Community discussions

MikroTik App

Search found 3 matches

by anesthc
Thu Jan 14, 2021 3:57 am
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 265
Views: 45947

Re: v6.48 [stable] is released!

Yet another issue with IKEv2 I'm just facing.
EAP-TLS authentication was working previously but now it fails with
ipsec,error invalid MSK length
in Mikrotik logs.
by anesthc
Tue Dec 29, 2020 12:47 am
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 265
Views: 45947

Re: v6.48 [stable] is released!

Thats odd - I've got pfs set in phase 2 and the IKEv2 tunnel establishes correctly: Yes, they establish correctly. But do they rekey without issue? Have a look at your log... Started SUP-37534. First issue - "IPsec-SA expired before finishing rekey" caused by wrong proposal coming from th...
by anesthc
Sat Dec 26, 2020 2:45 pm
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 265
Views: 45947

Re: v6.48 [stable] is released!

I see the following error in the log (every 30 min): IPsec-SA expired before finishing rekey Haven't seen this issue in the current LTS and the 6.47.x releases. Found this answer in the topic, hope it helps: https://forum.mikrotik.com/viewtopic.php?f=2&t=159536&p=783686&hilit=IPsec+SA+e...