Simplified Operations
PSK Portal BYOD – Regenerate PSK
For PSK Portal a BYOD user can now regenerate the PSK after successful authentication with SSO.
Previously if a user logged back into the PSK portal, they would see their existing passphrase. Now they have an option to generate a new passphrase. When a new passphrase is generated, the old passphrase remains valid for 24 hours to give time for the user to transition their devices to the new passphrase.
To learn more about BYOD PSK Portals, please visit this page: https://www.mist.com/documentation/client-onboarding-psk-portals/
Audit Logs – Import PSK
Now, audits logs will be generated whenever a user creates PSKs using the “Import“ option.
Navigate to Organization > Audit Logs to view your full list of Audit logs
Auto-Provisioning Enhancements
Auto Provisioning UI will now restrict from choosing both rule Ignore last n and Select first n characters simultaneously.
Please visit this page to learn more about Auto-Provisioning: https://www.mist.com/documentation/auto-provisioning/
AP Hostname to Allow “.”
The AP Hostname will be updated to retain any “.” characters in its name. Previously the “.” character gets stripped from the AP Name when converted to the Hostname for things such as LLDP system name, DHCP option 12, and AP name in beacon.
Wired Assurance
Campus Fabric support for Junos EVO platforms – QFX5130 and QFX5700
Customers will now be able to form CRB & ERB with Juniper EVO platforms QFX5130 and QFX5700 on the Mist dashboard
WAN Assurance
DHCP Vendor Options (SSR Only)
Users can now configure DHCP vendor options from the Mist UI. DHCP options are additional settings that a DHCP server passes to DHCP clients. When a DHCP client requests an IP address from a DHCP server, the server sends the client at least an IP address and a subnet mask value. Additional information can be sent to clients if you configure various DHCP options.
Overlay Steering Path Preference (Spoke) – SSR Only
When configuring policies to go from spoke to hub, the MIST config always did ECMP from multiple spoke interfaces terminating to the same hub interface. This feature will allow more granular control over which paths from spoke to hub can be used for various policies
Q-in-Q Configuration (API Only) – SSR Only
Users can now use Q-in-Q configuration on WAN interface from Mist dashboard. SD-WAN operators often use WAN link service providers which deliver links using 802.1Q (dot1Q, Q-in-Q) for connecting through the provider network. This requires a WAN edge device to be configured to use the appropriate outer VLAN and ethertype to connect with the link.
SVR Waypoint Port Control (API Only)
Secure Vector Routing, the patented technique used by an SSR to send directional, encrypted, tunnel-free traffic to its peers, creates engineered pathways between waypoints – IP addresses assigned to SSR interfaces. On any given SSR, each forwarding interface’s IP address is referred to as a “waypoint.” This represents the source IP address it will use with sending SVR traffic to a peer, or the destination IP address it will use when receiving SVR traffic initiated by a peer. The ports that are used to construct unique tuples are referred to as “waypoint ports”
Users can now configure the SVR port between the range of 60000-60004 on the Hub profile for the spokes to reach the hub.
Behavior Changes
Firmware requirement to view “Bytes”
Starting May 2nd, APs running 0.2.x or 0.3.x firmware will no longer populate “bytes” columns within Insights or Network Analytics pages. APs will need to run 0.4.x firmware or newer for these columns to populate. It is currently (April 2023) suggested to upgrade to the latest 0.10 firmware if you are running 0.2/0.3 firmware. Bytes stats will populate on the AP list and detail pages.
Here is an example of what it looks like when the “bytes” data does not populate.