broadcast types of traffic can leak into the Guest VLAN if a port that fails authentication has a Voice VLAN configured, and dashboard has a Guest VLAN defined (present since MS 11)\n[Known Issues] Links being established on a MS120 can result in neighboring ports to flap (present since MS 11)\n[Known Issues] MS120s with multiple access policies enabled may reboot when port changes are made\n[Known Issues] The traceroute live tool fails to run\n[Known Issues] The UI will show clients connected to MS390 access ports as being on the \"native\" VLAN\n[Known Issues] Stackings running PIM may encounter synchronization issues which can result in some receivers being unable to receive certain streams\n[Known Issues] Enabling Combined Power on MS350/355 switches results in events being logged once per minute (present since MS 11)\n[Known Issues] Networks containing a high number of switches may encounter issues saving changes on the Switch Settings page\n[Known Issues] MS220 and MS320 switches may randomly reboot in large L2 domains (present since MS 11)\n[Known Issues] The list of switches to clone from fails to load when cloning a switch in an organization with a large number of switches and networks\n[Known Issues] Switchport tags cannot be removed if they are added after a port profile is attached to the switch\n[Known Issues] In rare instances, when a stack reboots, ports may come up as \"LACP blocked state\", even if LACP is not configured (present since MS 10)\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] MS390 series switches do not support SM sentry\n[Known Issues] MS390 series switches do not support Syslog\n[Known Issues] MS390 series switches do not support Meraki authentication\n[Known Issues] MS390 series switches do not support URL redirection\n[Known Issues] MS390 series switches do not support MAC whitelists\n[Known Issues] MS390 series switches do not support loop detection\n[Known Issues] MS390 series switches do not support warm spare/VRRP\n[Known Issues] MS390 series switches do not support UDLD\n[Known Issues] MS390 series switches do not support MAC flap detection\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10)\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-06-10T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":true,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1623246518,"updatedAt":1623769429},{"id":"2181","name":"MX 15.43","major":15,"minor":43,"patch":0,"changelog":"[Important Notice] Due to underlying changes present in MX 15, MX appliances will now strictly validate the remote ID parameter during VPN tunnel formation. If you notice issues with non-Meraki VPN tunnel connectivity after upgrading to MX 15 for the first time, please ensure the remote ID configured in the site-to-site VPN page for a given non-Meraki peer matches what is configured as the local ID on that device.\n[Important Notice] This firmware version contains important changes required for communications between MX appliances and the AMP and ThreatGrid clouds. Customers utilizing the ThreatGrid integration will need to upgrade to MX 14.56, MX 15.43, MX 16.7, or higher before October 1, 2021. Customers utilizing the AMP-only integration will need to upgrade to MX 14.56, MX 15.43, MX 16.7, or higher before December 1, 2021\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.56.\n[Bug Fixes] Corrected an issue that could result in VPN flows being incorrectly reported as active when 1) A previous AutoVPN connection was established, 2) the AutoVPN peer became offline or disconnected, and 3) the AutoVPN peer was configured to operate in high availability (HA).\n[Bug Fixes] Stability improvements for MX67(C,W) and MX68(W,CW) platforms\n[Bug Fixes] Corrected an issue that resulted in MX appliances incorrectly using their WAN interface MAC address when 1) the MX appliances are configured in high availability, 2) the MX appliances are configured as one-armed VPN concentrators, and 3) traffic was being sourced from the shared virtual IP. MX appliances will now properly use the virtual MAC address in these cases. \n[Bug Fixes] Corrected a case that could result in a crash of the process responsible for managing and maintaining non-Meraki and client VPN tunnels. \n[Bug Fixes] Resolved an issue where DNS responses directing clients to a content filtering blocked page were improperly forwarded to the WAN network when an MX was configured as a passthrough appliance or one-armed VPN concentrator. \n[Bug Fixes] Mitigated an issue that resulted in traffic flows being incorrectly mapped to a secondary WAN interface during the bootup process of MX appliances. \n[Bug Fixes] Fixed a rare issue that could result in increased packet loss for traffic destined to or sourced from the LAN on MX64(W) appliances.\n[Bug Fixes] Resolved an issue that resulted in Layer 3 firewall rules including FQDNs in the source or destination addresses failing to apply when MX appliances were configured in passthrough mode. \n[Bug Fixes] Corrected an issue that resulted in an MX not properly updating the MTU value used for AutoVPN after 1) the MX appliance had established an AutoVPN tunnel with multiple MX appliances, 2) the AutoVPN peer appliances had different MTU values, and 3) the AutoVPN peer appliance possessing the lowest MTU value was disconnected and not reconnected. \n[Bug Fixes] Fixed an issue that resulted in communications across non-Meraki site-to-site VPN connections not being subject to configured bandwidth limits. \n[Bug Fixes] Resolved a rare issue that could result in highly delayed DHCP responses from MX MX67W, and MX68(C)W appliances. \n[Bug Fixes] Resolved an issue that resulted in MX appliances incorrectly forwarding traffic across the site-to-site VPN when 1) the MX appliances operating in one-armed VPN concentrator mode, 2) site-to-site VPN was enabled, and 3) traffic was received on the WAN interface with a source IP address matching the MX’s WAN interface IP. This situation could arise during an unintended routing loop and will now be dropped by MX appliances. \n[Bug Fixes] Fixed a case where the non-Meraki VPN service was not stopped when all non-Meraki VPN peers are removed from the configuration. \n[Bug Fixes] Corrected an issue that resulted in AutoVPN tunnel status reflecting as disconnected when 1) An uplink failover occurred, and 2) the MX appliance was unable to contact the VPN registry for one than one minute.\n[Bug Fixes] Resolved an issue where traffic could be incorrectly dropped under the following conditions 1) the MX appliance was configured to operate in passthrough / VPN concentrator mode, 2) the MX was configured to track clients by IP address, and 3) traffic was sourced from IP addresses 10.128.128.126, 10.128.128.127, 10.128.128.128, 10.128.128.129, 10.128.128.130, or 10.128.128.131.\n[Bug Fixes] Resolved an issue where ping reply messages were dropped when 1) an AutoVPN spoke is configured to form a VPN connection with two hubs, 2) a ping request message is sent from a client behind the AutoVPN spoke, 3) the ping request message is destined to a client behind the primary AutoVPN hub, 4) the ping response from the destination client, reached over the AutoVPN connection to the primary hub, is routed back to the AutoVPN spoke via the secondary AutoVPN hub. This happens only in cases where the secondary AutoVPN is configured with a default static route to the LAN. \n[Bug Fixes] Fixed a rare issue that could result in MX appliances not forming IKEv2 non-Meraki site-to-site VPN tunnels after the tunnels were previously established and a change was made to the non-Meraki VPN peer configuration. \n[Bug Fixes] Security fixes\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Due to issues still under investigation, Z3(C) appliances are more likely to experience a device reboot when the wireless functionality is being utilized.","networkType":"wired","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":true,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1624557565,"updatedAt":1624659474},{"id":"2170","name":"MX 16.7","major":16,"minor":7,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 16 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 15 or MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.55.\n[Bug Fixes] Updated the AnyConnect VPN service.\n[Bug Fixes] Security updates\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Significant performance regressions for VPN traffic may be observed on MX84 and MX100 appliances\n[Known Issues] Group policies do not correctly apply to client devices\n[Known Issues] Z3(C) appliances that are upgraded to MX 16 versions cannot directly downgrade to MX 14 releases. They must first downgrade to an MX 15 release.\n[Known Issues] MX IDS security alerts are not detected for AnyConnect VPN traffic\n[Known Issues] BGP-learned routes may not be properly reflected in the Route Table page on the Meraki Dashboard, despite BGP and packet routing operating correctly.\n[Known Issues] There is an increased risk of encountering device stability issues on all platforms and across all configurations.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":true,"isAvailableUpgradeVersion":true,"createdAt":1621904113,"updatedAt":1621975735},{"id":"2091","name":"MG 1.10","major":1,"minor":10,"patch":0,"changelog":"[Bug Fixes] Corrected an issue that could result in fragmented packets that arrive across a cellular connection not being sent to clients on the LAN.\n[Bug Fixes] Corrected several issues that resulted in the behavior of MG appliances not following RFC 2131 when performing DHCP release or DHCP renew operations for the IP addresses of WAN interfaces.\n[Bug Fixes] Corrected a rare issue that could result in an MG appliance failing to properly write a new configuration file to persistent storage. In very rare cases, this may have resulted in static IP configuration being lost. \n[Bug Fixes] Fixed several issues that could result in MG appliances being unable to successfully fetch a configuration from the Meraki Dashboard without Meraki Support’s intervention.\n[Bug Fixes] Corrected a regression that could result in some fragmented packets being dropped in rare circumstances.\n[Known Issues] Devices plugged into port 1 and port 2 of the MG will not be able to communicate with each other. Devices plugged into either port will still be able to communicate across the cellular connection successfully.","networkType":"cellular_gateway","isBeta":true,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":true,"isAvailableUpgradeVersion":true,"createdAt":1600996208,"updatedAt":1616174626},{"id":"2182","name":"MR 28.2","major":28,"minor":2,"patch":0,"changelog":"[Important Note] When configured for this version, the MR12, MR16, MR18, MR24, MR26, MR32, MR34, MR62, MR66, and MR72 will run MR 26.8.2\n[Security Fixes] CVE-2020-24588 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-24587 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-24586 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26145 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26144 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26140 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26143 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26139 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26146 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26147 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26142 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26143 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 6 MRs)\n[Bug Fixes] Traffic to/from wired LAN ports was not being properly prioritized (MR30H)\n[Bug Fixes] MR would update its gateway MAC address mapping when interoperating with certain WIDS/WIPS systems that sent spoofed ARP requests to 3rd party devices (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] LAN tab on MR status page stopped updating results for DNS queries (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] The Ago(s) field for DHCP requests under the LAN tab on MR status page would reset back to 0 every 12 hours despite no new DHCP requests being seen (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] MR got into a state where it would stop detecting BLE clients either until the MR was rebooted or the BLE Scanning functionality was toggled (MR42/MR52/MR53/MR84)\n[Bug Fixes] MR may reboot when changing the configured country for the network (Wi-Fi 6 MRs)\n[Bug Fixes] MR would not respond to 802.11 authentication frames if the client first sent an 802.11 Shared Key Authentication frame followed by an 802.11 Open Authentication frame for SSIDs configured with MAC-based access control (Wi-Fi 5 MRs)\n[Bug Fixes] MR does not stop blinking LEDs after the Blink LEDs live tool is enabled (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Bug Fixes] General stability improvements (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Known Issues] Client association status is not accurately reflected when viewing the Client Details page (Wi-Fi 6 MRs)\n[Known Issues] MR reboots every 15-20 minutes when connection to Meraki Dashboard is unavailable (Wi-Fi 6 MRs)\n[Known Issues] UNII-2e channels not available for indoor MRs in Israel IL regulatory domain (Wi-Fi 6 MRs)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":true,"isAvailableUpgradeVersion":true,"createdAt":1624568904,"updatedAt":1624569631},{"id":"2167","name":"MS 14.22","major":14,"minor":22,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.19 or later will result in minimal impact to client traffic\n[Alerts] L3 stacks will experience packet loss after an L3 configuration change is made. In order to restore complete stack stability, a reboot may be required\n[Branch Additions] SNMP support for MS390s\n[Branch Additions] RADIUS accounting support for MS390s\n[Branch Additions] Alternate Management Interface support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Branch Additions] QoS support for MS390s\n[Branch Additions] CoA support for MS390s\n[Branch Additions] STP anomaly detection events for non-MS390 series switches\n[Branch Additions] Adaptive policy support for MS390 series switches\n[Branch Additions] SecureConnect support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Bug Fixes] MS120-48 series switches with a high number of active ports with access policies configured may not successfully boot, requiring a configuration change and a factory reset\n[Bug Fixes] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates MS 12)\n[Known Issues] In rare instances, a stack member may go offline until rebooted (present since MS 12)\n[Known Issues] In rare instances, MS390s can lose connectivity to dashboard and require a manual reboot to recover. Control plane traffic is not impacted when this issue is encountered.\n[Known Issues] In rare instances, non-390 stack members will reboot (present since 12.29+)\n[Known Issues] Due to FEC incompatibility between MS450 and Cisco Fabric Interconnect 6454, 100GbE links do not establish\n[Known Issues] MS120s switchports with MAB authentication may randomly deauthenticate clients. In order to resume client authentication on that port, a switch reboot is required (present since MS 12)\n[Known Issues] MS120s on rare occasions will reboot (present since MS 11)\n[Known Issues] L3 stacks will experience packet loss after an L3 configuration change is made. In order to restore complete stack stability, a reboot may be required.\n[Known Issues] Stackpower is not enabled on MS390s by default\n[Known Issues] Broadcast types of traffic can leak into the Guest VLAN if a port that fails authentication has a Voice VLAN configured, and dashboard has a Guest VLAN defined (present since MS 11)\n[Known Issues] Links being established on a MS120 can result in neighboring ports to flap (present since MS 11)\n[Known Issues] MS120s with multiple access policies enabled may reboot when port changes are made\n[Known Issues] The UI for MS390 series switches will report the old STP bridge information until rebooted\n[Known Issues] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Known Issues] The traceroute live tool fails to run\n[Known Issues] The UI will show clients connected to MS390 access ports as being on the \"native\" VLAN\n[Known Issues] Stackings running PIM may encounter synchronization issues which can result in some receivers being unable to receive certain streams\n[Known Issues] MS390s acting as STP root incorrectly reports \"00:00:00:00:00:00 (priority 0)\" on the switch details page (present since MS 12)\n[Known Issues] Enabling Combined Power on MS350/355 switches results in events being logged once per minute (present since MS 11)\n[Known Issues] Networks containing a high number of switches may encounter issues saving changes on the Switch Settings page\n[Known Issues] MS220 and MS320 switches may randomly reboot in large L2 domains (present since MS 11)\n[Known Issues] The list of switches to clone from fails to load when cloning a switch in an organization with a large number of switches and networks\n[Known Issues] Switchport tags cannot be removed if they are added after a port profile is attached to the switch\n[Known Issues] In rare instances, when a stack reboots, ports may come up as \"LACP blocked state\", even if LACP is not configured (present since MS 10)\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] MS390 series switches do not support SM sentry\n[Known Issues] MS390 series switches do not support Syslog\n[Known Issues] MS390 series switches do not support Meraki authentication\n[Known Issues] MS390 series switches do not support URL redirection\n[Known Issues] MS390 series switches do not support MAC whitelists\n[Known Issues] MS390 series switches do not support loop detection\n[Known Issues] MS390 series switches do not support warm spare/VRRP\n[Known Issues] MS390 series switches do not support UDLD\n[Known Issues] MS390 series switches do not support MAC flap detection\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10)\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-12-31T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1621292041,"updatedAt":1621523100},{"id":"2158","name":"MS 12.34","major":12,"minor":34,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.31 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing, RADIUS CoA\n[Bug fixes] Fixed an issue where under rare circumstances, MS425 fans will stop running which can cause the unit to overheat and power down\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-12-10T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1618082198,"updatedAt":1618186828},{"id":"2015","name":"MS 12.17","major":12,"minor":17,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] MS390 DHCP server may stop working after DHCP fixed assignment or custom option configurations\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-06-13T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1592106059,"updatedAt":1618478296},{"id":"2169","name":"MS 14.23","major":14,"minor":23,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.19 or later will result in minimal impact to client traffic\n[Branch Additions] SNMP support for MS390s\n[Branch Additions] RADIUS accounting support for MS390s\n[Branch Additions] Alternate Management Interface support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Branch Additions] QoS support for MS390s\n[Branch Additions] CoA support for MS390s\n[Branch Additions] STP anomaly detection events for non-MS390 series switches\n[Branch Additions] Adaptive policy support for MS390 series switches\n[Branch Additions] SecureConnect support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Bug Fixes] MS390s - If duplicate DNS IPs were used in an SVI configuration, the MS390 SVI would not be updated\n[Bug Fixes] Access policies configured in hybrid mode with critical auth VLANs defined would fail to authenticate MAB clients\n[Bug Fixes] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Bug Fixes] MS390 - OSPF area ID could not be configured higher than 65535. This has been resolved so a 32-bit value can be used\n[Bug Fixes] In rare instances, MS390s can lose connectivity to dashboard and require a manual reboot to recover. Data plane traffic is not impacted when this issue is encountered.\n[Bug Fixes] L3 stacks will experience packet loss after an L3 configuration change is made. In order to restore complete stack stability, a reboot may be required.\n[Bug Fixes] MS390 stacks could report incomplete RSTP root information\n[Bug Fixes] MS390s acting as STP root incorrectly reports \"00:00:00:00:00:00 (priority 0)\" on the switch details page (present since MS 12)\n[Bug Fixes] MS390 ARP tables would show incorrect age values\n[Bug Fixes] The UI for MS390 series switches will report the old STP bridge information until rebooted\n[Known Issues] In rare instances, a stack member may go offline until rebooted (present since MS 12)\n[Known Issues] In rare instances, non-390 stack members will reboot (present since 12.29+)\n[Known Issues] Due to FEC incompatibility between MS450 and Cisco Fabric Interconnect 6454, 100GbE links do not establish\n[Known Issues] MS120s switchports with MAB authentication may randomly deauthenticate clients. In order to resume client authentication on that port, a switch reboot is required (present since MS 12)\n[Known Issues] Packet loss is observed when pinging the MS390 management IP\n[Known Issues] MS120s on rare occasions will reboot (present since MS 11)\n[Known Issues] Stackpower is not enabled on MS390s by default\n[Known Issues] Broadcast types of traffic can leak into the Guest VLAN if a port that fails authentication has a Voice VLAN configured, and dashboard has a Guest VLAN defined (present since MS 11)\n[Known Issues] Links being established on a MS120 can result in neighboring ports to flap (present since MS 11)\n[Known Issues] MS120s with multiple access policies enabled may reboot when port changes are made\n[Known Issues] The traceroute live tool fails to run\n[Known Issues] The UI will show clients connected to MS390 access ports as being on the \"native\" VLAN\n[Known Issues] Stackings running PIM may encounter synchronization issues which can result in some receivers being unable to receive certain streams\n[Known Issues] Enabling Combined Power on MS350/355 switches results in events being logged once per minute (present since MS 11)\n[Known Issues] Networks containing a high number of switches may encounter issues saving changes on the Switch Settings page\n[Known Issues] MS220 and MS320 switches may randomly reboot in large L2 domains (present since MS 11)\n[Known Issues] The list of switches to clone from fails to load when cloning a switch in an organization with a large number of switches and networks\n[Known Issues] Switchport tags cannot be removed if they are added after a port profile is attached to the switch\n[Known Issues] In rare instances, when a stack reboots, ports may come up as \"LACP blocked state\", even if LACP is not configured (present since MS 10)\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] MS390 series switches do not support SM sentry\n[Known Issues] MS390 series switches do not support Syslog\n[Known Issues] MS390 series switches do not support Meraki authentication\n[Known Issues] MS390 series switches do not support URL redirection\n[Known Issues] MS390 series switches do not support MAC whitelists\n[Known Issues] MS390 series switches do not support loop detection\n[Known Issues] MS390 series switches do not support warm spare/VRRP\n[Known Issues] MS390 series switches do not support UDLD\n[Known Issues] MS390 series switches do not support MAC flap detection\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10)\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1621903487,"updatedAt":1623780450},{"id":"2126","name":"MS 14.12","major":14,"minor":12,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.10 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Bug Fixes] Rebooting non-MS390 stack members can produce negative impact on L3 routing\n[Bug Fixes] Dashboard can depict a switch port in green/forwarding state even when port is in access policy discarding state\n[Bug Fixes] Switches can experience an unexpected reboot on weekly basis\n[Bug Fixes] Mactable fetch on MS390 switches can produce incomplete data for module ports and LAG interfaces\n[Known Issues] Non-MS390 switch stacks using Dynamic ARP Inspection can block ARP packets which should actually be permitted\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-01-14T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1610674389,"updatedAt":1616174626},{"id":"2138","name":"MS 14.16","major":14,"minor":16,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.13 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Bug Fixes] Various performance and stability improvements\n[Known Issues] MS390s may show a client's VLAN as \"native\" instead of the correct VLAN number\n[Known Issues] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\n[Known Issues] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates 12.X)\n[Known Issues] Switches on 12.28+ will sporadically drop DHCP Offers when a relay is in use\n[Known Issues] L3 switch stacks with multicast routing may fail to route streams through all members\n[Known Issues] MS120s can experience packet loss when forwarding from a 1Gbps to 100Mbps port \n[Known Issues] MS320s may experience reboots when in large L2 domains (predates 12.X)","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-02-23T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1613686972,"updatedAt":1618327137},{"id":"2122","name":"MS 14.10","major":14,"minor":10,"patch":0,"changelog":"[Alerts] MS390 stacks of 4 or more may experience instability on this release. For stacks of 4 or more please stay on the current general release to ensure stability and functionality.\n[Alerts] MS390 upgrades from MS 14.9 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Bug Fixes] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Bug Fixes] Client and traffic analytics data may be inaccurate for traffic traversing MS390-series switches\n[Bug Fixes] MS120, MS355 and MS450 series switches can reboot too quickly during firmware upgrades, interfering with timely upgrades of other switches\n[Bug Fixes] MAC forwarding table live tool does not return data for MS390 series switches\n[Known Issues] Non-MS390 switches can generate MAC flap events for MACs that are learned on the same port when the MAC is relearned following flush or age-out\n[Known Issues] Non-MS390 switch stacks using Dynamic ARP Inspection can block ARP packets which should actually be permitted\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-12-17T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1608234991,"updatedAt":1616174626},{"id":"2136","name":"MS 14.15","major":14,"minor":15,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.13 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] STP event log enhancements for Root bridge transition and BPDU packet delays\n[Additions] SecureConnect for MS210, MS225, MS250, MS350, and MS355\n[Bug Fixes] With DAI enabled on a stack, there was a chance that a client would become incorrectly blocked\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\n[Known Issues] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates 12.X)\n[Known Issues] Switches on 12.28+ will sporadically drop DHCP Offers when a relay is in use\n[Known Issues] L3 switch stacks with multicast routing may fail to route streams through all members\n[Known Issues] MS120s can experience packet loss when forwarding from a 1Gbps to 100Mbps port \n[Known Issues] MS320s may experiences reboots when in large L2 domains (predates 12.X)","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-02-12T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1613143197,"updatedAt":1618327161},{"id":"2082","name":"MS 12.28","major":12,"minor":28,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.27 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing, RADIUS CoA\n[Bug Fixes] MS390 switches may take a long time to check in when uplink is connected after a full boot sequence\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-04-30T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1598487290,"updatedAt":1618405214},{"id":"2157","name":"MS 14.19","major":14,"minor":19,"patch":0,"changelog":"[Alerts] MS390 upgrades to this version will result in a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n\n\n[Additions] MS390s now support RADIUS accounting\n\n\n[Bug Fixes] When a port's configuration is changed, all switch ports that use dynamic VLAN assignment are deauthenticated and require reauthentication\n[Bug Fixes] MR44s and MR46s with the MAC address in the following range, 68:3A:1E:FF:F9:63 - 68:3A:1E:FF:FA:46, will not be detected by SecureConnect\n[Bug Fixes] Fixed an issue where switches would repeatedly send out an excessive number of router solicitations\n[Bug Fixes] Fixed an issue where under rare circumstances, MS425 fans will stop running which can cause the unit to overheat and power down\n[Bug Fixes] MS390 dot1x events will now be logged\n\n\n[Known Issues] MS390s may show a client's VLAN as \"native\" instead of the correct VLAN number\n[Known Issues] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\n[Known Issues] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates 12.X)\n[Known Issues] Switches on 12.28+ will sporadically drop DHCP Offers when a relay is in use\n[Known Issues] L3 switch stacks with multicast routing may fail to route streams through all members\n[Known Issues] MS120s can experience packet loss when forwarding from a 1Gbps to 100Mbps port \n[Known Issues] MS320s may experience reboots when in large L2 domains (predates 12.X)","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-01-01T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1618001213,"updatedAt":1618497620},{"id":"2165","name":"MS 14.21","major":14,"minor":21,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.19 or later will result in minimal impact to client traffic\n[Branch Additions] SNMP support for MS390s\n[Branch Additions] RADIUS accounting support for MS390s\n[Branch Additions] Alternate Management Interface support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Branch Additions] QoS support for MS390s\n[Branch Additions] CoA support for MS390s\n[Branch Additions] STP anomaly detection events for non-MS390 series switches\n[Branch Additions] Adaptive policy support for MS390 series switches\n[Branch Additions] SecureConnect support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Bug Fixes] Changing a MS390's port between access and trunk could result in the updated configuration not being saved. A reboot was required for the new configuration to be saved\n[Bug Fixes] OSPF fails to form adjacencies when more than 164 SVIs are configured on a switch\n[Bug Fixes] MS22/42/220/320 series switches would experience a reboot if the network was configured to use Group Policy ACL\n[Bug Fixes] An event log was added for client authentication timeouts during EAP authentication\n[Bug Fixes] MS390 series switches would incorrectly set the NAS-IP to 1.1.3.1 in RADIUS packets\n[Known Issues] In rare instances, a stack member may go offline until rebooted (present since MS 12)\n[Known Issues] In rare instances, MS390s can lose connectivity to dashboard and require a manual reboot to recover. Control plane traffic is not impacted when this issue is encountered.\n[Known Issues] In rare instances, non-390 stack members will reboot (present since 12.29+)\n[Known Issues] Due to FEC incompatibility between MS450 and Cisco Fabric Interconnect 6454, 100GbE links do not establish\n[Known Issues] MS120s switchports with MAB authentication may randomly deauthenticate clients. In order to resume client authentication on that port, a switch reboot is required (present since MS 12)\n[Known Issues] Client connection tool show \"NaN%\" values between an MR and upstream MS\n[Known Issues] MS120s on rare occasions will reboot (present since MS 11)\n[Known Issues] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates MS 12)\n[Known Issues] L3 stacks will experience packet loss after an L3 configuration change is made. In order to restore complete stack stability, a reboot may be required.\n[Known Issues] Stackpower is not enabled on MS390s by default\n[Known Issues] Broadcast types of traffic can leak into the Guest VLAN if a port that fails authentication has a Voice VLAN configured, and dashboard has a Guest VLAN defined (present since MS 11)\n[Known Issues] Links being established on a MS120 can result in neighboring ports to flap (present since MS 11)\n[Known Issues] The UI for MS390s may incorrectly aggregate ethernet ports when SFP ports were selected\n[Known Issues] MS120s with multiple access policies enabled may reboot when port changes are made\n[Known Issues] The UI for MS390 series switches will report the old STP bridge information until rebooted\n[Known Issues] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Known Issues] The traceroute live tool fails to run\n[Known Issues] The UI will show clients connected to MS390 access ports as being on the \"native\" VLAN\n[Known Issues] Stackings running PIM may encounter synchronization issues which can result in some receivers being unable to receive certain streams\n[Known Issues] MS390s acting as STP root incorrectly reports \"00:00:00:00:00:00 (priority 0)\" on the switch details page (present since MS 12)\n[Known Issues] Enabling Combined Power on MS350/355 switches results in events being logged once per minute (present since MS 11)\n[Known Issues] Networks containing a high number of switches may encounter issues saving changes on the Switch Settings page\n[Known Issues] MS220 and MS320 switches may randomly reboot in large L2 domains (present since MS 11)\n[Known Issues] The list of switches to clone from fails to load when cloning a switch in an organization with a large number of switches and networks\n[Known Issues] Switchport tags cannot be removed if they are added after a port profile is attached to the switch\n[Known Issues] In rare instances, when a stack reboots, ports may come up as \"LACP blocked state\", even if LACP is not configured (present since MS 10)\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] MS390 series switches do not support SM sentry\n[Known Issues] MS390 series switches do not support Syslog\n[Known Issues] MS390 series switches do not support IPv6 connectivity to dashboard\n[Known Issues] MS390 series switches do not support Meraki authentication\n[Known Issues] MS390 series switches do not support URL redirection\n[Known Issues] MS390 series switches do not support MAC whitelists\n[Known Issues] MS390 series switches do not support loop detection\n[Known Issues] MS390 series switches do not support warm spare/VRRP\n[Known Issues] MS390 series switches do not support UDLD\n[Known Issues] MS390 series switches do not support MAC flap detection\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10)\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-01-27T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1619730342,"updatedAt":1620227490},{"id":"2146","name":"MS 14.17","major":14,"minor":17,"patch":0,"changelog":"[Alerts] MS390 upgrades to this version will result in a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n\n[Bug Fixes] MS390s could show the incorrect root port in dashboard\n[Bug Fixes] Fixed an issue where large configuration changes could encounter issues updating properly on MS390s\n[Bug Fixes] Various performance and stability improvements\n[Known Issues] MS390s may show a client's VLAN as \"native\" instead of the correct VLAN number\n[Known Issues] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\n[Known Issues] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates 12.X)\n[Known Issues] Switches on 12.28+ will sporadically drop DHCP Offers when a relay is in use\n[Known Issues] L3 switch stacks with multicast routing may fail to route streams through all members\n[Known Issues] MS120s can experience packet loss when forwarding from a 1Gbps to 100Mbps port \n[Known Issues] MS320s may experience reboots when in large L2 domains (predates 12.X)","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1615908090,"updatedAt":1618327120},{"id":"2160","name":"MS 14.20","major":14,"minor":20,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.19 or later will result in minimal impact to client traffic\n[Branch Additions] SNMP support for MS390s\n[Branch Additions] RADIUS accounting support for MS390s\n[Branch Additions] Alternate Management Interface support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Branch Additions] QoS support for MS390s\n[Branch Additions] CoA support for MS390s\n[Branch Additions] STP anomaly detection events for non-MS390 series switches\n[Branch Additions] Adaptive policy support for MS390 series switches\n[Branch Additions] SecureConnect support for MS210/MS225/MS250/MS350/MS355/MS410/MS425/MS450 series switches\n[Bug Fixes] MS390s that had a voice VLAN on access ports in a link aggregation would lose the port's VLAN configuration and default to VLAN 1 after a reboot\n[Bug Fixes] L3 switches with a DHCP relay configured could sporadically drop DHCP Offers (present since 12.11)\n[Known Issues] In rare instances, a stack member may go offline until rebooted (present since MS 12)\n[Known Issues] In rare instances, MS390s can lose connectivity to dashboard and require a manual reboot to recover. Control plane traffic is not impacted when this issue is encountered.\n[Known Issues] OSPF fails to form adjacencies when more than 164 SVIs are configured on a switch\n[Known Issues] In rare instances, non-390 stack members will reboot (present since 12.29+)\n[Known Issues] Due to FEC incompatibility between MS450 and Cisco Fabric Interconnect 6454, 100GbE links do not establish\n[Known Issues] MS120s switchports with MAB authentication may randomly deauthenticate clients. In order to resume client authentication on that port, a switch reboot is required (present since MS 12)\n[Known Issues] Client connection tool show \"NaN%\" values between an MR and upstream MS\n[Known Issues] MS120s on rare occasions will reboot (present since MS 11)\n[Known Issues] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates MS 12)\n[Known Issues] L3 stacks will experience packet loss after an L3 configuration change is made. In order to restore complete stack stability, a reboot may be required.\n[Known Issues] Stackpower is not enabled on MS390s by default\n[Known Issues] Broadcast types of traffic can leak into the Guest VLAN if a port that fails authentication has a Voice VLAN configured, and dashboard has a Guest VLAN defined (present since MS 11)\n[Known Issues] Links being established on a MS120 can result in neighboring ports to flap (present since MS 11)\n[Known Issues] The UI for MS390s may incorrectly aggregate ethernet ports when SFP ports were selected\n[Known Issues] MS120s with multiple access policies enabled may reboot when port changes are made\n[Known Issues] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Known Issues] The traceroute live tool fails to run\n[Known Issues] The UI will show clients connected to MS390 access ports as being on the \"native\" VLAN\n[Known Issues] Stackings running PIM may encounter synchronization issues which can result in some receivers being unable to receive certain streams\n[Known Issues] MS390s acting as STP root incorrectly reports \"00:00:00:00:00:00 (priority 0)\" on the switch details page (present since MS 12)\n[Known Issues] Enabling Combined Power on MS350/355 switches results in events being logged once per minute (present since MS 11)\n[Known Issues] Networks containing a high number of switches may encounter issues saving changes on the Switch Settings page\n[Known Issues] MS220 and MS320 switches may randomly reboot in large L2 domains (present since MS 11)\n[Known Issues] The list of switches to clone from fails to load when cloning a switch in an organization with a large number of switches and networks\n[Known Issues] Switchport tags cannot be removed if they are added after a port profile is attached to the switch\n[Known Issues] In rare instances, when a stack reboots, ports may come up as \"LACP blocked state\", even if LACP is not configured (present since MS 10)\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] MS390 series switches do not support SM sentry\n[Known Issues] MS390 series switches do not support Syslog\n[Known Issues] MS390 series switches do not support IPv6 connectivity to dashboard\n[Known Issues] MS390 series switches do not support Meraki authentication\n[Known Issues] MS390 series switches do not support URL redirection\n[Known Issues] MS390 series switches do not support MAC whitelists\n[Known Issues] MS390 series switches do not support loop detection\n[Known Issues] MS390 series switches do not support warm spare/VRRP\n[Known Issues] MS390 series switches do not support UDLD\n[Known Issues] MS390 series switches do not support MAC flap detection\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10)\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] MS390 upgrades from 14.20 or later will result in minimal impact to client traffic\n[Known Issues] MS390 series switches are unable to be polled by SNMP if they received an address via DHCP","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-01-01T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1618849341,"updatedAt":1619711539},{"id":"1947","name":"MS 12.12","major":12,"minor":12,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS390 Series Switches\r\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\r\n[Additions] Features now supported on MS390: RADIUS Testing\r\n[Bug Fixes] Rare condition where packet loss can be generated when routing to a next hop on switch stack\r\n[Known Issues] MS390 stack members may not report client-level detail\r\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\r\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\r\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\r\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\r\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\r\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\r\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\r\n[Known Issues] MS390 series switches do not support the multicast routing livetool\r\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\r\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\r\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\r\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\r\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2020-10-02T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1585870752,"updatedAt":1618728329},{"id":"2018","name":"MS 12.18","major":12,"minor":18,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] Link status for MS390-series switches may not be detected correctly on stack ports\n[Bug Fixes] Packet captures can fail (produce empty result) for ports on MS390 stack members\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-06-22T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1592811707,"updatedAt":1616174626},{"id":"1898","name":"MS 11.28","major":11,"minor":28,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Additions] CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Bug Fixes] CDP 2nd port disconnect messages are ignored when 2nd port is reported as full duplex\r\n[Bug Fixes] Stacked switches can crash/reboot when quantity of configured LAGs exceeds port count of single stack member\r\n[Bug Fixes] Port may drop ingress traffic after hot-insertion of certain SFP modules on MS355/450 series switches\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1572539085,"updatedAt":1616174626},{"id":"2147","name":"MS 14.18","major":14,"minor":18,"patch":0,"changelog":"[Alerts] MS390 upgrades to this version will result in a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Bug Fixes] Viewing a MS390's routing tab would result in a reboot\n[Bug Fixes] Various performance and stability improvements\n[Known Issues] MS390s may show a client's VLAN as \"native\" instead of the correct VLAN number\n[Known Issues] MS390 port traffic in the UI on occasion can show negative traffic for a client\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] MS390 stacks on rare occasions will require a manual reboot after the upgrade has completed\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\n[Known Issues] MS355 stacks upon reboot have a chance that the uplink port will go into STP blocking state (predates 12.X)\n[Known Issues] Switches on 12.28+ will sporadically drop DHCP Offers when a relay is in use\n[Known Issues] L3 switch stacks with multicast routing may fail to route streams through all members\n[Known Issues] MS120s can experience packet loss when forwarding from a 1Gbps to 100Mbps port \n[Known Issues] MS320s may experience reboots when in large L2 domains (predates 12.X)","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-03-19T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1616196386,"updatedAt":1618327102},{"id":"1901","name":"MS 11.29","major":11,"minor":29,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Additions] CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Bug Fixes] In specific conditions, ingress packets to a switch stack can fail to be L3 routed to their intended next-hop\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1574714515,"updatedAt":1616174626},{"id":"1908","name":"MS 11.29.1","major":11,"minor":29,"patch":1,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS125, MS355, and MS450 Series switches\n[Additions] Support for MS390 Series Switches\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\n[Additions] Event logging for errors with ECMP routes\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\n[Additions] STP BPDU inter-arrival monitoring\n[Additions] CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS testing, RADIus Accounting Change of Authorization, QoS, Power Supply State, PoE power status/usage, Port Mirroring\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":true,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1576601595,"updatedAt":1616174626},{"id":"1912","name":"MS 11.30","major":11,"minor":30,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS125, MS355, and MS450 Series switches\n[Additions] Support for MS390 Series Switches\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\n[Additions] Event logging for errors with ECMP routes\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\n[Additions] STP BPDU inter-arrival monitoring\n[Additions] CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches\n[Fixes] MS 11.30 is identical to MS 11.29.1, but resolves a technical issue where MS390s may not upgrade to MS 11.29.1 as expected\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches do not display stackport connectivity status in dashboard\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS testing, RADIus Accounting Change of Authorization, QoS, Power Supply State, PoE power status/usage, Port Mirroring\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1576865904,"updatedAt":1616174626},{"id":"1921","name":"MS 12.9","major":12,"minor":9,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Bug Fixes] Routing to a next-hop can fail when the MAC of the next-hop gets evicted from the CAM table on MS210/225/250/350/355/410/420/425/450 series switches\n[Known Issues] Port authentication can fail on non-stacked MS120/125/210/225/250/350/355/410/420/425/450 series switches\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Testing, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-06-28T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1580258548,"updatedAt":1616174626},{"id":"1934","name":"MS 12.10","major":12,"minor":10,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Bug Fixes] Cable test results can reference the wrong port number on certain 48 port SKUs\n[Bug Fixes] Switches can go offline unexpectedly in a topology where a physical loop exists that is segmented by port VLAN configuration\n[Bug Fixes] MS390 series switches can inaccurately report per-port client data\n[Known Issues] Port authentication can fail on non-stacked MS120/125/210/225/250/350/355/410/420/425/450 series switches\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Testing, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-08-21T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1582330092,"updatedAt":1616174626},{"id":"1942","name":"MS 12.11","major":12,"minor":11,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS390 Series Switches\r\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\r\n[Additions] Features now supported on MS390: RADIUS Testing\r\n[Bug Fixes] Port authentication can fail on non-stacked MS120/125/210/225/250/350/355/410/420/425/450 series switches\r\n[Bug Fixes] Relayed DHCP Offer packets can be dropped by switch stacks when routed asymmetrically\r\n[Bug Fixes] Rare critical failure which causes port authentication to fail did not trigger expected device reboot\r\n[Bug Fixes] OSPF adjacency establishment can get stuck during EXSTART stage in multi-area configurations\r\n[Known Issues] MS390 stack members may not report client-level detail\r\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\r\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\r\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\r\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\r\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\r\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\r\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\r\n[Known Issues] MS390 series switches do not support the multicast routing livetool\r\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\r\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\r\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\r\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\r\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-09-23T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1584978352,"updatedAt":1616174626},{"id":"1950","name":"MS 12.13","major":12,"minor":13,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS390 Series Switches\r\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\r\n[Additions] Features now supported on MS390: RADIUS Testing\r\n[Bug Fixes] MS390 ports do not reflect PoE status in Dashboard\r\n[Known Issues] MS390 stack members may not report client-level detail\r\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\r\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\r\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\r\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\r\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\r\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\r\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\r\n[Known Issues] MS390 series switches do not support the multicast routing livetool\r\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\r\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\r\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\r\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2020-10-09T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1586460432,"updatedAt":1616174626},{"id":"2010","name":"MS 12.16","major":12,"minor":16,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] Filtered multicast streams cannot forward on LAG interface on MS120/125 series switches\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-12-04T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1591304716,"updatedAt":1616174626},{"id":"2067","name":"MS 12.23","major":12,"minor":23,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.10 or later will result in minimal impact to client traffic\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] SNMP alerting for CER can fail depending on SFP modules plugged into a switch\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-17T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1595013514,"updatedAt":1616174626},{"id":"2069","name":"MS 12.24","major":12,"minor":24,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.23 or earlier will trigger a full system reload\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] Certain SFP modules can become stuck in a link-down state after reboot on MS390 series switches\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-23T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1595531548,"updatedAt":1616174626},{"id":"2071","name":"MS 12.25","major":12,"minor":25,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.24 or later will result in minimal impact to client traffic\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] Non-MS390 stack members can fail to acquire an IPv6 uplink address\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-31T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1596207985,"updatedAt":1616174626},{"id":"2095","name":"MS 12.30","major":12,"minor":30,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.28 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing, RADIUS CoA\n[Bug Fixes] Ports with an access policy can fail to grant network access to end devices post-reboot on MS120/125 series switches\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-10-09T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1602308270,"updatedAt":1616174626},{"id":"2112","name":"MS 14.6","major":14,"minor":6,"patch":0,"changelog":"[Alerts] MS390 stacks of 4 or more may experience instability on this release. For stacks of 4 or more please stay on the current general release to ensure stability and functionality.\n[Alerts] MS390 upgrades from MS 14.5 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 access policies on switch ports may not be applied to interfaces after a reboot due to a known issue\n[Additions] QoS for MS390 series switches\n[Bug Fixes] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Bug Fixes] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-11-06T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1604712121,"updatedAt":1616174626},{"id":"2117","name":"MS 12.32","major":12,"minor":32,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.31 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing, RADIUS CoA\n[Bug Fixes] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Bug Fixes] Non-MS390 switches can manifest packet loss for routed traffic after making a L3 config change\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-12-06T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1607305562,"updatedAt":1616174626},{"id":"1887","name":"MS 11.26","major":11,"minor":26,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Additions] CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Bug Fixes] In rare cases, Local Status Page is inaccessible from MS125 rear management port\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Rarely, L2 learning and aging can freeze on MS210/225/250/350/410/420/425 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1569856538,"updatedAt":1616174626},{"id":"2052","name":"MS 12.19","major":12,"minor":19,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.10 or later will result in minimal impact to client traffic\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] Link status for MS390-series switches may not be detected correctly on stack ports\n[Bug Fixes] Packet captures can fail (produce empty result) for ports on MS390 stack members\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-06-25T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1593128485,"updatedAt":1616174626},{"id":"2063","name":"MS 12.22","major":12,"minor":22,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.10 or later will result in minimal impact to client traffic\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] Traffic handled by a static route can fail to be routed properly on non-MS390 switch stacks\n[Bug Fixes] MS390 firmware upgrade progress can reflect as 0% on local status page despite progressing normally\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-07-13T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1594480551,"updatedAt":1616174626},{"id":"2072","name":"MS 12.26","major":12,"minor":26,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.24 or later will result in minimal impact to client traffic\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] MS390 switches that experience a firmware upgrade interruption can be blocked from re-attempting the upgrade\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-08-05T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1596658834,"updatedAt":1616174626},{"id":"2089","name":"MS 12.29","major":12,"minor":29,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.28 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing, RADIUS CoA\n[Bug Fixes] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Bug Fixes] Editing properties of an existing L3 interface on MS390 switches don't take effect without a reboot\n[Bug Fixes] Certain egress protocol packets missing from switch port packet captures\n[Bug Fixes] Stack member switches might fail to forward multicast stream out ports with known receivers\n[Bug Fixes] Changing configurations of various port settings on MS390 switches can result in the port not successfully participating in a configured LAG\n[Bug Fixes] Ports configured for Access mode on MS390s can incur a 30sec delay before they forward traffic\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-09-21T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1600721733,"updatedAt":1616174626},{"id":"2104","name":"MS 14.5","major":14,"minor":5,"patch":0,"changelog":"[Alerts] MS390 stacks of 4 or more may experience instability on this release. For stacks of 4 or more please stay on the current general release to ensure stability and functionality.\n[Alerts] MS390 upgrades from MS 14.4 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Adaptive Policy for MS390 series switches\n[Additions] Group Policy ACL for MS210/225/250/350/355/410/420/425/450 series switches\n[Bug Fixes] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Bug Fixes] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-10-21T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1603292770,"updatedAt":1616174626},{"id":"2120","name":"MS 14.9","major":14,"minor":9,"patch":0,"changelog":"[Alerts] MS390 stacks of 4 or more may experience instability on this release. For stacks of 4 or more please stay on the current general release to ensure stability and functionality.\n[Alerts] MS390 upgrades from MS 14.8 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Bug Fixes] Non-MS390 switch stacks using Dynamic ARP Inspection can block ARP packets which should actually be permitted\n[Bug Fixes] MS390 access policies on switch ports may not be applied to interfaces after a reboot\n[Bug Fixes] QoS rules on MS390 using 'Protocol = Any' do not alter traffic priority\n[Bug Fixes] Deleting QoS rules in bulk on MS390 switches can result in future rules not getting applied\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-12-11T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1607731429,"updatedAt":1616174626},{"id":"2124","name":"MS 14.11","major":14,"minor":11,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.10 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Bug Fixes] MAC flap events can be created when a MAC is relearned on the same port following a flush or age-out\n[Bug Fixes] MS390 stacks of 4 or more may experience instability\n[Bug Fixes] Downgrading MS390 switches to older firmware can take longer than expected\n[Known Issues] Non-MS390 switch stacks using Dynamic ARP Inspection can block ARP packets which should actually be permitted\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-01-08T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1610134793,"updatedAt":1616174626},{"id":"2115","name":"MS 14.8","major":14,"minor":8,"patch":0,"changelog":"[Alerts] MS390 stacks of 4 or more may experience instability on this release. For stacks of 4 or more please stay on the current general release to ensure stability and functionality.\n[Alerts] MS390 upgrades from MS 14.7 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 access policies on switch ports may not be applied to interfaces after a reboot due to a known issue\n[Bug Fixes] Rare chance non-MS390 switch stack can crash and reboot using multicast routing\n[Bug Fixes] Incoming packets to a non-MS390 switch stack can be routed suboptimally after members of the stack reboot\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-11-18T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1605750473,"updatedAt":1616174626},{"id":"2076","name":"MS 12.27","major":12,"minor":27,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.26 or earlier will trigger a full system reload\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] MS390 series switches can take longer than expected to check into Dashboard for the first time\n[Bug Fixes] Clients detected as downstream from a LAG port display as offline in Dashboard\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-08-14T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1597432264,"updatedAt":1616174626},{"id":"2130","name":"MS 14.13","major":14,"minor":13,"patch":0,"changelog":"[Alerts] MS390 upgrades from MS 14.10 or later will result in minimal impact to client traffic\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Bug Fixes] Various performance and stability improvements\n[Known Issues] Non-MS390 switch stacks using Dynamic ARP Inspection can block ARP packets which should actually be permitted\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-01-22T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1611242236,"updatedAt":1616174626},{"id":"1919","name":"MS 12.8","major":12,"minor":8,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Bug Fixes] Username Received in RADIUS Access-Accept can be sent with different formatting in RADIUS Accounting-Request\n[Bug Fixes] Port mirroring does not work on MS390 series switches\n[Known Issues] Port authentication can fail on non-stacked MS120/125/210/225/250/350/355/410/420/425/450 series switches\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Testing, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-06-24T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1579892327,"updatedAt":1616174626},{"id":"2006","name":"MS 12.15","major":12,"minor":15,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Bug Fixes] MS390 LAG configuration can fail when selecting module ports and module is not installed\n[Bug Fixes] Device local status page missing details about LAN IPv6 uplink\n[Bug Fixes] Cable test results on MS210/225/250 series switches inconsistent on 100mbps links\n[Bug Fixes] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-11-27T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1590624870,"updatedAt":1616174626},{"id":"2113","name":"MS 14.7","major":14,"minor":7,"patch":0,"changelog":"[Alerts] MS390 stacks of 4 or more may experience instability on this release. For stacks of 4 or more please stay on the current general release to ensure stability and functionality.\n[Alerts] MS390 upgrades from MS 14.6 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 access policies on switch ports may not be applied to interfaces after a reboot due to a known issue\n[Additions] Performance improvement to MS390 cold boot-up and reload time\n[Additions] MS390 now displays Power Supply State and PoE power status/usage\n[Bug Fixes] Dashboard traffic analytics data can erroneously report certain clients are directly connected to a port on an MS390\n[Bug Fixes] Cycling a large number of ports on an MS390 stack can produce a temporary Dashboard connection interruption\n[Known Issues] MS425 stacks directly exposed to large L2 domains can experience stability reduction\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-11-13T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1605316494,"updatedAt":1616174626},{"id":"1809","name":"MS 11.0","major":11,"minor":0,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Bug Fixes] Chance that BPDU may not be transmitted in timely manner from a LAG port on a switch stack\r\n[Bug Fixes] MS355 series switches may not auto-negotiate mGig speeds correctly\r\n[Bug Fixes] Ports on MS355 series switches may remain down after cable testing\r\n[Bug Fixes] The RADIUS test widget in Dashboard does not function correctly on MS22/42/220/320 series switches\r\n[Bug Fixes] Switch can fail to re-auth clients once RADIUS server is restored with RADIUS monitoring enabled\r\n[Bug Fixes] MS120 series switches can reboot too quickly after firmware upgrade completes\r\n[Bug Fixes] Ports limited to 10/100 speeds can still auto negotiate to 1000mbps\r\n[Bug Fixes] ACL to deny all IPv6 traffic can trigger loss of Dashboard connectivity\r\n[Bug Fixes] MS120 series switches can fail to recover from L2 loops under certain circumstances\r\n[Bug Fixes] MS120 series switches with 48 ports can experience unexpected reboot in rare cases\r\n[Bug Fixes] Ports configured into LAG bundle not displayed correctly in local status page\r\n[Known Issues] Local status page incorrectly displays data about cellular status\r\n[Known Issues] Access policies with URL Redirect enabled can fail to redirect clients\r\n[Known Issues] Multicast routing on MS355 series switches may not function correctly\r\n[Known Issues] Infrequent possibility of OSPF adjacency re-init despite regular Hello packets (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches \r\nNumerous performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1544033396,"updatedAt":1547073695},{"id":"1812","name":"MS 11.1","major":11,"minor":1,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Bug Fixes] Local status page incorrectly displays data about cellular status\r\n[Bug Fixes] Infrequent possibility of OSPF adjacency re-init despite regular Hello packets (predates MS 10.x)\r\n[Known Issues] Local status page incorrectly displays data about cellular status\r\n[Known Issues] Access policies with URL Redirect enabled can fail to redirect clients\r\n[Known Issues] Multicast routing on MS355 series switches may not function correctly\r\n[Known Issues] Infrequent possibility of OSPF adjacency re-init despite regular Hello packets (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches \r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1544815806,"updatedAt":1547073682},{"id":"1813","name":"MS 11.2","major":11,"minor":2,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Bug Fixes] Access policies with URL Redirect enabled can fail to redirect clients\r\n[Bug Fixes] Multicast routing on MS355 series switches may not function correctly\r\n[Bug Fixes] SNMP can provide incorrect data about devices which use both CDP and LLDP\r\n[Bug Fixes] Multicast routing state can become stale when used in tandem with IGMP Snooping\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1545253097,"updatedAt":1547073671},{"id":"1814","name":"MS 11.3","major":11,"minor":3,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Bug Fixes] Chance that switch can experience an unexpected reboot when SNMP is enabled\r\n[Bug Fixes] Network access might remain blocked on successfully authenticated voice VLAN device\r\n[Bug Fixes] OSPF events which result in routes being removed and re-added can trigger slow convergence\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1547064803,"updatedAt":1547251248},{"id":"1819","name":"MS 11.4","major":11,"minor":4,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Bug Fixes] MS350 switches can accept unsupported port configurations through the local status page\r\n[Bug Fixes] RADIUS monitoring yields false negatives when RADIUS server issues Access-Accept for test credentials\r\n[Bug Fixes] RSTP BPDU conflict detection only checks 8 least significant bits of 12-bit Port Number field in received BPDU\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1547744250,"updatedAt":1547842259},{"id":"1824","name":"MS 11.5","major":11,"minor":5,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Bug Fixes] MS450 does not queue traffic per configured QoS rules in a specific case\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1548810109,"updatedAt":1548810109},{"id":"1827","name":"MS 11.6","major":11,"minor":6,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Bug Fixes] Frames >1518 bytes can be flagged as \"oversize\" in UI\r\n[Bug Fixes] Details about detected SFP modules not displayed for MS120 switches\r\n[Bug Fixes] CoA Reauthenticate can fail to trigger new authentication for MAB clients\r\n[Bug Fixes] Data snooped out of CDP messages from clients not formatted correctly in RADIUS Accounting updates\r\n[Bug Fixes] Triggering port cycles in UI can cause switch to stop processing client authentications\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1549990667,"updatedAt":1550076781},{"id":"1829","name":"MS 11.7","major":11,"minor":7,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Bug Fixes] MS210/225/250 switches can incur L3 routing impairment on reception of frames with a source MAC that belongs to the switch\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1550857211,"updatedAt":1550871981},{"id":"1832","name":"MS 11.8","major":11,"minor":8,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Bug Fixes] MS210/225/250 switches can incur L3 routing impairment on reception of frames with a source MAC that belongs to the switch\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1551730977,"updatedAt":1551730977},{"id":"1834","name":"MS 11.9","major":11,"minor":9,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1552419692,"updatedAt":1552419692},{"id":"1836","name":"MS 11.10","major":11,"minor":10,"patch":0,"changelog":"[Alerts] Upgrades to MS 11.x are supported only from MS 9.x or later.\r\n[Alerts] This version addresses an issue where MS22/42/220/320 series switches may hang during upgrades. Upgrades TO this release will reboot affected switches immediately prior to executing the upgrade.\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Known Issues] Problem with CoPP where high rate multicast stream can stress switch CPU when multicast routing is enabled\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] Drop unknown multicast drops all IPv6 multicast on MS210/225/250/350/410/420/425 series switches and can cause switches to become unreachable (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1552935193,"updatedAt":1553184331},{"id":"1837","name":"MS 11.11","major":11,"minor":11,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Bug Fixes] Drop unknown multicast drops all IPv6 multicast on MS350/355/410/420/425/450 series switches and can cause switches to become unreachable\r\n[Bug Fixes] Multicast flows can fail to forward out ports on stacked switches even when known receivers exist\r\n[Bug Fixes] Problem with CoPP where high rate multicast stream can stress switch CPU when multicast routing is enabled\r\n[Known Issues] Switches may fail to obtain an IPv6 uplink even when receiving IPv6 Router Advertisements\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1553122267,"updatedAt":1553545543},{"id":"1839","name":"MS 11.12","major":11,"minor":12,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Bug Fixes] Instead of flooding, MS120 switches drop all IGMP packets when IGMP Snooping is disabled\r\n[Known Issues] Switches may fail to obtain an IPv6 uplink even when receiving IPv6 Router Advertisements\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1553892991,"updatedAt":1554137526},{"id":"1840","name":"MS 11.13","major":11,"minor":13,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Bug Fixes] Switches may fail to obtain an IPv6 uplink even when receiving IPv6 Router Advertisements\r\n[Bug Fixes] Stacked switches may report inconsistent per-port LACP and STP information\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1554249549,"updatedAt":1554485236},{"id":"1847","name":"MS 11.15","major":11,"minor":15,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Bug Fixes] Neighbor solicitation packets sent via IPv6 uplink may use incorrect destination MAC address\r\n[Bug Fixes] Slower than expected port authentication speed on MS355 series switches\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1555516695,"updatedAt":1555948021},{"id":"1843","name":"MS 11.14","major":11,"minor":14,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Bug Fixes] Switches can fail to fetch an up-to-date configuration until being rebooted on rare occasion\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Slower than expected port authentication speed on MS355 series switches\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1554920787,"updatedAt":1555348590},{"id":"1849","name":"MS 11.16","major":11,"minor":16,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Bug Fixes] Sustained flooding of IGMP Query packets can trigger switch reboot\r\n[Bug Fixes] MS210/225/250 series switches can fail to obtain IPv6 uplink using SLAAC\r\n[Bug Fixes] Switch ports can fail to correctly detect LLDP/CDP neighbors in specific cases\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1556139338,"updatedAt":1556572194},{"id":"1850","name":"MS 11.17","major":11,"minor":17,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Bug Fixes] MAC forwarding table live tool does not load on MS120/210/225/250/410/420/425 series switches\r\n[Bug Fixes] With an access policy, unexpected ports can shift to the guest VLAN on MS210/225/250 series switches\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1556736701,"updatedAt":1557849119},{"id":"1859","name":"MS 11.20","major":11,"minor":20,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Bug Fixes] MAC forwarding table live tool does not load on MS120/210/225/250/410/420/425 series switches\r\n[Bug Fixes] With an access policy, unexpected ports can shift to the guest VLAN on MS210/225/250 series switches\r\n[Bug Fixes] RADIUS authentication may not function on stacked switches\r\n[Bug Fixes] Service-Type listed two times in Attribute Value Pairs\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1559580800,"updatedAt":1559663456},{"id":"1860","name":"MS 11.21","major":11,"minor":21,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS355 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Bug Fixes] A switch can lose it's uplink IP in certain scenarios\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] The attribute cdpCacheDeviceIndex value in the SNMP cdpCacheEntry table may exceed it's upper limit\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1560185687,"updatedAt":1560185687},{"id":"1867","name":"MS 11.24","major":11,"minor":24,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Bug Fixes] ARP entry on L3 switch expires despite still being in use -- causing brief packet loss until re-ARP occurs\r\n[Known Issues] L3 interfaces on switch stacks can send ARP requests using wrong sender MAC (as of MS 11.24+)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Switch ports can fail to correctly detect LLDP/CDP neighbors in specific cases\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1562013601,"updatedAt":1562604681},{"id":"1866","name":"MS 11.23","major":11,"minor":23,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\n[Known Issues] Switch ports can fail to correctly detect LLDP/CDP neighbors in specific cases\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1561476104,"updatedAt":1561476104},{"id":"1872","name":"MS 11.25","major":11,"minor":25,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Bug Fixes] Access policies using URL Redirect / Walled garden don't work on MS355/450 series switches\r\n[Bug Fixes] L3 interfaces on switch stacks can send ARP requests using wrong sender MAC\r\n[Bug Fixes] Switch ports can fail to correctly detect LLDP/CDP neighbors in specific cases\r\n[Bug Fixes] Certain OSPF configuration changes don't take effect until switch is rebooted\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1564414227,"updatedAt":1566932461},{"id":"1923","name":"MS 11.31","major":11,"minor":31,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS 11.31 is identical to MS 11.30 for all models EXCEPT the MS390\n[Additions] Support for MS125, MS355, and MS450 Series switches\n[Additions] Support for MS390 Series Switches\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\n[Additions] Event logging for errors with ECMP routes\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\n[Additions] STP BPDU inter-arrival monitoring\n[Additions] CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches\n[Bug Fixes] MS390 switches do not support port mirroring\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches do not display stackport connectivity status in dashboard\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] Stacked MS390 series switches do not report traffic/client analytics correctly in all cases\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS testing, RADIus Accounting Change of Authorization, QoS, Power Supply State, PoE power status/usage,\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2027-01-30T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1580420783,"updatedAt":1620236702},{"id":"1889","name":"MS 11.27","major":11,"minor":27,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\r\n[Additions] Support for MS125, MS355, and MS450 Series switches\r\n[Additions] Support port bounce AVP for RADIUS CoA (Cisco:Avpair=\"subscriber:command=bounce-host-port\")\r\n[Additions] Support MLD Snooping (currently enabled/disabled based on IGMP Snooping configuration)\r\n[Additions] Event logging for errors with ECMP routes\r\n[Additions] Support use of alternate interface to source DHCP Relay, RADIUS, SNMP and Syslog traffic\r\n[Additions] Improve stability during high inbound PIM Register load on MS350/355/410/425/450 series switches\r\n[Additions] STP BPDU inter-arrival monitoring\r\n[Additions] CoPP hardening for DNS, MDNS snooping on MS210/225/250/350/355/410/420/425/450 series switches\r\n[Bug Fixes] Rarely, L2 learning and aging can freeze on MS210/225/250/350/410/420/425 series switches\r\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\r\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\r\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\r\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\r\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1570133429,"updatedAt":1617332468},{"id":"1953","name":"MS 12.14","major":12,"minor":14,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting a single switch in an MS390 stack will reboot the entire stack\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, RADIUS CoA, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] ARP entry on L3 switch can expire despite still being in use (predates MS 10.x)\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)\nVarious performance and stability improvements","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2020-10-23T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1587671650,"updatedAt":1620129807},{"id":"2133","name":"MS 12.33","major":12,"minor":33,"patch":0,"changelog":"[Alerts] MS210/225/250 switches cannot forward IPv6 Router Advertisement and Neighbor Solicitation packets when flood unknown multicast is disabled (has always been true)\n[Alerts] MS390 upgrades from MS 12.31 or earlier will trigger a full system reload\n[Alerts] MS390 client authentication may fail closed if RADIUS server passes unsupported AVPs\n[Alerts] Auth session state on RADIUS server may be stale following an MS390 CoA update until RADIUS Accounting is supported\n[Additions] Support for MS390 Series Switches\n[Additions] Loop Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MAC Flap Detection on MS210/225/250/350/355/410/420/425/450 series switches\n[Additions] MS390 Local Status Page identifies ports on other stack members by name instead of MAC address\n[Additions] Features now supported on MS390: RADIUS Testing, RADIUS CoA\n[Bug fixes] General stability and security improvements\n[Known Issues] Routing to a particular next-hop can fail under specific conditions for non-MS390 switch stacks\n[Known Issues] MS390 stack members may not report client-level detail\n[Known Issues] MS390 series switches Max MTU is limited to 9198 bytes\n[Known Issues] MS390 series switches will not display packet details in the DHCP Servers page\n[Known Issues] MS390 series switches do not support the 'next-server' or 'bootfile' parameters in DHCP messages\n[Known Issues] Rebooting any MS390 stack member via the UI will result in the entire stack rebooting\n[Known Issues] LLDP frames from MS390 series switches will use a single system name instead of the Dashboard given name\n[Known Issues] MS390 series switches will not display the advertising router ID for OSPF\n[Known Issues] MS390 series switches with OSPF enabled will default to an IP MTU of 1500 bytes on every OSPF enabled interface\n[Known Issues] MS390 series switches do not support the multicast routing livetool\n[Known Issues] MS390 series switches do not support tagged traffic bypass for voice on ports with a Multi-Auth access policy\n[Known Issues] Dynamic VLAN assignment from a RADIUS server on MS390 series switches must already be an allowed VLAN on the port for it to function\n[Known Issues] MS390 series switches may not display link state on links at mGig speeds (2.5G, 5G)\n[Known Issues] MS390 series switches do not currently support the following features: VRRP, SM Sentry, Syslog server, SNMP, Traceroute, IPv6 connectivity to dashboard, Meraki Auth, URL Redirection, MAC Whitelisting, RADIUS Accounting, QoS, Power Supply State, PoE power status/usage, Loop Detection, UDLD, MAC Flap Detection\n[Known Issues] SM Sentry does not support Windows based clients (predates MS 10.x)\n[Known Issues] MS425 series switches do not forward frames larger than 9416 bytes (predates MS 10.x)\n[Known Issues] MS350-24X and MS355 series switches do not negotiate UPoE over LLDP correctly (predates MS 10.x)","networkType":"switch","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2022-01-28T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1611847701,"updatedAt":1619527855},{"id":"1419","name":"MC 1.0","major":1,"minor":0,"patch":0,"changelog":"New Feature: Phone packet captures\r\nNew Feature: In call low quality indicator (for poor network connections)\r\nNew Feature: Per-phone timezone override\r\nNew Feature: LAN LLDP Advertisement\r\nPeripheral: Add support for the Jabra 810's hookswitch button\r\nBugfix: Fix several corner cases that allowed the phone to become stuck with the in call screen open\r\nBugfix: Fix the wording of the voicemail greeting recorder when going back while recording a greeting\r\nBugfix: Prevent ringback tone from incorrectly playing out of the speaker in some situations when using a USB headset\r\nMisc: Make the in call keypad and in call screen more responsive\r\nMisc: Increase the size of the in call keypad\r\nMisc: Screen will now dim slightly more while on the idle screen","networkType":"phone","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1470859527,"updatedAt":1480383328},{"id":"1421","name":"MC 1.1","major":1,"minor":1,"patch":0,"changelog":"New Feature: Missed Call Notifications \r\nNew Feature: Voicemail Only Password Lock \r\nNew Feature: Meraki Cloud Connectivity Indicator \r\nNew Feature: Phone packet captures \r\nNew Feature: In call low quality indicator (for poor network connections) \r\nNew Feature: Per-phone timezone override \r\nNew Feature: LAN LLDP Advertisement \r\nPeripheral: Add support for the Jabra 810's hookswitch button \r\nBugfix: Fix several corner cases that allowed the phone to become stuck with the in call screen open \r\nBugfix: Fix the wording of the voicemail greeting recorder when going back while recording a greeting \r\nBugfix: Prevent ringback tone from incorrectly playing out of the speaker in some situations when using a USB headset \r\nBugfix: Formatting of Six Digit Extensions while Dialing \r\nBugfix: Ringtone Playing Out of the Handset \r\nBugfix: Correctly Format Long Contact Names in the Directory \r\nMisc: Make the in call keypad and in call screen more responsive \r\nMisc: Increase the size of the in call keypad \r\nMisc: Screen will now dim slightly more while on the idle screen\r\nMisc: Audio Quality Improvements","networkType":"phone","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1471539902,"updatedAt":1480383304},{"id":"1434","name":"MC 1.2","major":1,"minor":2,"patch":0,"changelog":"New Feature: Announcements\r\nNew Feature: 3.5mm headphone and headset support\r\nBugfix: Timezone changes no longer require a reboot\r\nBugfix: Dialing invalid numbers will no longer load the in-call screen\r\nBugfix: Switch the color of the dial button on the emergency call screen from grey to green\r\nBugfix: Phones will now join the voice VLAN on certain Cisco switch models\r\nMisc: You can now tap on paired but disconnected bluetooth devices to connect to them\r\nMisc: The selected audio device is now remembered between calls","networkType":"phone","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1475507335,"updatedAt":1480383280},{"id":"1471","name":"MC 1.3","major":1,"minor":3,"patch":0,"changelog":"New Feature: Announcements\r\nNew Feature: 3.5mm headphone and headset support\r\nBugfix: Timezone changes no longer require a reboot\r\nBugfix: Dialing invalid numbers will no longer load the in-call screen\r\nBugfix: Switch the color of the dial button on the emergency call screen from grey to green\r\nBugfix: Phones will now join the voice VLAN on certain Cisco switch models\r\nMisc: You can now tap on paired but disconnected bluetooth devices to connect to them\r\nMisc: The selected audio device is now remembered between calls","networkType":"phone","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1476735464,"updatedAt":1489021764},{"id":"1479","name":"MC 1.4","major":1,"minor":4,"patch":0,"changelog":"Multiline\r\n a. Allows phones to have multiple DIDs (up to 8).\r\n b. If using custom caller ID, you can set one of the outgoing DIDs as the ID.\r\n Presence\r\n a. Allows the user to see if other phones in the network are un/registered, available or in a call.\r\n New Transfer Options:\r\nWarm Transfer - Call the extension you are transferring first, then complete the transfer by connecting the two calls.\r\nDirect to voicemail\r\n Favorites\r\n Ability to add favorite contacts and view them in the favorites tab under contacts. \r\n Additional USB Headset Support\r\n Ringing through the headset.\r\nAbility to answer/hold/switch between calls.\r\nAbility to answer call waiting calls. \r\n Speakerphone Volume\r\nIncreased the volume when on speaker phone.\r\nShared Hold\r\nArea Code inference","networkType":"phone","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1479431214,"updatedAt":1489021732},{"id":"1520","name":"MC 1.5","major":1,"minor":5,"patch":0,"changelog":"Multiline Appearance\r\n A phone user can initiate outbound and receive inbound calls using multiple DIDs (up to 8)\r\n If a custom caller ID is configured for a contact, a phone user can choose between the custom caller ID or any assigned DID for outbound caller ID presentation.\r\n\r\nPresence\r\n A phone user can view the status of other phone users in the network. Phones not registered are denoted by a grey indicator, available phones are denoted by a green indicator and phones currently on an active call will display a red indicator\r\n\r\nNew Transfer Options:\r\n Warm Transfer - A phone user can consult another phone user before transferring the call to that user\r\n Direct to voicemail - calls can be transferred directly to another phone user's voicemail box\r\n\r\nFavorites\r\n Phone users can add favorite contacts and view them in the Favorites tab under contacts\r\n\r\nAdditional USB Headset Support\r\n Ringtone is now played to supported USB headsets\r\n A phone user can answer/hold/switch between calls using a USB headset onhook/offhook button\r\n A phone user can receive call waiting tone via a supported USB headset and can answer these calls by pressing the headset off-hook button\r\n\r\nNetwork Shared Hold\r\n Network Shared Hold allows the end user to tap the phone \"Hold\" button to place a call on hold. This will send a notification to each phone in that MC network which can be tapped to pickup the original call.","networkType":"phone","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1489021617,"updatedAt":1497634172},{"id":"1525","name":"MC 1.6","major":1,"minor":6,"patch":0,"changelog":"Multiline Appearance <br/> A phone user can initiate outbound and receive inbound calls using multiple DIDs (up to 8) <br/> If a custom caller ID is configured for a contact, a phone user can choose between the custom caller ID or any assigned DID for outbound caller ID presentation. <br/> <br/>Presence <br/> A phone user can view the status of other phone users in the network. Phones not registered are denoted by a grey indicator, available phones are denoted by a green indicator and phones currently on an active call will display a red indicator <br/> <br/>New Transfer Options: <br/> Warm Transfer - A phone user can consult another phone user before transferring the call to that user <br/> Direct to voicemail - calls can be transferred directly to another phone user's voicemail box <br/> <br/>Favorites <br/> Phone users can add favorite contacts and view them in the Favorites tab under contacts <br/> <br/>Additional USB Headset Support <br/> Ringtone is now played to supported USB headsets <br/> A phone user can answer/hold/switch between calls using a USB headset onhook/offhook button <br/> A phone user can receive call waiting tone via a supported USB headset and can answer these calls by pressing the headset off-hook button <br/> <br/>Network Shared Hold <br/> Network Shared Hold allows the end user to tap the phone \"Hold\" button to place a call on hold. This will send a notification to each phone in that MC network which can be tapped to pickup the original call.","networkType":"phone","isBeta":null,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1489712782,"updatedAt":1489712782},{"id":"1562","name":"MC 1.9","major":1,"minor":9,"patch":0,"changelog":"=====\r\nForced IR calibration\r\nMTR live tool\r\nImproved general UI responsiveness\r\nImproved general stability\r\n=====","networkType":"phone","isBeta":false,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1496351423,"updatedAt":1517265880},{"id":"1670","name":"MC 1.11","major":1,"minor":11,"patch":0,"changelog":"Bug fix\r\nAccurate destination DID label on incoming calls\r\nUpdated ICE/STUN IP address resolution to resolve one way audio issues \r\nOptimized delay buffers which were responsible for audio artifacts\r\nFixed Dialer has stopped message when updating the directory tab\r\nFixed call transfer and hold UI issue\r\nRemoved keypad tones when mute is enabled\r\nFixed no audio output upon reboot\r\nFixed voice VLAN DHCP IP allocation issues\r\nFixed screen brightness fluctuation\r\nNew features\r\nCustomizable ringtones\r\nCustomizable personal contacts via the phone touch screen \r\nCall waiting tone with USB headsets\r\nForeign language firmware support (DE, IT, ES, FR, FR CA - English and French are available in the UI)\r\nSecurity\r\nPatch for BlueBorn vulnerability (CVE-2017-0781, CVE-2017-0782, CVE-2017-0785, CVE-2017-0783)\r\nKnown Issues\r\nAudio issues are seen by conference participants when adding a 4th call to an Ad-hoc conference\r\nContact favorites, call history and the voicemail passcode are purged following an upgrade to phone-1.11\r\nOther\r\nGeneral stability and performance improvements\r\nHook-switch and light sensor improvements\r\nBackend call logging improvements\r\nFirmware support for enhanced traceroute tools\r\nRTCP firmware support\r\nPhone CPU resource allocation improvements\r\nIncreased support for USB headsets (Jabra)\r\nScreen reader support in firmware\r\nBluetooth pairing UI improvements\r\nInput/Output device selection improvements\r\nRe-factored Network Statistic calculation (jitter and loss in Dashboard)\r\nAdded firmware support for the OPUS codec","networkType":"phone","isBeta":false,"lasikImpacted":true,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1512497706,"updatedAt":1534279273},{"id":"2114","name":"MV 4.9","major":4,"minor":9,"patch":0,"changelog":"[Bug Fix] Improved low light behavior (MV12/MV22/MV72/MV22X/MV72X)\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-12-31T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1605643309,"updatedAt":1623781053},{"id":"2090","name":"MV 4.8","major":4,"minor":8,"patch":0,"changelog":"[New] Support for low latency HLS\r\n[New] Support for MT Sensors\r\n[New] Improved color fidelity and accuracy (MV12/MV22/MV72/MV22X/MV72X)\r\n[New] Improved auto white balance accuracy (MV12/MV22/MV72/MV22X/MV72X)\r\n[New] Reduction in color and dark region noise (MV12/MV22/MV72/MV22X/MV72X)\r\n[New] Significant dynamic range improvements for HDR mode\r\n[Bug Fixes] Resolved an issue where image setting changes would not successfully apply on 2nd generation cameras\r\n[Bug Fixes] Resolved an issue with historical video playback on iOS and Safari\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1600726486,"updatedAt":1624379931},{"id":"2164","name":"MV 4.12","major":4,"minor":12,"patch":0,"changelog":"[New] Added support for audio detection analytics to MV Sense\r\n[Bug Fix] Resolved an issue where cameras would stop processing motion events \r\n[General] Improved autofocus performance for 2nd generation cameras\r\n[General] Improved performance of motion recap image generation \r\n[General] Improved MV Sense MQTT network performance\r\n[General] Improved accuracy of vehicle and person detection\r\n[General] Improved Snapshot API latency\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-04-26T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1619479664,"updatedAt":1622134037},{"id":"1933","name":"MV 4.2","major":4,"minor":2,"patch":0,"changelog":"[Bug Fixes] Resolved an issue where too many snapshot API calls could cause camera instability\r\n[General] Improved performance of MV Sense on MV72 and MV72X\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1582328160,"updatedAt":1616174626},{"id":"2070","name":"MV 4.6","major":4,"minor":6,"patch":0,"changelog":"[Bug Fixes] Resolved an issue where cameras would fail to publish MQTT topics\r\n[General] Updated direct live video DSCP value to AF31\r\n[General] Improved accuracy of object detection for MV32 \r\n[General] Improved performance of motion recap image generation\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1595972096,"updatedAt":1616174626},{"id":"1924","name":"MV 4.1","major":4,"minor":1,"patch":0,"changelog":"[Bug Fixes] Resolved an issue where focus settings would not apply correctly\r\n[Bug Fixes] Increased autofocus performance at lower zoom settings\r\n[Bug Fixes] Resolved an issue where the circular mask was not applied to adaptive bitrate stream\r\n[General] Improved performance of motion recap image generation\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1580860717,"updatedAt":1616174626},{"id":"1954","name":"MV 4.4","major":4,"minor":4,"patch":0,"changelog":"[Bug Fixes] Resolved an issue where historical video can become corrupted due to a software fault\r\n[General] Improved accuracy of vehicle and person detection\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1588024631,"updatedAt":1616174626},{"id":"2065","name":"MV 4.5","major":4,"minor":5,"patch":0,"changelog":"[New] Added support for selecting Object Detection Model for 2nd generation cameras\r\n[New] Added support for toggling between motion detector V1 and V2 for 2nd generation cameras\r\n[New] External RTSP support added for 2nd generation cameras\r\n[New] Full Sensor Resolution Snapshots support added for 2nd generation cameras\r\n[Bug Fixes] Resolved an issue where live video can become corrupted due to a software fault\r\n[Bug Fixes] Resolved an issue where historical video can become corrupted due to a software fault\r\n[Bug Fixes] Resolved an issue where historical video is not saved due to a software fault\r\n[Bug Fixes] Resolved an issue where stream initialization time was too high for MV21 and MV71\r\n[Bug Fixes] Resolved an issue where MV Sense did not pass object type field to brokers\r\n[Bug Fixes] Resolved an issue where too many snapshot API calls could cause camera instability\r\n[Bug Fixes] Resolved an issue where focus settings would not apply correctly\r\n[Bug Fixes] Increased autofocus performance at lower zoom settings\r\n[Bug Fixes] Resolved an issue where the circular mask was not applied to adaptive bitrate stream\r\n[General] Improved accuracy of vehicle and person detection\r\n[General] Improved performance of motion recap image generation\r\n[General] Improved performance of MV Sense on MV72 and MV72X\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1594747789,"updatedAt":1616174626},{"id":"2129","name":"MV 4.10","major":4,"minor":10,"patch":0,"changelog":"[New] Added confidence parameter to MV Sense MQTT raw detections \r\n[Bug Fix] Resolved an issue where cameras would stop publishing MQTT topics\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1611166484,"updatedAt":1613425673},{"id":"1944","name":"MV 4.3","major":4,"minor":3,"patch":0,"changelog":"[Bug Fixes] Resolved an issue where historical video is not saved due to a software fault\r\n[Bug Fixes] Resolved an issue where stream initialization time was too high for MV21 and MV71\r\n[Bug Fixes] Resolved an issue where MV Sense did not pass object type field to brokers\r\n[General] Improved accuracy of vehicle and person detection\r\n[General] Improved performance of motion recap image generation\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1585167484,"updatedAt":1588024643},{"id":"2016","name":"MV 4.5","major":4,"minor":5,"patch":0,"changelog":"[Bug Fixes] Resolved an issue where live video can become corrupted due to a software fault\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1592327209,"updatedAt":1594748575},{"id":"2077","name":"MV 4.7","major":4,"minor":7,"patch":0,"changelog":"[General] Improved 1st generation cameras NTP implementation. Per our upstream firewall rules guidelines, public NTP should be permitted to allow for proper camera operations.","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1597774389,"updatedAt":1600726506},{"id":"1899","name":"MV 4.0","major":4,"minor":0,"patch":0,"changelog":"[Bug Fixes] Resolved an issue where historical and live video recording can become briefly interrupted\r\n[Bug Fixes] Resolved an issue where snapshot API would respond with a 404 error \r\n[Bug Fixes] Improved stability of video playback when audio recording is enabled\r\n[General] General stability and performance improvements\r\nNOTE: Upgrading to this firmware does NOT allow for the ability to downgrade to MV 3.X for MV12/22/72/32","networkType":"camera","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1573609835,"updatedAt":1617913966},{"id":"2137","name":"MV 4.11","major":4,"minor":11,"patch":0,"changelog":"[New] Added HDR mode support to MV32\r\n[Bug Fix] Resolved an issue where cameras would stop processing motion events\r\n[General] General stability and performance improvements","networkType":"camera","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1613425751,"updatedAt":1619699625},{"id":"2168","name":"MR 28.1","major":28,"minor":1,"patch":0,"changelog":"[Important Note] When configured for this version, the MR12, MR16, MR18, MR24, MR26, MR32, MR34, MR62, MR66, and MR72 will run MR 26.8.1.\n[New] IPv6 support on MR (including MR management over IPv6, IPv6 live tools (ping and traceroute), L3 IPv6 firewall rules, RADIUS/LDAP/AD over IPv6, SNMP/Syslog/Meraki Health over IPv6) - https://documentation.meraki.com/MR/Other_Topics/IPv6_Support_on_MR_Access_Points (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[New] RADIUS enhancements (e.g., NAS-ID configuration, Called-Station ID configuration, EAP timers, and more) - https://documentation.meraki.com/MR_Meraki_RADIUS_2.0 (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[New] Digital Tags management (with our partner SES-imagotag). This feature allows using the IoT (previously known as BLE) radio on MR access points to act as gateways for these tags as opposed to deploying separate ESL gateways. Please contact Support. (MR30H/33/74, MR45/55, MR36/MR46/MR56/MR44, MR76/MR86).\nhttps://documentation.meraki.com/MR/Deployment_Guides/Electronic_Shelf_Labels_(ESL)_Integration_with_MR_Access_Points\n[New] Support VLANs over wireless mesh links - https://documentation.meraki.com/MR/Deployment_Guides/Mesh_Deployment_Guide#Multi-VLAN_support_over_Mesh (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[New] Support for Message Queuing Telemetry Transport (MQTT) - https://documentation.meraki.com/MR/Other_Topics/MR_MQTT_Data_Streaming (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs) \n[Security Fixes] CVE-2020-25684 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-25685 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-25686 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-24588 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-24587 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-24586 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26145 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26144 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26140 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26143 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26139 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26146 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26147 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26142 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Security Fixes] CVE-2020-26143 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs)\n[Bug Fixes] IGMP queries intermittently dropped during high loads of multicast traffic (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] MR may not forward buffered frames upon receipt of CTS from STA if the CTS did not follow the preceding RTS within a given time window (Wi-Fi 6 MRs)\n[Bug Fixes] MR drops traffic for client when Mandatory DHCP is enabled and the MR has seen a large number of clients (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] Bonjour queries not forwarded to the service VLAN when source port is other than UDP 5353 (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] UNII-2e channels added for indoor APs in Israel IL regulatory domain (Wi-Fi 5 Wave 2 MRs)\n[Bug Fixes] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Bug Fixes] MR may reboot when configured with WPA2-Enterprise, Hotspot 2.0, and more than 42 MCC/MNCs. There is now a limit on 42 or fewer MCC/MNCs. (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] TCP port 22 was accessible from the wireless LAN (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] RADIUS Accounting Interim-Update packets contain 0 for Acct-Input / Acct-Output usage values (Wi-Fi 6 MRs)\n[Bug Fixes] Scanning radio may become stuck on a single frequency in some regulatory domains (Wi-Fi 5 Wave 2 MRs)\n[Bug Fixes] MR may crash upon configuration changes with NBAR enabled (Wi-Fi 6 MRs)\n[Bug Fixes] Wi-Fi 6 MR did not start RADIUS Accounting session after 802.11r FT (Wi-Fi 6 MRs)\n[Bug Fixes] RADIUS CoA packets not sent across mesh links (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] MR was not applying the appropriate QoS DSCP tags to some egress packets (Wi-Fi 6 MRs)\n[Bug Fixes] Enabled 40/80 MHz channel widths in Ecuador (MR20/MR30H/MR33/MR70/MR74)\n[Bug Fixes] MR was generating SNMP ifOutErrors under normal 802.11 traffic scenarios (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] MR was generating SNMP ifInDiscards under normal 802.11 traffic scenarios (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] MR would not send RTS frames to 802.11b clients (MR45/MR55)\n[Bug Fixes] Local status page included “Provider Name” cellular information (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] 802.11r association & re-association events were not generated in the event log (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] MR30H LED did not change to blue with connected clients (All MR’s)\n[Bug Fixes] Class Attribute received from RADIUS Access-Accept packet was not forwarded in RADIUS Accounting-Request packet (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] Client Balancing control plane packets continued to be transmitted by MRs via Ethernet even when disabled (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] Local status page included latitude and longitude coordinates (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] VPN teleworker tunnels were unable to establish if the SSID configured to do so was VAP #12 (out of 15) (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] MR does not automatically detect Smart Antennas (MR42E)\n[Bug Fixes] MR may experience frequent Ethernet carrier changes (MR36)\n[Bug Fixes] Client timeline metrics calculation improvements (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] Numerous performance, stability, and security improvements (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Known Issues] Client association status is not accurately reflected when viewing the Client Details page (Wi-Fi 6 MRs)\n[Known Issues] MR may reboot when changing the configured country for the network (Wi-Fi 6 MRs)\n[Known Issues] MR reboots every 15-20 minutes when connection to Meraki Dashboard is unavailable (Wi-Fi 6 MRs)\n[Known Issues] UNII-2e channels not available for indoor MRs in Israel IL regulatory domain (Wi-Fi 6 MRs)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1621355584,"updatedAt":1624568446},{"id":"2074","name":"MR 27.4.1","major":27,"minor":4,"patch":1,"changelog":"Adds Support for Wifi 6 MRs to be used as a gateway for MT Sensors\nNote: This firmware is exactly the same as MR27.5 with support for MT sensors\n[Bug Fixes] MR responds to CoA Request packets with COA NAK when SSID is configured Cisco Central Web Authentication (CWA) and CoA (All MRs)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-05-01T07:00:00Z","supportsRolling":true,"isLatestPatch":true,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":true,"createdAt":1597175834,"updatedAt":1616174626},{"id":"2051","name":"MR 27.2","major":27,"minor":2,"patch":0,"changelog":"[Bug Fixes] Wired clients connected to MR30H LAN ports are unable to pass unicast traffic (MR30H)\n[Bug Fixes] Scanning radio was not properly parsing DFS channels, resulting in adverse AutoRF behavior (MR36/MR46/MR56)\n[Bug Fixes] MR was unable to properly change channels on the 2.4 GHz radio (802.11ax MRs)\n[Bug Fixes] Client may not receive RADIUS authentication response and get disassociated from MR in the event of RADIUS server failover (All MRs)\n[Bug Fixes] Successful DHCP events were not being properly logged for NAT-mode SSIDs (All MRs)\n[Bug Fixes] Changes made to authentication settings could result in MR rebooting when IPSK without RADIUS was enabled (All MRs)\n[Bug Fixes] Certain HTTP inputs could cause the MR to reboot, especially with splash page enabled (All MRs)\n[Bug Fixes] Some client roaming scenarios may result in periods of inaccurate data in the client connectivity bar and client history (All MRs)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported, such as Bangladesh, Bolivia, Guyana, Indonesia, Jamaica, Nigeria, Pakistan, Qatar, Tanzania (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] MR may disassociate clients after a configuration change on a WPA2 SSID (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)\n[Known Issues] Reduced aggregate upload throughput on 2.4 & 5GHz radio for Windows clients (MR45/MR55)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1592866462,"updatedAt":1616174626},{"id":"2086","name":"MR 27.5","major":27,"minor":5,"patch":0,"changelog":"[New] Initial stable firmware for MR44\n[Bug Fixes] MR responds to CoA Request packets with COA NAK when SSID is configured Cisco Central Web Authentication (CWA) and CoA (All MRs)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported, such as Bangladesh, Bolivia, Guyana, Indonesia, Jamaica, Nigeria, Pakistan, Qatar, Tanzania (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1599243190,"updatedAt":1616174626},{"id":"2064","name":"MR 27.3","major":27,"minor":3,"patch":0,"changelog":"[Bug Fixes] Reduced aggregate upload throughput on 2.4 & 5GHz radio for Windows clients (MR45/MR55)\n[Bug Fixes] Malformed packets received by the BLE radio may cause the MR to reboot (MR42/MR52/MR53/MR84)\n[Bug Fixes] Wireless clients passing minimal amounts of traffic may be displayed as wired clients (All MRs)\n[Bug Fixes] If a client roamed from an MR, and then after 5 minutes roamed back to the original MR, the association was rejected on 802.11w-required SSIDs (802.11ax MRs)\n[Bug Fixes] Interoperability issues with some older clients and/or drivers resulted in the clients getting into states where they could not pass any traffic (802.11ac Wave 2 MRs)\n[Bug Fixes] Scanning radio could enter an invalid state and lead to the MR rebooting (802.11ac Wave 2 MRs)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported, such as Bangladesh, Bolivia, Guyana, Indonesia, Jamaica, Nigeria, Pakistan, Qatar, Tanzania (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1594682108,"updatedAt":1616174626},{"id":"2075","name":"MR 27.4","major":27,"minor":4,"patch":0,"changelog":"[Bug Fixes] ‘Run Dark’ mode did not disable Ethernet LED (802.11ax MRs)\n[Bug Fixes] Increased the number of MPDU’s allowed in an A-MPDU frame, improving UDP performance (802.11ax MRs)\n[Bug Fixes] Enabled RTS/CTS operation (MR36/MR46/MR46E/MR56/MR76/MR86)\n[Bug Fixes] Additional checks added to avoid stale connection entries for clients (All MRs)\n[Bug Fixes] Bit rate listed in the client capabilities did not always match the maximum data rate described in the Data Rates graph of the client (All MRs)\n[Bug Fixes] Windows clients connected to MR30H wired LAN port could inadvertently detect an IP address conflict (MR30H)\n[Bug Fixes] Interoperability issue with Dynamic SMPS on certain Intel clients would result in poor performance (802.11ax MRs)\n[Bug Fixes] Upon roaming to a mesh repeater, client traffic to the repeater would not egress the mesh interface, resulting in packet loss (All MRs)\n[Bug Fixes] MR would encounter frequent reboots if there was an SSID configured for iPSK RADIUS and VPN Teleworker / Layer 3 Roaming with Concentrator (All MRs)\n[Bug Fixes] General performance & stability improvements (All MRs)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported, such as Bangladesh, Bolivia, Guyana, Indonesia, Jamaica, Nigeria, Pakistan, Qatar, Tanzania (MR36/45/46/46E/55/56/76/86)\n[Known Issues] MR responds to CoA Request packets with COA NAK when SSID is configured Cisco Central Web Authentication (CWA) and CoA (All MRs)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1597351945,"updatedAt":1616174626},{"id":"2105","name":"MR 27.5.1","major":27,"minor":5,"patch":1,"changelog":"[Bug Fixes] MR was unable to upgrade from MR24.x firmware version to MR27.x firmware version (MR42/MR52/MR53/MR84)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported, such as Bangladesh, Bolivia, Guyana, Indonesia, Jamaica, Nigeria, Pakistan, Qatar, Tanzania (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1603484922,"updatedAt":1616174626},{"id":"2108","name":"MR 27.5.10","major":27,"minor":5,"patch":10,"changelog":"[New] Support for MT sensors\n[New] Initial stable firmware for MR44\n[Bug Fixes] MR responds to CoA Request packets with COA NAK when SSID is configured Cisco Central Web Authentication (CWA) and CoA (All MRs)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-01T07:00:00Z","supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1604521523,"updatedAt":1616174626},{"id":"2111","name":"MR 27.5.11","major":27,"minor":5,"patch":11,"changelog":"[Bug Fixes] Improve handling of connection with MT sensors\n[Bug Fixes] MR was unable to upgrade from MR24.x firmware version to MR27.x firmware version (MR42/MR52/MR53/MR84)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-01T07:00:00Z","supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1604531605,"updatedAt":1616174626},{"id":"2121","name":"MR 27.5.12","major":27,"minor":5,"patch":12,"changelog":"[New] Minor Bug fixes for MT Support\n[Bug Fixes] MR was unable to upgrade from MR24.x firmware version to MR27.x firmware version (MR42/MR52/MR53/MR84)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (All MRs)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-12-31T08:00:00Z","supportsRolling":true,"isLatestPatch":true,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"isWirelessMtBeta":true,"createdAt":1607991280,"updatedAt":1616174626},{"id":"2001","name":"MR 27.1","major":27,"minor":1,"patch":0,"changelog":"[Important Notice] This version, and subsequent MR 27.x versions, are only supported on the 802.11ac Wave 2 and 802.11ax MR product portfolio. 802.11ac Wave 1 and older products will not upgrade, should they be in networks configured for MR 27.x versions, and thus the new features will not be available and the bug fixes listed will not apply.\n[New] WPA3 Support https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/WPA3_Encryption_and_Configuration_Guide\n[New] Meraki Health wireless performance metrics and client timeline https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Meraki_Health\n[New] Firmware Upgrade Strategy https://documentation.meraki.com/MR/Other_Topics/Access_Point_Firmware_Upgrade_Strategy \n[New] Network-based Application Recognition “NBAR” https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Network-Based_Application_Recognition_(NBAR)_on_MR (802.11ax MRs) \n[New] iPSK without RADIUS https://documentation.meraki.com/MR/Encryption_and_Authentication/IPSK_Authentication_Without_RADIUS NOTE: Careful consideration must be made if the network is downgraded to a previous MR26.x release. The SSID using iPSK without RADIUS should be reconfigured to use an appropriate SSID configuration supported on MR26.x. Otherwise, the SSID will remain enabled as an “Open” SSID.\n[New] Meraki Local Auth https://documentation.meraki.com/MR/Encryption_and_Authentication/Meraki_Local_Authentication_-_MR_802.1X \n[New] Adaptive Policy https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Adaptive_Policy/Adaptive_Policy_Overview NOTE: Careful consideration must be made if the network is downgraded to a previous MR26.x release. The switch interfaces must have tagging disabled for the access points to establish cloud reachability post downgrade.\n[Bug Fixes] General performance, stability, and security improvements.\n[Bug Fixes] MR sent management frames as well as broadcast & multicast frames at the incorrect bit rate after a channel change.\n[Bug Fixes] Wireless Health latency stats were not being reported for the MR45 & MR55. (MR45/55)\n[Bug Fixes] Modification of RADIUS Accounting Start delay timer enabled by Meraki Support was not taking effect (MR45/MR55)\n[Bug Fixes] MR would not send traffic to a client that did not first send a packet after receiving an IP address (802.11ac Wave 2/MR45/MR55)\n[Bug Fixes] MR would not forward EAP-TLS Server Hello packets from Authentication Server to Supplicant if configured for minimum bit rates less than 12mbps\n[Bug Fixes] MR in CE regulatory domain does not send EAPOL Key 3 message to 802.11b/g clients on PSK SSIDs (MR45/MR55)\n[Bug Fixes] Successful client authentications on a MAC-auth SSID resulted in authentication failures reported in Wireless Health\n[Bug Fixes] Traffic between multiple wired clients connected to an MR30H LAN port would exhaust the memory on the MR, leading to instability (MR30H)\n[Bug Fixes] MR could become unstable while taking packet captures from Dashboard and reboot (802.11ax MRs)\n[Bug Fixes] MR was intermittently logging 802.1x authentication failures as PSK authentication failures\n[Bug Fixes] VLAN tag received via RADIUS response was not being properly ignored for MAC authentication SSIDs when configured to do so\n[Bug Fixes] High latency could be encountered on mesh link (802.11ax MRs)\n[Bug Fixes] Configuration change may lead to clients getting disconnected (MR36/MR46/MR46E/MR56/MR76/MR86)\n[Known Issues] MR may experience frequent reboots in networks where UNII-1 channels are not supported, such as Bangladesh, Bolivia, Guyana, Indonesia, Jamaica, Nigeria, Pakistan, Qatar, Tanzania (MR36/45/46/46E/55/56/76/86)\n[Known Issues] Under certain conditions, successful WPA2-PSK connections are reported as failed under Wireless Health event logs (All MRs)\n[Known Issues] Wired clients connected to MR30H LAN ports are unable to pass unicast traffic (MR30H)\n[Known Issues] Some client roaming scenarios may result in periods of inaccurate data in the client connectivity bar and client history\n[Known Issues] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's\n[Known Issues] Reduced aggregate upload throughput on 2.4 & 5GHz radio for Windows clients (MR45/MR55)","networkType":"wireless","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1589842483,"updatedAt":1616174626},{"id":"2174","name":"MR 27.7","major":27,"minor":7,"patch":0,"changelog":"[Emergency Notice] Wi-Fi 6 MRs might exhibit unexpected reboots when upgraded to this version. This issue is being actively investigated by our engineering team.\n[Important Note] When configured for this version, the MR12, MR16, MR18, MR24, MR26, MR32, MR34, MR62, MR66, and MR72 will run MR 26.8.2 which explicitly includes the pertinent security fixes noted below. \n[Security Fixes] CVE-2020-11022 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022 (MR12/MR16/MR18/MR24/MR26/MR32/MR34/MR62/MR66/MR72)\n[Security Fixes] CVE-2020-11023 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023 (MR12/MR16/MR18/MR24/MR26/MR32/MR34/MR62/MR66/MR72)\n[Security Fixes] CVE-2020-24588 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-24587 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-24586 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26145 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26144 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26140 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26143 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26139 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26146 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26147 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26142 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-26143 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Security Fixes] CVE-2020-25684 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g (Wi-Fi 5 Wave 2 MRs, Wi-Fi 6 MRs, MR12/MR16/MR18/MR24/MR26/MR32/MR34/MR62/MR66/MR72)\n[Security Fixes] CVE-2020-25685 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g (Wi-Fi 5 Wave 2 MRs, Wi-Fi 6 MRs, MR12/MR16/MR18/MR24/MR26/MR32/MR34/MR62/MR66/MR72)\n[Security Fixes] CVE-2020-25686 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g (Wi-Fi 5 Wave 2 MRs, Wi-Fi 6 MRs, MR12/MR16/MR18/MR24/MR26/MR32/MR34/MR62/MR66/MR72)\n[Bug Fixes] General stability improvements (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Bug Fixes] Downstream VOIP RTP Packet Loss (MR42/MR42E/MR52/MR53/MR53E/MR84)\n[Bug Fixes] Scanning radio may become stuck on a single frequency in some regulatory domains (Wi-Fi 5 Wave 2 MRs)\n[Bug Fixes] MR may not forward buffered frames upon receipt of CTS from STA if the CTS did not follow the preceding RTS within a given time window (Wi-Fi 6 MRs)\n[Bug Fixes] MR does not automatically detect Smart Antennas (MR42E)\n[Bug Fixes] MR may experience frequent Ethernet carrier changes (MR36)\n[Bug Fixes] MR was not applying the appropriate QoS DSCP tags to some egress packets (Wi-Fi 6 MRs)\n[Bug Fixes] MR was generating SNMP ifOutErrors under normal 802.11 traffic scenarios (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Known Issues] Sporadic packet loss & instability on Layer 3 roaming & Teleworker VPN SSID's (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)\n[Known Issues] UNII-2e channels not available for indoor APs in Israel IL regulatory domain (Wi-Fi 5 Wave 2 MRs/Wi-Fi 6 MRs)","networkType":"wireless","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":true,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1622662076,"updatedAt":1624487536},{"id":"2109","name":"MT 1.1","major":1,"minor":1,"patch":0,"changelog":"Minor bug fixes to improve the speed and reliability of the connection to the gateway","networkType":"sensor","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-11-06T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1604521846,"updatedAt":1616174626},{"id":"2125","name":"MT 1.2","major":1,"minor":2,"patch":0,"changelog":"Bug Fixes and performance improvement for MT10, MT12 and MT20","networkType":"sensor","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1610404166,"updatedAt":1616174626},{"id":"2002","name":"MT 1.0","major":1,"minor":0,"patch":0,"changelog":"Stable firmware release for MT10, MT12 and MT20","networkType":"sensor","isBeta":false,"lasikImpacted":false,"endOfSupportDate":"2021-12-31T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1589912325,"updatedAt":1616174626},{"id":"1842","name":"MX 15.13","major":15,"minor":13,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Corrected an MX 13 change that resulted in the MX sending DHCP request packets as broadcast messages when attempting to renew DHCP leases on its WAN interface(s)\n[Bug Fixes] Resolved an issue that prevented Z3 and Z3C from forming IPSec tunnels when the 3DES cryptographic algorithm was used\n[Bug Fixes] Fixed an issue that resulted in MX67(C,W) and MX68(W,CW) failing to redirect clients to splash pages\n[Bug Fixes] Corrected an issue that could result in a device reboot when there were two or more port forwarding rules were configured for the same port.\n[Bug Fixes] Resolved an issue that resulted in files failing to be submitted to ThreatGrid.\n[Bug Fixes] Fixed a rare issue that could result in MX400 and MX600 appliances failing to initiate a firmware upgrade\n[Bug Fixes] Corrected an issue that caused MX appliances configured in passthrough or VPN concentrator mode to generate syslog flow entries for inbound traffic flows, even when logging of these flows was set to disabled\n[Bug Fixes] Resolved an issue that resulted in MX84 appliances improperly forwarding CDP messages\n[Bug Fixes] Fixed an issue that could result in the secondary WAN connection incorrectly reporting “Ready” instead of “Active” in the Appliance Status page\n[Bug Fixes] Updated the NetFlow export logic to report unidirectional flows to better align with the RFC3954 requirements\n[Bug Fixes] Octet and Packet counts reported via NetFlow are now reported as the count of packets since the last update (the delta), as opposed to an aggregate count since the flow began\n[Bug Fixes] Resolved an issue that caused MX250 and MX450 appliances to not send LLDP messages.\n[Bug Fixes] Corrected an issue that resulted in all layer 7 flow decisions being exported via syslog. Now only flows that are blocked by a layer 7 firewall rule will be reported via syslog.\n[Bug Fixes] Resolved an issue that could result in log messages filling device storage on MX84, MX250, and MX450 platforms.\n[Bug Fixes] Fixed an issue that resulted in wireless MXs attempting to perform wireless load balancing\n[Bug Fixes] Corrected an issue that resulted in the ifOperStatus being reported incorrectly on MX67(C,W) and MX68(W,CW) appliances\n[Bug Fixes] Resolved an issue that resulted in the MX67(C,W) and MX68(W,CW) appliances incorrectly reporting some parameters in the IDS/IPS syslog export\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to an MX 15 regression, non-Meraki site-to-site VPN and client VPN tunnels will not form properly when the MX appliance is using a backup cellular connection.\n[Known Issues] Due to an MX 15 regression, the lifetime of non-Meraki site-to-site VPN and client VPN connections will always be 60 minutes (3600 seconds).\n[Known Issues] Due to issues still under investigation, MX67(C,W) and MX68(W,CW) appliances may become inoperable after a device reboot occurs\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nIf certain error conditions where AMP is unable to send a file disposition request to the AMP Cloud occur, the MX will now re-attempt the lookup at a later time. \nUpdated the FIRST_SWITCHED and LAST_SWITCHED data reported via NetFlow to be relative to the last update. FIRST_SWITCHED is the time at which the last NetFlow report was sent for the flow and LAST_SWITCHED remains the time at which activity was last observed on the flow.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-01-06T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1554429483,"updatedAt":1619125916},{"id":"2156","name":"MX 16.5","major":16,"minor":5,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 16 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 15 or MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] Due to a regression currently under investigation, MX appliances may be unable to establish cellular connectivity on both integrated cellular modems and external USB modems. We recommend that customers that rely on cellular connectivity in their deployments wait until a later MX 16 release to upgrade.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.55.\n[Bug Fixes] Resolved an issue that resulted in the DNS lookup live tool always sending DNS queries to the DNS server configured on the uplink, regardless of whether a different IP address was specified when running the tool. \n[Bug Fixes] Corrected a case that could result in a crash of the process responsible for managing and maintaining non-Meraki and client VPN tunnels. \n[Bug Fixes] Fixed a very rare case that could result in packet loss on MX64(W) appliances. \n[Bug Fixes] Corrected an MX 16.4 issue that may have resulted in the device local status page incorrectly reporting that the appliance was not able to communicate with the Meraki Cloud.\n[Bug Fixes] Resolved an issue that resulted in Layer 3 firewall rules including FQDNs in the source or destination addresses failing to apply when MX appliances were configured in passthrough mode.\n[Bug Fixes] Corrected an issue that resulted in an MX not properly updating the MTU value used for AutoVPN after 1) the MX appliance had established an AutoVPN tunnel with multiple MX appliances, 2) the AutoVPN peer appliances had different MTU values, and 3) the AutoVPN peer appliance possessing the lowest MTU value was disconnected and not reconnected.\n[Bug Fixes] Fixed an issue that resulted in communications across non-Meraki site-to-site VPN connections not being subject to configured bandwidth limits. \n[Bug Fixes] Update the AnyConnect VPN service\n[Bug Fixes] Security improvements\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Significant performance regressions for VPN traffic may be observed on MX84 and MX100 appliances\n[Known Issues] Group policies do not correctly apply to client devices\n[Known Issues] Z3(C) appliances that are upgraded to MX 16 versions cannot directly downgrade to MX 14 releases. They must first downgrade to an MX 15 release.\n[Known Issues] MX IDS security alerts are not detected for Anyconnect VPN traffic\n[Known Issues] BGP-learned routes may not be properly reflected in the Route Table page on the Meraki Dashboard, despite BGP and packet routing operating correctly.\n[Known Issues] There is an increased risk of encountering device stability issues on all platforms and across all configurations.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1617926873,"updatedAt":1617999410},{"id":"2166","name":"MX 16.6","major":16,"minor":6,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 16 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 15 or MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.55.\n[Bug Fixes] Added support for AnyConnect VPN clients roaming to different public IP addresses.\n[Bug Fixes] Updated the AnyConnect VPN service.\n[Bug Fixes] Updates to the AnyConnect VPN configuration should now cause less disruption to connected AnyConnect client VPN clients. \n[Bug Fixes] Corrected an issue that could result in a device crash when NBAR was in use.\n[Bug Fixes] Resolved an issue that resulted in MX appliances incorrectly forwarding traffic across the site-to-site VPN when the following conditions are met: 1) the MX appliances operating in one-armed VPN concentrator mode, 2) site-to-site VPN was enabled, and 3) traffic was received on the WAN interface with a source IP address matching the MX’s WAN interface IP. This situation could arise during an unintended routing loop and will now be dropped by MX appliances. \n[Bug Fixes] Fixed a case where the non-Meraki VPN service was not stopped when all non-Meraki VPN peers are removed from the configuration.\n[Bug Fixes] Corrected an MX 16 regression that caused MX appliances to be unreachable after failing over to a cellular connection when that connection required an MTU below 1500.\n[Bug Fixes] Resolved an MX 16.4 regression that resulted in MX appliances configured to operate in passthrough mode while also configured to operate in warm spare / high availability (HA) mode, using an incorrect MAC address for traffic sourced from the virtual IP address (VIP) of the HA pair.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Significant performance regressions for VPN traffic may be observed on MX84 and MX100 appliances\n[Known Issues] Group policies do not correctly apply to client devices\n[Known Issues] Z3(C) appliances that are upgraded to MX 16 versions cannot directly downgrade to MX 14 releases. They must first downgrade to an MX 15 release.\n[Known Issues] MX IDS security alerts are not detected for Anyconnect VPN traffic\n[Known Issues] BGP-learned routes may not be properly reflected in the Route Table page on the Meraki Dashboard, despite BGP and packet routing operating correctly.\n[Known Issues] There is an increased risk of encountering device stability issues on all platforms and across all configurations.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1620254017,"updatedAt":1620255114},{"id":"2128","name":"MX 15.42","major":15,"minor":42,"patch":0,"changelog":"[MX 15 Feature Highlights] Added support for Cisco Umbrella integration\n[MX 15 Feature Highlights] Added support for establishing non-Meraki VPN tunnels using IKEv2\n[MX 15 Feature Highlights] Added support for configuring source-based default routes\n[MX 15 Feature Highlights] Local breakout of SaaS applications to use public Internet links instead of Auto VPN tunnels. L3 breakout policies are available with all license tiers. Smart application breakouts are available with the Secure SD-WAN Plus license.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.55.\n[Bug Fixes] Stability improvements to Z3(C) appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Due to issues still under investigation, Z3(C) appliances are more likely to experience a device reboot when the wireless functionality is being utilized.","networkType":"wired","isBeta":false,"lasikImpacted":false,"endOfSupportDate":null,"supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1610768776,"updatedAt":1621761859},{"id":"2116","name":"MX 16.2","major":16,"minor":2,"patch":0,"changelog":"[Important Notice] This is an alpha version for the MX 16 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 15 or MX 14 releases will provide a more stable upgrade alternative.\r\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.53.\r\n[New Features] Added support for Cisco AnyConnect on Z3(C), MX67(C,W), MX68(W,CW), MX84, MX100, MX400, MX600, MX250, and MX450 appliances.\r\n[New Features] Added Network-Based Application Recognition (NBAR) integration. \r\n[New Features] Added support for using a cellular uplink concurrently with a wired uplink, as opposed to the cellular uplink only being available for failover.\r\n[Bug Fixes] All bug fixes present in MX 15.40 are also present in this release.\r\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\r\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\r\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\r\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\r\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\r\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\r\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\r\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\r\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\r\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\r\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\r\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-03-09T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1606247587,"updatedAt":1619126254},{"id":"1686","name":"MX 15.4","major":15,"minor":4,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New Features] Added firmware support for configuring a default route per VLAN\n[Bug Fixes] Resolved an issue where AMP would only allow one file to be whitelisted, even when multiple were configured\n[Bug Fixes] Fixed a rare issue that could result in improper firewall rules applying to client devices after the assigned group policy had been changed\n[Bug Fixes] Fixed an issue that resulted in only one RADIUS server being used for client VPN authentication, even when two or more were specified\n[Bug Fixes] Corrected a case where ICMP time to live exceeded messages were not generated\n[Bug Fixes] Resolved an issue that could result in OSPF routes for connected VPN spokes not being advertised by an MX. This was mostly likely to occur for a VPN concentrator with many AutoVPN peers.\n[Bug Fixes] Resolve an issue where the whitelisted URLs were not honored by AMP\n[Bug Fixes] Fixed an issue where packet captures would timeout after 20 seconds, even if a longer capture duration had been specified\n[Bug Fixes] Resolved a rare issue that could result in a reboot of MX appliances when intrusion detection or prevention was enabled and there was a large volume of compressed files being transmitted over the network\n[Bug Fixes] Fixed a rare issue that could result in the AMP process crashing and being unable to restart until a device reboot was performed.\n[Bug Fixes] Corrected an issue that could result in no VPN traffic being processed correctly until a system reboot was performed on the MX250 and MX450 platforms.\n[Bug Fixes] AMP reliability improvements\n[Bug Fixes] Resolved an MX 13.5 regression that could result in a routing loop for subnet(s) advertised by multiple one-armed VPN concentrators within the Auto VPN topology, when Auto VPN tunnels between the concentrators are formed. \n[Bug Fixes] Corrected an issue that could result in some cellular modems getting stuck in a connecting state.\n[Bug Fixes] Fixed an issue that could cause the MX250 and MX450 to incorrectly report that a fan had failed\n[Bug Fixes] Corrected a rare case that resulted in MX250 and MX450 appliances being unable to update their Dashboard configuration \n[Bug Fixes] Added logic to prevent sending partial files to ThreatGrid\n[Bug Fixes] Resolved a rare issue that could result in packet loss on some flows. The loss would persist on these flows until they were remapped with different TCP or UDP ports.\n[Bug Fixes] Fixed an issue that could result in FTP file downloads failing if the download took longer than 5 minutes to complete\n[Bug Fixes] Corrected an issue that caused the MX84 to not provide interface information via SNMP\n[Bug Fixes] Fixed an issue that resulted in the MX84 not sending LLDP messages when VLANs were enable\n[Bug Fixes] Resolved an issue where the link connectivity state of the management port could be incorrectly reported on the MX250 and MX450 platforms\n[Bug Fixes] Resolved several cases that could result in unexpected system reboots of MX and Z appliances\nImproved the accuracy of layer 7 signature matching\nSmall AutoVPN scalability improvements\nAdded logic for an MX to recover it’s last known good uplink settings on boot-up\nRe-added support for submitting .zip files to ThreatGrid for inspection. ZIP files will only be submitted if they are detected as containing one or more file types supported by ThreatGrid. Nested ZIP files are not supported.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2018-10-15T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1516324431,"updatedAt":1619125431},{"id":"1702","name":"MX 15.5","major":15,"minor":5,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New Features] Added support for reporting key BGP events to the Event Log\n[Bug Fixes] Fixed a case that could cause the AMP services to lose communication with each other on MX60, MX60W, MX80, and MX90 platforms \n[Bug Fixes] Corrected a rare issue that could result in MXs attempting to establish communication with former Auto VPN peers after they had been reconfigured to peer with new AutoVPN participants\n[Bug Fixes] Fixed an issue that could result in the MX not forwarding DHCP messages destined for other DHCP servers, even when the MX was not configured to act as a DHCP server or DHCP relay\n[Bug Fixes] Resolved a race condition that could result in flows being incorrectly mapped out a WAN interface that was down while the MX was in the process of failing over to 3G/4G backup. This resulted in affected flows being unable to communicate over the 3G/4G connection until the flow became inactive and the flow state information was removed\n[Bug Fixes] Resolved a case that could result in the MX advertising routes via EBGP with an incorrect next hop IP address\n[Bug Fixes] Resolved an issue that could result in the MX restoring stale uplink configuration information on bootup\n[Bug Fixes] Fixed an issue that resulted in routes learned via EBGP peers showing as offline in the Route table page on Dashboard\n[Bug Fixes] Corrected an issue that could result in a device reboot while some 3G/4G modems were connected to an MX appliance and were unable to progress past the “connecting” state\n[Security Fixes] CVE-2017-1000101\n[Security Fixes] CVE-2017-8816\n[Security Fixes] CVE-2017-8817\nImproved the accuracy of layer 7 signature matching for HTTPS traffic\nHostname to IP address mappings that are dynamically learned by the MX from snooping DNS traffic will now expire based on the observed TTL value in the DNS response\nAdded support for assigning a /31 subnet to the MX’s uplink via the local status page. The IP address assigned to the MX must be the higher of the two available IP addresses in the /31 subnet.\nThe MX will no longer export transit routes to EBGP peers","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2018-12-03T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1519967891,"updatedAt":1619125487},{"id":"1706","name":"MX 15.6","major":15,"minor":6,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue where the MTU value was not returned via SNMP\n[Bug Fixes] Corrected an issue where traffic destined to routes learned through EBGP peers were always sent to the advertising EBGP peer, even if the EBGP route was advertised with a different NEXT_HOP IP Path Attribute specified\n[Bug Fixes] Resolved an issue that could result in packet loss when certain configuration changes were made when using an MX84 appliance\n[Bug Fixes] Fixed an issue where non-Meraki and client VPN traffic would be dropped when packets arrived out-of-order due to an overly restrictive anti-replay window size","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2018-12-10T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1520379398,"updatedAt":1619125505},{"id":"1719","name":"MX 15.7","major":15,"minor":7,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that could prevent some GSM modems from connecting properly on Z3 devices\n[Bug Fixes] Corrected an issue where traffic was not being routed to non-Meraki VPN peers based on the most specific route available. This occurred when multiple non-Meraki VPN peers were configured with overlapping routes\n[Bug Fixes] Resolved an issue that resulted in the status of BGP-learned routes not displaying correctly in the Route table page\n[Bug Fixes] Fixed an issue reporting port statistics via SNMP on the MX65 and MX65W platforms\nAdded support for inspecting DMG files to AMP\nWhen group policy assignment via Active Directory is configured, the internal databases used to track information learned via queries to the configured Active Directory servers will now be cleared when AD servers are added or removed from the configuration","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2019-01-07T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1522900606,"updatedAt":1619125807},{"id":"1742","name":"MX 15.9","major":15,"minor":9,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New Features] Added firmware support for more detailed device utilization reporting. This is not yet available via the Dashboard UI.\n[Bug Fixes] Resolved an issue where an MX appliance configured as a one-armed VPN concentrator could incorrectly advertise the subnet on it’s WAN interface via BGP\n[Bug Fixes] Fixed an MX 15 regression that could result in the local status page being inaccessible if a factory reset was performed and the MX was unable to get an IP address via DHCP\n[Bug Fixes] Improved the reliability of cellular modem signal strength reporting\n[Bug Fixes] Fully resolved an issue that resulted in TCP performance degradation on the MX250 and MX450 platforms. A partial fix was available in MX 15.8. \n[Bug Fixes] Corrected an issue that could result in traffic not being routed to non-primary hubs when VPN connectivity to the primary hub was lost. This could occur only when the spoke (1) was configured with two WAN interfaces, (2) was part of an AutoVPN DC-DC failover architecture, (3) primary uplink (of the spoke) went down, and (4) VPN tunnels to the primary AutoVPN hub subsequently failed. \n[Bug Fixes] Resolved a case that resulted in configuration for a secondary WAN interface was incorrectly displayed on the local status page for Z3 devices.\n[Bug Fixes] Fixed an issue that resulted in the Z3 being unable to form VPN tunnels with non-Meraki VPN peers using AES-192 encryption\n[Bug Fixes] Resolved a case that could result in a device reboot on MX250 and MX450 platforms. This was more likely to occur when intrusion detection or intrusion prevention was enabled.\n[Bug Fixes] Corrected an issue that resulted in downloads of files with a malicious disposition that were performed over client VPN not being blocked by AMP.\n[Bug Fixes] Fixed a case that could result in VPN flow preferences not being honored\n[Bug Fixes] Fixed an issue that resulted in Z3 appliances not displaying PoE status information in the Appliance Status page.\n[Bug Fixes] Resolved an issue that could result in the wireless channel utilization and current clients live tools not reporting information correctly for Z3 devices.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 15.8 or higher.\n[Known Issues] In conditions still under investigation a network loop may form when using MX84 appliances in some warm spare (HA) configurations\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] In conditions still under investigation, device reboots may occur when HTTP content caching is enabled.\n[Known Issues] In conditions still under investigation, the Z3 may fail to authenticate clients that are physically connected to the Z3 during bootup when 802.1X port authentication has been configured\n[Known Issues] Stability issues on the MX250 and MX450 platforms\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Z1 stability regressions\n[Known Issues] During a brief window of time after upgrading to this firmware version, if Z3 appliances experience a WAN connectivity disruption, the device may become permanently inoperable. This affects devices upgrading from version versions below MX 14.30 and MX 15.7.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2019-03-04T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1528231556,"updatedAt":1619125842},{"id":"1886","name":"MX 15.18","major":15,"minor":18,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that could result in non-Meraki VPN and client VPN tunnels failing to form if certain characters were used in the pre-shared key. \n[Bug Fixes] Performed some tuning of packet buffers on MX250 and MX450 appliances. This should improve the consistency of TCP performance when between a 10Gbps WAN interface and a 1 Gbps LAN interface. \n[Bug Fixes] Resolved an issue that could result in device reboots of MX84, MX250, and MX450 appliances.\n[Bug Fixes] Corrected an issue that could result in a device reboot when ThreatGrid integration was enabled. \n[Bug Fixes] Fixed several issues that could result in a device reboot when AMP was enabled.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to an MX 15 regression, client VPN users cannot communicate across non-Meraki VPN tunnels\n[Known Issues] The MX may fail to forward traffic for clients in subnets for which source-based routes are configured\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-06-26T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1569281422,"updatedAt":1619126004},{"id":"1892","name":"MX 15.20","major":15,"minor":20,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that resulted in a device reboot. This mostly affected Z3(C) appliances.\n[Bug Fixes] Corrected an MX 15 regression that resulted in client VPN users being unable to communicate across VPN tunnels with non-Meraki site-to-site VPN peers. \n[Bug Fixes] Resolved an additional issue that could result in the BGP and OSPF processes crashing on MX appliances. \n[Bug Fixes] Fixed an issue that could result in a device reboot for MX84 appliances\n[Bug Fixes] Corrected an issue that resulted in MXs being unable to properly route traffic to non-meraki site-to-site and client VPN tunnels while configured in passthrough mode.\n[Bug Fixes] Resolved a case where the power constraint IE was not sent for all channels on Z3(C) and MX67W and MX68(W,CW) platforms. \n[Bug Fixes] Corrected an MX 15 regression that resulted in significant performance decreases across all platforms. This will make Meraki Insight’s loss logging less accurate.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nWe previously listed “the MX may fail to forward traffic for clients in subnets for which source-based routes are configured” as a known issue, but we are no longer able to reproduce this problem and it has not been observed in “the field”, so it has been removed from the list of known issues.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-07-17T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1571200231,"updatedAt":1619126032},{"id":"1900","name":"MX 15.22","major":15,"minor":22,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug fixes] Resolved an MX 15.21 issue that caused router solicitation messages to be sent out the WAN with an incorrect source MAC address. In rare cases, this may have caused connectivity issues between the MX and an upstream device.\n[Bug fixes] Corrected a small performance regression impacting all platforms. This may result in MI loss calculations being less reliable on the MX67(C,W) and MX68(W,CW) platforms.\n[Bug fixes] Fixed an MX 15 regression that resulted in client VPN users being unable to communicate across VPN tunnels with non-Meraki site-to-site VPN peers if the non-Meraki site-to-site VPN connection was established using IKEv2.\n[Bug fixes] Implemented optimizations to the BGP process. This should improve the consistency of the IBGP connections, even when larger numbers of dynamic routes are being learned by an AutoVPN / IBGP hub.\n[Bug fixes] Corrected a rare issue that could cause a device reboot when an MX appliance was using a cellular connection.\n[Bug fixes] Resolved an additional case where IPv6 traffic was being dropped while the MX was configured in passthrough mode. \n[Bug fixes] Fixed an MX 15.21 regression that resulted in MX67C and MX68CW being unable to establish a cellular connection. \n[Bug fixes] Corrected an issue that could result in walled garden domains not functioning properly when Umbrella integration was configured. \n[Bug fixes] Resolved an issue that may have resulted in wireless clients with static IP addresses experiencing wireless connectivity issues when connecting to MXW and Z units.\n[Bug fixes] Fixed a rare issue that could result in MX84 appliances being unable to set their clocks correctly. This could have resulted in the device being unable to connect to Dashboard.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-08-21T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1574377271,"updatedAt":1619126058},{"id":"1913","name":"MX 15.23","major":15,"minor":23,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New features] Added firmware support for configuring BGP hold timers.\n[Bug fixes] Stability improvements for MX250 and MX450 appliances.\n[Bug fixes] Fixed an issue that could result in MX64(W) and MX65(W) appliances being unable to successfully fetch a configuration from the Meraki Dashboard without Meraki Support’s intervention.\n[Bug fixes] Corrected an MX 15.12 regression that could result in some fragmented packets being dropped in rare circumstances.\n[Bug fixes] Wireless stability improvements.\n[Bug fixes] Fixed an MX 15 regression that could result in higher-than-expected CPU utilization when many AutoVPN routes were present in the configuration.\n[Bug fixes] Corrected an issue that resulted in OSPF routes being advertised much slower than expected when the AutoVPN process was reinitialized. \n[Bug fixes] Resolved an issue that could result in MX67(W) and MX68(W,CW) appliances entering a reboot loop if 802.1X port authentication was configured while wireless was also enabled. \n[Bug fixes] Resolved an MX 15.15 regression that could result in MX65(W) appliances being unable to successfully upgrade to MX 15 releases. \n[Bug fixes] Corrected an MX 15.15 regression that could result in MX65(W) appliances being unable to properly route some traffic if 1) one or more of ports 3-7 were configured as an access port AND 2) one or more of ports 8-12 were configured as an access port. \n[Bug fixes] Fixed an issue that may have resulted in unnecessary CPU utilization when clients were wirelessly associated, but not passing any traffic.\n[Bug fixes] Corrected a rare issue that could result in clients connected to MX68(W,CW) appliances on ports 8-12 being unable to communicate on the network. \n[Bug fixes] Resolved additional cases that resulted in MX 15 performance regressions on MX250 and MX450 platforms. \n[Bug fixes] Made some small optimizations to the processing of wireless traffic. This may result in small wireless throughput improvements in some cases. \n[Bug fixes] Fixed a case that may have resulted in wireless WMM parameters being set incorrectly.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.\n[Known Issues] Devices connected to ports 3-7 may have issues communicating with devices connected to ports 8-12 on MX68(W,CW) appliances.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nWhile we have previously listed MX 15 releases as “early-stage beta versions,” we will be dropping the “early-stage” status going forward. After having MX 15 available in beta for much of 2019, we have seen a significant increase in the breadth of deployments of MX 15 and through that, and our own internal testing, we have been able to identify and resolve many issues affecting this upcoming release. While this is an important step forward for MX 15, it remains in development and additional caution in upgrading production appliances to MX 15 releases is still warranted with the known issues above taken into consideration.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-10-09T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1578369683,"updatedAt":1619126066},{"id":"1935","name":"MX 15.27","major":15,"minor":27,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that may have resulted in MX appliances not being able to successfully establish OSPF or BGP sessions.\n[Bug Fixes] Fixed several issues that could result in a device reboot.\n[Bug Fixes] BGP stability improvements.\n[Bug Fixes] Corrected an issue that could result in files with unknown dispositions from the AMP Cloud not being uploaded to the ThreatGrid sandbox for further analysis when the MX was attempting to connect to a ThreatGrid instance in the European Union.\n[Bug Fixes] Resolved an issue that resulted in “route connection change” event log messages being emitted for all of an MX’s AutoVPN peers when one AutoVPN peer enabled or disabled AutoVPN.\n[Bug Fixes] Corrected a rare issue that could result in an MX appliance failing to properly write a new configuration file to persistent storage. In very rare cases, this may have resulted in static IP configuration being lost.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Devices connected to ports 3-7 may have issues communicating with devices connected to ports 8-12 on MX68(W,CW) appliances.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-12-04T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1583185959,"updatedAt":1619126123},{"id":"1925","name":"MX 15.25","major":15,"minor":25,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved a rare issue that could result in content filtering lists not updating properly. \n[Bug Fixes] Corrected a potential issue that may have resulted in unnecessary CPU utilization. \n[Bug Fixes] Made slight improvements to the efficiency of processing traffic in some cases. \n[Bug Fixes] Resolved an issue that may have decreased the resilience of the BGP functionality on MX. \n[Bug Fixes] Fixed an issue that may have resulted in MI loss calculations being less reliable on the MX67(C,W) and MX68(W,CW) platforms.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions.\n[Known Issues] Devices connected to ports 3-7 may have issues communicating with devices connected to ports 8-12 on MX68(W,CW) appliances.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-11-06T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1580940441,"updatedAt":1619126095},{"id":"1752","name":"MX 15.10","major":15,"minor":10,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New Features] Added firmware support for BGP multihop configuration\n[New Features] Added firmware support for Cisco Umbrella integration\n[Bug Fixes] Z1 stability improvements\nFixed an issue that could result in device reboots for MX84, MX100, MX400, MX600, MX250, and MX450 platforms. This was most likely to occur when HTTP content caching was enabled.\n[Security Fixes] CVE-2017-15107\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 15.8 or higher.\n[Known Issues] In conditions still under investigation a network loop may form when using MX84 appliances in some warm spare (HA) configurations\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] In conditions still under investigation, the Z3 may fail to authenticate clients that are physically connected to the Z3 during bootup when 802.1X port authentication has been configured\n[Known Issues] Stability issues on the MX250 and MX450 platforms\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] During a brief window of time after upgrading to this firmware version, if Z3 appliances experience a WAN connectivity disruption, the device may become permanently inoperable. This affects devices upgrading from version versions below MX 14.30 and MX 15.7.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2019-03-25T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1529977611,"updatedAt":1619125851},{"id":"1888","name":"MX 15.19","major":15,"minor":19,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug fixes] Resolved an issue that could result in a device reboot\n[Bug fixes] The content filtering matching logic has been significantly refactored. While user-defined whitelists and blacklists will still function the same, other content filtering matches will now be more precise. For example, previously, if google.com was present in the content filtering lists (either due to Search Engines being a part of the top site configuration, or due to having full lists enabled), other google subdomains, such as plus.google.com would also be classified as Search Engines.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to an MX 15 regression, client VPN users cannot communicate across non-Meraki VPN tunnels\n[Known Issues] The MX may fail to forward traffic for clients in subnets for which source-based routes are configured\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nUpdated the firmware-default scripts used for managing cellular connectivity to match those being provided through the Meraki Dashboard as an out-of-band download. This will not provide a functional difference during normal operation, but may help to improve the consistency of connectivity during some edge-case operations like when the MX is migrated between organizations.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-07-03T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1570070443,"updatedAt":1619126015},{"id":"1861","name":"MX 15.14","major":15,"minor":14,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that resulted in the network name not being included in some syslog messages\n[Bug Fixes] Corrected an MX 15 regression that resulted in the lifetime of non-Meraki site-to-site VPN and client VPN connections always being 60 minutes (3600 seconds)\n[Bug Fixes] Fixed an issue that resulted in EBGP-learned routes taking precedence over AutoVPN routes learned from Dashboard when the MX learned identical routes from both sources\n[Bug Fixes] Resolved an issue that resulted in Umbrella configurations in group policy not being honored when the group policy was applied to a VLAN\n[Bug Fixes] Corrected an MX 15.12 regression that resulted in some live tools no longer returning data\n[Bug Fixes] Fixed an issue that resulted in WAN uplink failover times taking longer than expected in the case of a soft link failure\n[Bug Fixes] Resolved an MX 15 regression that resulted in site-to-site and client VPN tunnels not forming properly when an MX appliance was using a backup cellular connection\n[Bug Fixes] Corrected a race condition that could result in non-Meraki and client VPN tunnels not forming properly\n[Bug Fixes] Fixed an issue that caused pings to an MX VLAN IP address to fail when 1) the MX was configured to have NAT disabled on an uplink and 2) the client initiating the ping was on the upstream network of the uplink with NAT disabled\n[Bug Fixes] Resolved an additional issue that could result in broadcast packets always being sent out all ports on MX64(W) and MX65(W) appliances \n[Bug Fixes] Stability improvements for the MX67(C,W) and MX68(W,CW) appliances\n[Bug Fixes] Resolved a rare issue that could result in content filtering policies being applied inconsistently\n[Bug Fixes] Fixed an issue that resulted in MX100 and MX84 appliances rebooting when null encryption was used for non-Meraki VPN connections.\n[Bug Fixes] Corrected a rare issue that could result in MX100, MX400, and MX600 appliances not providing DHCP leases to clients\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] In conditions still under investigation, group policy assignment via Active Directory group mappings is not performed correctly for MX67(C,W) and MX68(W,CW) units.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to an MX 15.12 regression, port 5 does not pass traffic when port 2 is configured to operate as a WAN port on MX67(C,W) appliances\n[Known Issues] Due to an MX 15.12 regression, LAN traffic and the second WAN port can be bridged by the hardware switch on MX67(C,W) appliances. This traffic will bypass NAT, L3 firewall rules, and all MX configuration.\n[Known Issues] Due to issues still under investigation, MX67(C,W) and MX68(W,CW) appliances may become inoperable after a device reboot occurs\n[Known Issues] Due to an MX 15 regression, client VPN users cannot communicate across non-Meraki VPN tunnels\n[Known Issues] Due to an MX 15 regression, when operating as a secondary AutoVPN concentor, an MX will not prepend the AS-PATH attribute with an additional copy of the ASN\n[Known Issues] Due to an MX 15 regression, whitelist settings for Intrusion Detection and Prevention are not honored on MX67(C,W) and MX68(W,CW) appliances\n[Known Issues] Due to an MX 15 regression, IBGP routes are advertised to EBGP peers, even if the AutoVPN peers the IBGP routes are learned from is offline\n[Known Issues] Due to an MX 15 regression, the BGP process on MX appliances may be more susceptible to crash when a large number of routes are learned \n[Known Issues] Due to an MX 15 regression, a default route (0.0.0.0/0) learned from an EBGP peer will not be advertised to IBGP peers\n[Known Issues] The MX may fail to forward traffic for clients in subnets for which source-based routes are configured\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nUpdated the interface index values included in NetFlow exports to match the values obtained via SNMP for the Z3(C), MX64(W), MX67(C,W), MX68(W,CW), MX100, MX250, and MX450 platforms.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-03-09T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1560289292,"updatedAt":1619125928},{"id":"1870","name":"MX 15.15","major":15,"minor":15,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Fixed an MX 15 regression that resulted in VMX100 appliances failing to initialize processes required for BGP and OSPF\n[Bug Fixes] Resolved an issue that resulted in TPC report elements not being included in Beacon and Probe frames on Z3(C) appliances\n[Bug Fixes] Corrected an MX 15 regression that resulted in the intrusion detection/prevention signature whitelist not being honored on MX67(C,W) and MX68(W,CW)\n[Bug Fixes] Fixed an MX 15.11 regression that could result in hubs advertising routes for spoke sites that a VPN connection was not established for via EBGP\n[Bug Fixes] Resolved an issue that could result in intra-VLAN packet loss on Z3(C) appliances when intra-VLAN communication was between devices connected on ports with 802.1X authentication\n[Bug Fixes] Corrected an issue that could result in a device reboot of MX65W appliances when the regulatory domain was configured as the Cocos (Keeling) Islands regulatory domain\n[Bug Fixes] Fixed a rare race condition that could result in devices being unable to successfully fetch configurations from Dashboard.\n[Bug Fixes] Resolved an MX 14.7 regression that resulted in no email alert being generated when the MX failed back to a wired WAN uplink after having previously failed over to a cellular backup connection.\n[Bug Fixes] Corrected an issue that resulted in the MX being unable to match a user’s primary active directory group to a group policy configuration.\n[Bug Fixes] Fixed a rare flow management issue that could result in IBGP sessions being unable to establish properly when the MX acting as a VPN concentrator was configured as a one-armed VPN concentrator.\n[Bug Fixes] Resolved an issue that resulted in the Dashboard configuration of whether a convertible LAN port was operating as a LAN or WAN port was not honored if that setting had previously been modified on the device local status page.\n[Bug Fixes] Resolved an MX 15 regression that caused MXs operating as a secondary AutoVPN concentrator to not prepend the AS-PATH attribute with an additional copy of the ASN.\n[Security Fixes] Resolved CVE-2018-5407 for MX67(C,W) and MX68(W,CW) appliances\n[Security Fixes] Resolved CVE-2018-0734 for MX67(C,W) and MX68(W,CW) appliances \n[Security Fixes] Resolved CVE-2018-0732 for MX67(C,W) and MX68(W,CW) appliances \n[Security Fixes] Resolved CVE-2018-0737 for MX67(C,W) and MX68(W,CW) appliances\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] In conditions still under investigation, group policy assignment via Active Directory group mappings is not performed correctly for MX67(C,W) and MX68(W,CW) units.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to an MX 15.12 regression, port 5 does not pass traffic when port 2 is configured to operate as a WAN port on MX67(C,W) appliances\n[Known Issues] Due to an MX 15.12 regression, LAN traffic and the second WAN port can be bridged by the hardware switch on MX67(C,W) appliances. This traffic will bypass NAT, L3 firewall rules, and all MX configuration.\n[Known Issues] Due to issues still under investigation, MX67(C,W) and MX68(W,CW) appliances may become inoperable after performing a firmware upgrade\n[Known Issues] Due to an MX 15 regression, client VPN users cannot communicate across non-Meraki VPN tunnels\n[Known Issues] Due to an MX 15 regression, the BGP process on MX appliances may be more susceptible to crash when a large number of routes are learned \n[Known Issues] Due to an MX 15 regression, a default route (0.0.0.0/0) learned from an EBGP peer will not be advertised to IBGP peers\n[Known Issues] The MX may fail to forward traffic for clients in subnets for which source-based routes are configured\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\nSeveral tuning adjustments were made to how long different types of file disposition results are cached by AMP.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-04-20T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1563419144,"updatedAt":1619125964},{"id":"1881","name":"MX 15.17","major":15,"minor":17,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug fixes] Corrected an issue that could result in improper STP topologies forming when MX250/450 were deployed in a high availability topology with multiple downstream switches\n[Bug fixes] Resolved several rare issues that may have contributed to the likelihood of a device reboot occurring on Z3(C) platforms\n[Bug fixes] Corrected an MX 15.14 regression that could result in the process responsible for managing system time crashing\n[Bug fixes] Fixed an issue that could result in AutoVPN traffic improperly following a default route over other, more specific routes when the default route was learned via IBGP\n[Bug fixes] Corrected an issue that resulted in default routes learned via EBGP not being advertised to IBGP peers\n[Bug fixes] Fixed an issue that could have resulted in mesh beacons being sent by MX and Z units with integrated wireless \n[Bug fixes] Resolved a rare issue that could result in an associated wireless client not being able to pass traffic properly\n[Bug fixes] Resolved a rare issue that could result in MX67(C,W) and MX68(W,CW) appliances becoming inoperable after a device reboot occurred\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to an MX 15 regression, client VPN users cannot communicate across non-Meraki VPN tunnels\n[Known Issues] The MX may fail to forward traffic for clients in subnets for which source-based routes are configured\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nImproved the scalability and reliability of downloading content filtering lists.\nImproved the reliability of file disposition lookup requests sent to the AMP Cloud.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-06-12T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1567828165,"updatedAt":1619125988},{"id":"1931","name":"MX 15.26","major":15,"minor":26,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that may have resulted in BGP withdraw messages being incorrectly sent after an route update via EBGP was received. \n[Bug Fixes] Corrected an issue that resulted in being unable to correctly establish an IBGP connection between two Z3(C) appliances.\n[Bug Fixes] Fixed an issue that resulted in MX appliances incorrectly forwarding directed-broadcast DHCP packets when the MX was configured to operate as a DHCP relay. This issue may have resulted in broadcast storms in topologies where another MX was also connected downstream and static routes are configured between the two MXs.\n[Bug Fixes] Corrected an issue that resulted in MX appliances incorrectly rewriting the source IP of DHCP requests packets that were being relayed over AutoVPN.\n[Bug Fixes] Resolved an MX 15.14 regression that resulted in configuration changes made to Internet port 1 from the local status page being erroneously applied to both the Internet 1 and Internet 2 ports.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions.\n[Known Issues] Devices connected to ports 3-7 may have issues communicating with devices connected to ports 8-12 on MX68(W,CW) appliances.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-11-20T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1581637364,"updatedAt":1619126106},{"id":"1948","name":"MX 15.28","major":15,"minor":28,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that could result in frequent changes in the availability of an IBGP-learned route (“route flapping”).\n[Bug Fixes] Corrected a race condition that could result in not being able to successfully pass traffic across a non-Meraki site-to-site VPN tunnel after the MX resumed using its primary uplink after having previously failed over to a secondary uplink. \n[Bug Fixes] Fixed an issue that could result in a device hang when switching the content filtering configuration from top site to full list mode when many content filtering categories were selected.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Devices connected to ports 3-7 may have issues communicating with devices connected to ports 8-12 on MX68(W,CW) appliances.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-01-08T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1586383463,"updatedAt":1619126134},{"id":"1955","name":"MX 15.29","major":15,"minor":29,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that resulted in devices connected to ports 3-7 being unable to communicate with devices connected to ports 8-12 on MX68(W,CW) appliances.\n[Bug Fixes] Fixed an issue that could result in MX67(C,W) and MX68(W,CW) appliances being unable to successfully fetch a configuration from the Meraki Dashboard.\n[Bug Fixes] Removed a previous change to how MX appliances send DHCP request packets that was introduced in MX 15.13. The behavior this change introduced does not conform to RFC 2131. With this change removed, MX appliances will perform the DHCP process on WAN uplinks in the same manner as in MX 14.\n[Bug Fixes] Corrected an issue that could result in fragmented packets that arrive across a cellular connection not being sent to clients on the LAN.\n[Bug Fixes] Resolved an issue that could result in a device reboot of MX67W, MX68W, and MX68CW appliances.\n[Bug Fixes] On MX67(C,W) and MX68(W,CW) appliances, several adjustments have been made to improve underlying systems related to port initialization and management. This should resolve 1) an issue that allowed these platforms to become bridged for a brief period on bootup, 2) packet loss that could arise from rebooting the spare appliance in a warm spare / high availability (HA) setup, and 3) some configuration changes resulting in a period of packet loss for 10 seconds or more.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.\nIncreased the accuracy for tracking when flows were created. This should help make MI tracking more precise.\nAdded additional robustness to the firmware upgrade process for the MX67(C,W) and MX68(W,CW) appliances.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-01-29T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1588050281,"updatedAt":1619126144},{"id":"1657","name":"MX 15.2","major":15,"minor":2,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved a rare issue where an MX could attempt to route a VPN flow via an uplink that did not have a valid VPN tunnel to the remote destination, when configured in NAT mode with two WAN uplinks. This would result in the incorrectly routed packet being dropped.\n[Security Fixes] CVE-2017-13704\n[Security Fixes] CVE-2017-14496\n[Security Fixes] CVE-2017-14495\n[Security Fixes] CVE-2017-14494\n[Security Fixes] CVE-2017-14493\n[Security Fixes] CVE-2017-14492\n[Security Fixes] CVE-2017-14491\n[Known Issues] A regression introduced in MX 13.5 could result in a routing loop for subnet(s) advertised by multiple one-armed VPN concentrators within the Auto VPN topology, when Auto VPN tunnels between the concentrators are formed.\n[Known Issues] In extended operation, the MX250 and MX450 may encounter an issue resulting in no VPN traffic being processed correctly until a system reboot is performed. This is resolved in MX 14.19.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2018-07-23T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1508477872,"updatedAt":1619125411},{"id":"1733","name":"MX 15.8","major":15,"minor":8,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved a case where the MX would not respect the NEXT_HOP attribute in BGP learned routes\n[Bug Fixes] Corrected an MX 13.1 regression that could cause AutoVPN traffic matching a configured VPN flow preference to be dropped when the MX had failed over to cellular backup \n[Bug Fixes] Fixed a rare issue that could cause an MX to map flows out a WAN interface that was hard down if both uplinks were in degraded connectivity states prior to the WAN interface going down\n[Bug Fixes] Resolved an issue that could result in a routing loop of OSPF hello packets when MX appliances were configured in warm spare (HA)\n[Bug Fixes] Fixed an issue that resulted in all flows being exported via syslog when an MX appliance was using a cellular backup connection, even if logging was disabled for some firewall rules\n[Bug Fixes] Resolved an issue that could prevent some vMX networks from being able to upgrade to MX15 from MX14 versions\n[Bug Fixes] Corrected an issue reporting the ifOperStatus via SNMP for MX65 and MX65W platforms\n[Bug Fixes] MX appliances will now initialize connections to USB730L modems sooner. This may resolve an issue that could result in the modem becoming unresponsive.\n[Bug Fixes] Fixed a case that could result in an MX appliance configured in warm spare (HA) generating OSPF messages from the virtual IP address, as opposed to the WAN IP address\n[Bug Fixes] Resolved an issue that could result in invalid flows being exported via NetFlow\n[Bug Fixes] Corrected an issue that incorrectly set OSPF interfaces as broadcast\n[Bug Fixes] Partially resolved an issue that resulted in TCP performance degradation on the MX250 and MX450 platforms. The partial fix addresses the copper and SFP LAN ports. A complete fix will be available in a future MX 14 release.\n[Bug Fixes] Fixed an issue that could result in a system reboot of MX65W appliances when the South Korea regulatory domain was configured\n[Bug Fixes] Corrected an issue that could result in throughput tests initiated through the Dashboard live tool not egressing the WAN interfaces\n[Bug Fixes] Resolved a rare issue that could result in device reboots when 802.1X port authentication was configured on the MX64(W), MX65(W), or Z3 platforms\n[Security Fixes] CVE-2018-5733\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX15.8 or higher.\n[Known Issues] In conditions still under investigation a network loop may form when using MX84 appliances in some warm spare (HA) configurations\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] In conditions still under investigation, device reboots may occur when HTTP content caching is enabled.\n[Known Issues] In conditions still under investigation, MX250 and MX450 platforms may occur when intrusion detection or intrusion prevention is enabled\n[Known Issues] In conditions still under investigation, the Z3 may fail to authenticate clients that are physically connected to the Z3 during bootup when 802.1X port authentication has been configured\n[Known Issues] In conditions still under investigation, the Z3 is unable to form VPN tunnels with non-Meraki VPN peers using AES-192 encryption\n[Known Issues] Stability issues on the MX250 and MX450 platforms\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Z1 stability regressions\n[Known Issues] TCP performance on MX250 and MX450 devices may be degraded when latency is present in the network when the MX is configured to operate as a one-armed VPN concentrator or when the WAN interface(s) are operating at a lower link speed than ports on the LAN.\n[Known Issues] During a brief window of time after upgrading to this firmware version, if Z3 appliances experience a WAN connectivity disruption, the device may become permanently inoperable. This affects devices upgrading from version versions below MX 14.30 and MX 15.7.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2019-02-18T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1526514621,"updatedAt":1619125818},{"id":"1878","name":"MX 15.16","major":15,"minor":16,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that could result in delayed wireless transmissions on Z3(C) appliances\n[Bug Fixes] Corrected an issue that could result in the Power Constraint parameter being set incorrectly in wireless beacon frames emitted by Z3(C) appliances\n[Bug Fixes] Corrected an MX 15 regression that resulted in the BGP process on MX appliances being more susceptible to crashing when a large number of routes were learned\n[Bug Fixes] Resolved an issue that could result in the incorrect timing being logged by MI on partial HTTP responses\n[Bug Fixes] Resolved an MX 15.12 regression that caused LAN traffic and the second WAN port to be bridged by the hardware switch on MX67(C,W) appliances. This bridged traffic would bypass NAT, L3 firewall rules, and all MX configuration.\n[Bug Fixes] Corrected an MX 15.12 regression that could result in port 5 not passing traffic when port 2 was configured to operate as a WAN port on MX67(C,W) appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to issues still under investigation, MX67(C,W) and MX68(W,CW) appliances may become inoperable after performing a firmware upgrade\n[Known Issues] Due to an MX 15 regression, client VPN users cannot communicate across non-Meraki VPN tunnels\n[Known Issues] Due to an MX 15 regression, a default route (0.0.0.0/0) learned from an EBGP peer will not be advertised to IBGP peers\n[Known Issues] The MX may fail to forward traffic for clients in subnets for which source-based routes are configured\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-05-22T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1566518657,"updatedAt":1619125977},{"id":"1896","name":"MX 15.21","major":15,"minor":21,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New Feature] Added firmware support for configuring the IKEv2 PRF parameter\n[Bug Fixes] Corrected an issue that could result in the firmware-default scripts used for managing cellular connectivity to function improperly.\n[Bug Fixes] Resolved an issue that could prevent the channel utilization graph from displaying properly on Z3(C) platforms.\n[Bug Fixes] Fixed an issue that could result in extra router solicitation messages being generated\n[Bug Fixes] Resolved an MX 15 regression that resulted in IPv6 traffic being dropped while the MX was configured in passthrough mode.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to MX 15 regressions, the MX may not be able to form non-Meraki site-to-site VPN connections to peers behind a NAT\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions\n[Known Issues] Due to an MX 15.21 regression, MX67C and MX68CW units may not be able to establish a cellular connection. \n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to successfully upgrade to this firmware release.\n[Known Issues] Due to an MX 15.15 regression, MX65(W) appliances may be unable to properly route some traffic if 1) one or more of ports 3-7 are configured as an access port AND 2) one or more of ports 8-12 are configured as an access port.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nRemoved mechanisms for MX appliances to download scripts for managing cellular connectivity from Dashboard. These lists will now be exclusively updated and managed through firmware updates.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-07-24T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1572314703,"updatedAt":1619126044},{"id":"1920","name":"MX 15.24","major":15,"minor":24,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug fixes] Resolved an MX 15.21 regression that resulted in the ConnectedIO EM1000T-CAT1 modem being unable to connect successfully.\n[Bug fixes] Resolved several rare issues that could result in device reboots.\n[Bug fixes] Fixed an issue that could result in the VPN status page reporting an incorrect connection status for non-Meraki site-to-site VPN peers that had a remote ID configured.\n[Bug fixes] Resolved an issue that resulted in Z3(C) appliances being unable to successfully form non-Meraki site-to-site VPN tunnels when AES192 encryption and SHA256 authentication were used together in the phase 2 parameters.\n[Bug fixes] Corrected an issue that caused brand new MX67(C,W) and MX68(W,CW) appliances upgrading to MX14.45 or MX 14.46 becoming inoperable. This issue was not shown to affect MX 15 versions, but all fixes developed based on our investigation into this issue are included in this firmware version.\n[Bug fixes] Fixed an issue that may have resulted in SSIDs to stop broadcasting on Z3(C) appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Due to issues still under investigation, MX84, MX100, MX400, and MX600 appliances may not be able to establish OSPF or BGP sessions\n[Known Issues] Devices connected to ports 3-7 may have issues communicating with devices connected to ports 8-12 on MX68(W,CW) appliances.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2020-11-06T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1580187819,"updatedAt":1619126085},{"id":"1665","name":"MX 15.3","major":15,"minor":3,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New Features] Added firmware support for NO-NAT, a new feature where the MX behaves like a L3 device, but does not do NATing on the uplink. This is available for closed beta testing only; it will not be a part of the MX 15 release and it is currently not being actively supported.\n[New Features] Added firmware support for VPN exclusions, a new feature that allows the configuration of L3 rules for routing traffic to the local Internet uplink instead of toward the hub MX in the case where default points to the hub MX. This is available for closed beta testing only; it will not be a part of the MX 15 release and it is currently not being actively supported.\n[New Features] Added support in AMP for inspecting the contents of ZIP archive files \n[Bug Fixes] Fixed an issue where an MX in passthrough mode used a sender IP address of 1.1.1.1 in ARP requests \n[Bug Fixes] Resolved a condition that could cause MX400 and MX600 devices to reboot \n[Bug Fixes] Resolved an issue where an MX450 was not forwarding DHCP or ARP packets sourced from a Teleworker SSID \n[Bug Fixes] Fixed an issue related to OSPF where routes from spokes were not being broadcasted on the hub for up to 8 minutes after the configs were pushed to the hub \n[Bug Fixes] Fixed a problem with parsing BGP learned routes with subnets smaller than a /10 (e.g. 10.0.0.0/8 does not work whereas 10.4.3.0/24 does)\n[Bug Fixes] Modified the DHCP Failover feature to resolve an issue where an MX would fall back to a DHCP IP address when connected to some modems that could not hold two entries for the same mac address\n[Bug Fixes] Resolved a rare case where two MXs in HA would be in dual master state even when receiving VRRPs packets\n[Bug Fixes] Corrected an issue where the LAN4 port on an MX64 or MX64W platform could be disabled from the local status page while it was configured to operate as a secondary WAN port.\n[Known Issues] A regression introduced in MX 13.5 could result in a routing loop for subnet(s) advertised by multiple one-armed VPN concentrators within the Auto VPN topology, when Auto VPN tunnels between the concentrators are formed.\n[Known Issues] In extended operation, the MX250 and MX450 may encounter an issue resulting in no VPN traffic being processed correctly until a system reboot is performed. This is resolved in MX 14.19.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2018-08-13T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1511037786,"updatedAt":1619125421},{"id":"1805","name":"MX 15.11","major":15,"minor":11,"patch":0,"changelog":"[Important Notice] If VMX appliances are upgraded to this version, they will be unable to update to another firmware version.\n[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[New Features] Added the ability to download diagnostic information from the local status page for the Meraki Support team to examine\n[New Features] Added support for the MX67(C,W), MX68(W,CW), and Z3C platforms on MX 15\n[New Features] Added support for reporting of flows blocked by layer 7 firewall rules to syslog\n[New Features] Added firmware support for whitelisting domain from being redirected to Umbrella\n[Bug Fixes] Corrected an issue where malicious file downloads were not blocked by AMP when an MX was configured in passthrough mode with HTTP content caching enabled.\n[Bug Fixes] Resolved an issue that could cause the uplink decisions in the VPN status page not to be reported\n[Bug Fixes] Fixed an issue that resulted in clients being able to access the local status page when: 1) HTTP Content Caching is enabled, 2) the local status page has been disabled, and 3) clients issue a web request to the WAN IP address of the MX\n[Bug Fixes] Fixed an issue that resulted in MX devices without integrated wireless rebooting when the regulatory domain was changed in a combined network\n[Bug Fixes] Resolved an issue on the Z3 platform that resulted in VLAN tags being processed incorrectly. This could result in packets containing a VLAN tag being improperly dropped by the Z3.\n[Bug Fixes] Corrected an issue that resulted in inbound connections not being allowed when a VPN subnet translation rule was configured for a /32 route.\n[Bug Fixes] Fixed an issue that could cause an uplink connected via PPPoE to enter an invalid state. This was most likely to occur when the WAN interface was frequently transitioning between an up and down state. This could result in a lack of connectivity from the affected uplink(s). \n[Bug Fixes] Resolved an MX 15.10 regression that resulted in IPv6 DNS traffic being dropped by the MX when the MX was configured in passthrough mode.\n[Bug Fixes] Fixed a rare MX 15.10 regression that could result in some AutoVPN routes not being advertised to an EBGP peer.\n[Bug Fixes] Resolved an issue that resulted in layer 3 firewall rules not being applied to client VPN traffic when an MX was configured in passthrough mode\n[Bug Fixes] Fixed an issue that resulted in the Z3 and Z3C not returning the expected SNMP outputs\n[Bug Fixes] Fixed several issues that could result in a network loop forming when MX84 appliances were configured in HA\n[Bug Fixes] Corrected an issue that resulted in only 6 source-based default routes being configurable as opposed to the intended 8\n[Bug Fixes] Fixed an MX 14.7 regression that could cause a small network outage when MX64(W) devices were configured in HA and the spare device was rebooted.\n[Bug Fixes] Resolved an issue that resulted in the spare MX appliance not forwarding traffic to the primary MX, when MX250 or MX450 appliances were configured in HA and the spare was in the Passive; ready state.\n[Bug Fixes] Corrected an issue where clients connected to Z3 appliances would not successfully authenticate after a Z3 reboot when the clients were connected to ports with access policies configured\n[Bug Fixes] Resolved an issue that resulted in syslog messages being generated for flows that had logging set to disabled when the MX was configured in passthrough mode\n[Bug Fixes] Fixed an MX 15.4 regression that resulted in the management port not providing client access on MX84 appliances\n[Bug Fixes] Corrected an MX 15 regression that resulted in being unable to ping the WAN 2 virtual IP address for NAT mode MX devices configured in HA\n[Bug Fixes] Resolved an issue that could result in broadcast packets always being sent out all ports on MX64(W) and MX65(W) appliances\n[Bug Fixes] Fixed an MX 15.9 regression that could cause VMX appliances to reboot\n[Bug Fixes] Resolved an issue that resulted in Ethernet port carrier changes not being logged to the Event Log on some platforms\n[Bug Fixes] Corrected an issue that resulted in content filtering failing to block HTTPS websites the first time they were accessed\n[Security Fixes] CVE-2017-0379\n[Security Fixes] CVE-2017-12588\n[Security Fixes] CVE-2017-7526\n[Security Fixes] CVE-2017-9526\n[Security Fixes] CVE-2018-1092\n[Security Fixes] CVE-2018-1093\n[Security Fixes] CVE-2018-6412\n[Security Fixes] CVE-2018-6829\n[Security Fixes] CVE-2018-10853\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] In conditions still under investigation, group policy assignment via Active Directory group mappings is not performed correctly for MX67(C,W) and MX68(W,CW) units.\nWorld-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] In conditions still under investigation, content filtering may not consistently block HTTPS websites\n[Known Issues] In conditions still under investigation, BGP and OSPF will fail to initialize if the MX is configured to operate in VPN concentrator mode and no subnets are defined for the local networks configuration\n[Known Issues] During a brief window of time after upgrading to this firmware version, if Z3 appliances experience a WAN connectivity disruption, the device may become permanently inoperable. This affects devices upgrading from version versions below MX 14.30 and MX 15.7.\n[Known Issues] Due to issues still under investigation, MX67(C,W) and MX68(W,CW) appliances may become inoperable after a device reboot occurs\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nAdded a decision field to the IDS/IPS syslog output\nImproved the reliability of packet blocking performed by IDS/IPS\nRemoved a behavior where the MX would reboot after 4 consecutive hours without working uplink connectivity\nImproved the filename reporting of the AMP service\nAdditional update to how quickly MX appliances will initialize connections to USB730L modems","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2019-08-19T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1542776175,"updatedAt":1619125885},{"id":"1833","name":"MX 15.12","major":15,"minor":12,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that resulted in BGP and OSPF failing to initialize when an MX was configured to operate in VPN concentrator mode and no subnets were defined for the local networks configuration\n[Bug Fixes] Corrected an MX 15.11 regression that could result in content filtering failing to properly parse URLs. This could result in web traffic being improperly allowed.\n[Bug Fixes] Fixed an MX 15.11 regression that resulted in the VPN status page always reporting that the MX was partially connected to the VPN registries. \n[Bug Fixes] Fixed an MX 15.11 regression that could result in the VPN status page not properly displaying the VPN registry IP addresses.\n[Bug Fixes] Fixed an issue that could result in TCP packet being processed out of order on MX67(C,W) and MX68(W,CW) platforms. This could result in inconsistent latency performance\n[Bug Fixes] Fixed an issue that could result in MX65(W) appliances not properly forwarding BPDU messages during boot up, when configured in HA. This could have resulted in an incorrect downstream spanning tree topology.\n[Bug Fixes]Corrected an issue that resulted in traffic loss if 1) An MX was configured to operate as a VPN hub, 2) active-active VPN was disabled, and 3) an AutoVPN configuration change was made (such as adding a new VPN spoke). The impact of this issue is greater if the hub has a higher number of configured AutoVPN peers.\n[Bug Fixes] Resolved an additional case that could result in a network loop forming when MX84 appliances were configured in HA.\n[Bug Fixes] Corrected a rare issue that could result in a device reboot when client VPN was enabled.\n[Bug Fixes] Resolved several issues that could result in Z3 appliances becoming permanently inoperable if a WAN connectivity disruption occurred during a small window of time during firmware upgrades. These issues affected devices upgrading from version versions below MX 14.30 and MX 15.7.\n[Bug Fixes] Fixed an MX 15 regression that resulted in some AutoVPN routes not being advertised to EBGP peers.\n[Bug Fixes] Resolved a rare issue that could result in OSPF routes to stop being advertised by an MX concentrator when 1) The VPN concentrators were configured in HA, 2) the spare MX in the HA pair was acting as the master, and 3) AutoVPN configuration changes (such as adding or removing a spoke) were made.\n[Bug Fixes] Corrected an issue that could result in some USB cellular modems not being able to initialize properly.\n[Bug Fixes] Resolved an issue that resulted in invalid Snort rulesets being maintained on the device storage indefinitely. This could interfere with MX devices being able to download updated Snort rulesets.\n[Bug Fixes] Corrected an issue that could result in OSPF LSA ID collisions. That was most likely to occur on MXs with many OSPF routes and could result in some routes being temporarily inaccessible. \n[Bug Fixes] Fixed an issue that resulted in communications to the MI cloud not always being routed out the WAN interface. This could occur if there were configured routes on the MX that overlapped with the IP information used by the MI cloud.\n[Bug Fixes] Fixed a 15.11 regression that resulted in VMX devices being unable to upgrade to other firmware versions.\n[Bug Fixes] Resolved a race condition that could result in cellular connectivity not being established. This bug was primarily observed on MX67C and MX68CW devices, but may also have impacted some USB modems in rare cases.\n[Bug Fixes] Corrected an issue that resulted in being unable to pull cellular signal statistics for Z3C devices.\n[Bug Fixes] Corrected a rare issue that could result in a device reboot when client VPN was enabled.\n[Bug Fixes] Resolved a rare issue that could result in a device reboot when DHCP was enabled.\n[Security Fixes] CVE-2015-9261\n[Security Fixes] CVE-2017-16544\n[Security Fixes] CVE-2016-10396\n[Security Fixes] CVE-2015-4047\n[Security Fixes] CVE-2017-8779\n[Security Fixes] CVE-2016-7798\n[Security Fixes] CVE-2013-0169\n[Security Fixes] CVE-2016-7055\n[Security Fixes] CVE-2009-0590\n[Security Fixes] CVE-2018-1000024\n[Security Fixes] CVE-2018-1000027\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] In conditions still under investigation, group policy assignment via Active Directory group mappings is not performed correctly for MX67(C,W) and MX68(W,CW) units.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] When MX67(C,W) and MX68(W,CW) units are deployed in warm spare / high availability (HA), rebooting the spare appliance may cause a disruption of client connectivity for 10 or more seconds.\n[Known Issues] After making some configuration changes on MX67(C,W) and MX68(W,CW) appliances, a period of packet loss may occur for 10 or more seconds.\n[Known Issues] For a brief period of time upon boot, MX67(C,W) and MX68(W,CW) platforms can become bridged. This increases the likelihood of network loops forming in topologies with multiple inter-connected network devices for this brief period of time.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] In conditions still under investigation, the MX67(C,W) and MX68(W,CW) appliances may incorrect report some parameters in the IDS/IPS syslog export\n[Known Issues] Due to an MX 15 regression, non-Meraki site-to-site VPN and client VPN tunnels will not form properly when the MX appliance is using a backup cellular connection.\n[Known Issues] Due to an MX 15 regression, the lifetime of non-Meraki site-to-site VPN and client VPN connections will always be 60 minutes (3600 seconds).\n[Known Issues] Due to issues still under investigation, MX67(C,W) and MX68(W,CW) appliances may become inoperable after a device reboot occurs\n[Known Issues] Due to issues still under investigation, there are significant performance regressions.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\nUpdated the AMP service to more gracefully handle cases where there are many out-of-order packets. This will result in fewer instances of file downloads failing when AMP is enabled.\nWhen Umbrella is configured, DNS communication between the MX and Umbrella will now be encrypted by default","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2019-12-16T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1552354538,"updatedAt":1619125896},{"id":"1997","name":"MX 15.30","major":15,"minor":30,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved an issue that could result in the client VPN process entering a hung state and consuming excess CPU cycles when many client VPN connections were concurrently active\n[Bug Fixes] Fixed a case that resulted in the client VPN process crashing when more than 505 concurrent client VPN connections were established.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-02-13T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1589406463,"updatedAt":1619126157},{"id":"2012","name":"MX 15.32","major":15,"minor":32,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Corrected a rare issue that could result in a device reboot when content filtering was enabled. \n[Bug Fixes] Resolved several errors that were never demonstrated to cause issues in production MX appliances, but their resolution helps assure general product stability, consistency, and quality.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-03-06T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1591666269,"updatedAt":1619126189},{"id":"2056","name":"MX 15.33","major":15,"minor":33,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Fixed several issues that could result in MX and Z appliances being unable to successfully fetch a configuration from the Meraki Dashboard without Meraki Support’s intervention.\n[Bug Fixes] Fixed an issue that resulted in devices connected through a client VPN connection to an MX operating as a VPN concentrator being unable to communicate with other client VPN clients.\n[Bug Fixes] Corrected several issues that resulted in the behavior of MX appliances not following RFC 2131 when performing DHCP release or DHCP renew operations for the IP addresses of WAN interfaces.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-04-03T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1593736306,"updatedAt":1619126198},{"id":"2088","name":"MX 15.36","major":15,"minor":36,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.53.\n[Bug Fixes] Fixed a rare issue that could result in MX appliances not providing DHCP leases after multiple, quick HA failover events (aka \"flapping\") had occurred.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] MI Web App Health is currently not supported, and will report no data, until backend upgrades occur. Once backend update is done, MI Web App Health functionality will resume automatically with no further firmware upgrade needed.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-06-19T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1600307188,"updatedAt":1616174626},{"id":"2134","name":"MX 16.3","major":16,"minor":3,"patch":0,"changelog":"[Important Notice] This is an alpha version for the MX 16 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 15 or MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.55.\n[New Features] Added firmware support for SD-Internet functionality\n[Bug Fixes] Fixed an MX 16.2 regression that prevented accessing the local status page when an active uplink was not present.\n[Bug Fixes] Resolved an issue that resulted in client certificate authentication failing while using the same trusted CA file for AnyConnect client VPN connections.\n[Bug Fixes] Updated the AnyConnect service. \n[Bug Fixes] Stability improvements for MX250 and MX450 appliances\n[Bug Fixes] Stability improvements for Z3(C) appliances.\n[Bug Fixes] Stability improvements for MX67(C,W), and MX68(W,CW) appliances\n[Bug Fixes] Corrected an issue that resulted in BGP path prepending failing when the ASN was larger than 2,147,483,647.\n[Bug Fixes] Improved the expiration of cached URLs used for content filtering. \n[Bug Fixes] Resolved an issue that resulted in inter-VLAN source NAT only performing translation for the first two packets of a flow. \n[Bug Fixes] Corrected an issue that could result in VPN flows being incorrectly reported as active when 1) A previous AutoVPN connection was established, 2) the AutoVPN peer became offline or disconnected, and 3) the AutoVPN peer was configured to operate in high availability (HA). \n[Bug Fixes] Security improvements\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\nAdded support for configuring dynamic DNS for MX appliances configured in passthrough or VPN concentrator mode.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-03-09T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1612390298,"updatedAt":1619126264},{"id":"2005","name":"MX 15.31","major":15,"minor":31,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Important Notice] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Fixed an issue that may resolve several rare cases that resulted in device reboots on MX67(C,W), and MX68(W,CW) appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-02-27T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1590621104,"updatedAt":1619126170},{"id":"2073","name":"MX 15.34","major":15,"minor":34,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved a rare issue that could result in WMI queries to Active Directory servers being increasingly likely to timeout after 2,147,483,647 events occurred on the Active Directory server. \n[Bug Fixes] Stability improvements for Z3(C), MX250, and MX450 appliances. \n[Bug Fixes] Reverted an MX 15.8 change that caused OSPF interfaces with /30 subnets to be advertised as a “PtP” link. The MX will now advertise these as “Broadcast”, which is consistent with the behavior in all MX 14 versions. \n[Bug Fixes] Resolved an issue that could result in MX appliances providing DHCP leases prior to syncing time correctly. In some cases, this could result in undesired behavior such as a false “DHCP leases exhausted” alert being generated or clients not accepting the initial DHCP offers provided by the MX.\n[Bug Fixes] Fixed an issue that could cause MX appliances to incorrectly send a DHCP NAK rejection to clients attempting to renew their DHCP IP addresses in some cases when the MX was configured to relay those requests to another DHCP server. \n[Bug Fixes] Corrected a rare issue that could result in large file downloads failing while Advanced Malware Protection (AMP) was enabled. \n[Bug Fixes] Fixed an issue that resulted in routes learned via EBGP being incorrectly re-advertised to non-Meraki VPN peers.\n[Bug Fixes] Resolved an issue that could result in MX appliances sending EBGP route update messages with the Next Hop attribute incorrectly set to 192.0.2.1. \n[Bug Fixes] Overall stability improvements.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] MI Web App Health is currently not supported, and will report no data, until backend upgrades occur. Once backend update is done, MI Web App Health functionality will resume automatically with no further firmware upgrade needed.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-05-08T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1597112565,"updatedAt":1616174626},{"id":"2084","name":"MX 15.35","major":15,"minor":35,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] Resolved a rare issue that could result in IBGP sessions failing to be maintained after a configuration update adding additional site-to-site VPN peers was made.\n[Bug Fixes] Corrected an MX15.11 regression that resulted in MX appliances configured as AutoVPN spokes to not advertise translated VPN subnets via IBGP.\n[Bug Fixes] Stability improvements for MX67(C,W) and MX68(W,CW) appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] MX250 and MX450 appliances will not apply the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs are also enabled on the LAN for other downstream clients and traffic.\n[Known Issues] MI Web App Health is currently not supported, and will report no data, until backend upgrades occur. Once backend update is done, MI Web App Health functionality will resume automatically with no further firmware upgrade needed.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-05-29T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1598922103,"updatedAt":1616174626},{"id":"1648","name":"MX 15.1","major":15,"minor":1,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 15 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 or MX 13 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.42.\n[Bug Fixes] BGP-learned routes will no longer be exported via OSPF \nIf an MX learns routes for a subnet from both BGP and Dashboard, the Dashboard route will now take priority\n[Known Issues] A regression introduced in MX 13.5 could result in a routing loop for subnet(s) advertised by multiple one-armed VPN concentrators within the Auto VPN topology, when Auto VPN tunnels between the concentrators are formed.\n[Known Issues] In extended operation, the MX250 and MX450 may encounter an issue resulting in no VPN traffic being processed correctly until a system reboot is performed. This is resolved in MX 14.19.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2018-07-02T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1507052652,"updatedAt":1619125397},{"id":"2093","name":"MX 15.37","major":15,"minor":37,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.53.\n[Bug Fixes] Resolved an issue that resulted in MX250 and MX450 appliances not applying the configured VLAN ID to traffic transmitted on their WAN interfaces if VLANs were also enabled on the LAN for other downstream clients and traffic.\n[Bug Fixes] Corrected an issue that caused Dashboard to incorrectly display the status of a static route that's conditional on the next hop being reachable when its next hop had been changed from an unreachable next hop to a reachable next hop. \n[Bug Fixes] Fixed an MX 15.34 regression that resulted in MI data not being populated in Dashboard correctly. \n[Bug Fixes] Stability improvements for MX67(C,W) and MX68(W,CW) appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-10T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1601934313,"updatedAt":1616174626},{"id":"2145","name":"MX 16.4","major":16,"minor":4,"patch":0,"changelog":"[Important Notice] This is an early-stage beta version for the MX 16 release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 15 or MX 14 releases will provide a more stable upgrade alternative.\n[Important Notice] Due to a regression currently under investigation, MX appliances may be unable to establish cellular connectivity on both integrated cellular modems and external USB modems. We recommend that customers that rely on cellular connectivity in their deployments wait until a later MX 16 release to upgrade.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.55.\n[MX 16 New Feature Highlights] Added support for Cisco AnyConnect client VPN on Z3(C), MX67(C,W), MX68(W,CW), MX84, MX100, MX400, MX600, MX250, MX450, and vMX appliances.\n[MX 16 New Feature Highlights] Added Network-Based Application Recognition (NBAR) integration.\n[Bug Fixes] Stability improvements for MX67(C,W) and MX68(W,CW) platforms\n[Bug Fixes] Corrected an issue that resulted in MX appliances incorrectly using their WAN interface MAC address when 1) the MX appliances are configured in high availability, 2) the MX appliances are configured as one-armed VPN concentrators, and 3) traffic was being sourced from the shared virtual IP. MX appliances will now properly use the virtual MAC address in these cases.\n[Bug Fixes] Fixed an issue that could cause IDS/IPS rule lists to not update.\n[Bug Fixes] Updated the AnyConnect VPN service\n[Bug Fixes] Corrected an issue that could cause the IDS/IPS process from not restarting properly after a configuration update.\n[Bug Fixes] Resolved an issue where DNS responses directing clients to a content filtering blocked page were improperly forwarded to the WAN network when an MX was configured as a passthrough appliance or one-armed VPN concentrator.\n[Bug Fixes] Mitigated an issue that resulted in traffic flows being incorrectly mapped to a secondary WAN interface during the bootup process of MX appliances. \n[Bug Fixes] Fixed an issue that resulted in traffic from client devices connected through an AnyConnect client VPN connection to MX appliances configured as one-armed VPN concentrators not being processed correctly.\n[Bug Fixes] Resolved an issue when 1) Client VPN is enabled and 2) an MX appliance is configured in one-armed VPN concentrator mode, the MX appliance may be unable to establish connection to the Meraki Dashboard after a reboot.\n[Bug Fixes] Security and stability improvements\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Significant performance regressions for VPN traffic may be observed on MX84 and MX100 appliances\n[Known Issues] Group policies do not correctly apply to client devices\n[Known Issues] Z3(C) appliances that are upgraded to MX 16 versions cannot directly downgrade to MX 14 releases. They must first downgrade to an MX 15 release.\n[Known Issues] MX IDS security alerts are not detected for Anyconnect VPN traffic\n[Known Issues] BGP-learned routes may not be properly reflected in the Route Table page on the Meraki Dashboard, despite BGP and packet routing operating correctly.\n[Known Issues] There is an increased risk of encountering device stability issues on all platforms and across all configurations.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2022-01-08T08:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1615330271,"updatedAt":1619119809},{"id":"2110","name":"MX 15.40","major":15,"minor":40,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.53.\n[Bug Fixes] Resolved an MX 15.34 regression that resulted in being unable to connect multiple windows client devices to the client VPN from the same public IP. \n[Bug Fixes] Corrected an issue that could result in MX appliances sourcing AutoVPN control traffic to remote VPN peers from its previous IP address, after the uplink IP address was changed.\n[Bug Fixes] Fixed a race condition that could occur on device bootup which resulted in flows being mapped out WAN interfaces without honoring configured uplink preferences.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Source-based default routes will not function correctly when IP source address spoofing protection is configured to “block”.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-08-07T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1604531362,"updatedAt":1616174626},{"id":"2106","name":"MX 15.39","major":15,"minor":39,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.53.\n[Bug Fixes] Resolved a rare case that could result in a device reboot when BGP was enabled and many AutoVPN / IBGP peers were configured. \n[Bug Fixes] Corrected an additional issue that could result in MX and Z appliances being unable to successfully fetch a configuration from the Meraki Dashboard without Meraki Support’s intervention.\n[Bug Fixes] Fixed an MX 15.34 regression that could result in Z3(C) appliances inappropriately dropping broadcast frames when 1) VLANs were enabled, 2) the port receiving the broadcast frame was configured as a trunk type port, and 3) when the broadcast frame was received on an allowed VLAN other than the native VLAN. \n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Source-based default routes will not function correctly when IP source address spoofing protection is configured to “block”.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-24T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1603763103,"updatedAt":1616174626},{"id":"2097","name":"MX 15.38","major":15,"minor":38,"patch":0,"changelog":"[Important Notice] This is a beta version for the next major MX release. Due to this, we recommend taking additional caution before upgrading production appliances. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.53.\n[Bug Fixes] Stability improvements on MX84, MX100, MX400, MX250, MX600 and MX450 appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] As a new major version evolving through beta, there are a number of new, uncommon issues that may result in device reboot that we are continuing to investigate and work through. In particular, the Z3(C), MX84, MX100, MX400, MX600, MX250, and MX450 appliances have unresolved issues that we are tracking closely and continuing to investigate and drive towards resolution.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-07-17T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1602549887,"updatedAt":1616174626},{"id":"2123","name":"MX 15.41","major":15,"minor":41,"patch":0,"changelog":"[Important Notice] This is a late-stage beta version for the next major MX release. While we believe this release is able to provide a quality experience in most circumstances, we recommend taking additional caution before upgrading critical systems. Where applicable, MX 14 releases will provide a more stable upgrade alternative.\n[Legacy Products Notice] When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.53.\n[Bug Fixes] Resolved a case where MX appliances would not source DHCP messages from the shared virtual MAC address when configured in High Availability (HA).\n[Bug Fixes] Corrected an issue that resulted in BGP path prepending failing when the ASN was larger than 2,147,483,647.\n[Bug Fixes] Resolved an issue that caused source-based default routes to not function correctly when IP source address spoofing protection was configured to “block”. \n[Bug Fixes] Fixed an MX 15.40 regression that prevented accessing the local status page when an active uplink was not present. \n[Bug Fixes] Stability improvements for Z3, MX250, and MX450 appliances.\n[Known Issues] After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions.\n[Known Issues] Some stability-impacting issues present in MX 14.19 that affect a small population of MX250 and MX450 devices still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of MX67(C,W) and MX68(W,CW) appliances still exist.\n[Known Issues] Some stability-impacting issues present in MX 14 that affect a small population of Z3(C) appliances still exist.\n[Known Issues] Please note that until certification has been obtained, the Z3C will not be supported on Verizon's network.\n[Known Issues] World-wide device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed in North America and North America device SKUs of the MX67C, MX68CW, and Z3C units cannot be deployed outside of North America.\n[Known Issues] When deployed in warm spare / high availability (HA), MX67C and MX68CW do not support using their cellular connectivity to pass client traffic. In this deployment, the cellular connectivity can only be used for device monitoring or network troubleshooting. This is an expected limitation for these platforms.\n[Known Issues] MX67C, MX68CW, and Z3C units must be connected to the Meraki Dashboard initially to retrieve an update to allow for proper use of the integrated cellular connectivity. This is most likely to be an issue when bringing the units online for the very first time.\n[Known Issues] On the MX67(C,W) and MX68(W,CW) platforms, when the MX is providing PoE to a connected device, this information will not be reflected on the Meraki Dashboard.\n[Known Issues] Once a Z3 has been updated to this firmware version it can only run MX 14.31 or MX15.8 and higher. This is an expected result of updates to the device booting mechanisms and this limitation will not be resolved in future releases.\n[Known Issues] The DES encryption algorithm is no longer supported for use in formation of VPN tunnels.\n[Known Issues] Creating VPN tunnels using aggressive mode IKE is no longer supported.\n[Known Issues] Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems.\n[Known Issues] Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page.\n[Known Issues] Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.\n[Known Issues] Due to issues still under investigation, Z3(C) appliances are more likely to experience a device reboot when the wireless functionality is being utilized.","networkType":"wired","isBeta":true,"lasikImpacted":false,"endOfSupportDate":"2021-09-18T07:00:00Z","supportsRolling":false,"isLatestPatch":false,"isLatestStable":false,"isReleaseCandidate":false,"isLatestBeta":false,"isAvailableUpgradeVersion":false,"createdAt":1608581749,"updatedAt":1616174626}];
var upgradeStatusHists = [];
var irreversibles = {"camera":[[2,1]],"switch":[[8,10]],"wired":[[9,0]],"wireless":[[23,0]]};
var upgradeBarriers = {"switch":[{"upperBoundVersion":{"major":10,"minor":99},"lowerBoundVersion":{"major":10,"minor":35}}]};
var has_flexible_firmware = false;
var has_progress_bar = false;
window.initializeOrgFirmwareUpgradesUi("OrgFirmwareUpgradesUi", {
batches: batches,
users: users,
upgrades: upgrades,
upgradeBarriers: upgradeBarriers,
nodeGroups: nodeGroups,
versions: versions,
upgradeStatusHists: upgradeStatusHists,
irreversibles: irreversibles
}, has_flexible_firmware, has_progress_bar);
})();
window.performance && window.performance.mark && window.performance.mark("page-js-inline-js-done");
//]]>
</script>
<script type="text/javascript">
try {
window.performance && window.performance.mark && window.performance.mark("page-js-end");
if (window.performance && window.performance.measure) {
window.performance.measure("js-load-manage-body", "page-js-start", "page-js-manage-body-done");
window.performance.measure("js-load-end-body", "page-js-end-body-start", "page-js-end-body-done");
window.performance.measure("js-load-end-body-js", "page-js-end-body-js-start", "page-js-end-body-js-done");
window.performance.measure("js-load-layout-initjs", "page-js-end-body-js-done", "page-js-layout-init-done");
window.performance.measure("js-load-inline-js", "page-js-layout-init-done", "page-js-inline-js-done");
}
} catch (e) {
console.error(e);
}
</script>
</body>
</html>
@halmartin
Copy link
Author

underdog refers to Meraki Go products

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment