Also updating ciphers available for MT SSTP server would be a good idea, because the only ones offered now are TLS_RSA_WITH_RC4_128_SHA and TLS_RSA_WITH_AES_256_CBC_SHAPlease add sstp - authentication process using EC digital signature
I'm wondering about the same thing. Could supporting only old and obsolete cipher suites for SSTP be considered as a bug? Probably not :(Any idea if Mikrotik will add support of TLS v1.3 to the SSTP server/client?!
It was an accident :) I wanted to move another column - so just a random find.I confirm, but I'm curious why you want move that column, just for find a bug?
It works for me on 7.3.1 without any issue.Hey is SSTP broken in version OS V7 ? As it works perfect in version 6 but not in version 7 Certs chain to root problem
*) bridge - added more details for loop detection warning;
*) bridge - fixed TCP, UDP port parsing for loop detect warning;
no, I have just EoIP now, but I tried both protocols (separately) and both failed with the same error.You have both IPIP and EoIP tunnels?
Then it will be very important to fully understand the matter and to configure things really carefully.
Same hereRB2011 upgraded without problems, no issues so far.
Updated RB2011 the same way - this did not happen in my case (RouterOS versions are reported correctly)I just installed over automatic download and this happen. its a simple error maybe :=)Maybe 6.43.1 was retracted or not available for automatic download yet/now.
Yeah... your avatar is pretty self-explaining.FYI, my nick name is based on a well known product from Czech Republic
Yes, the problem still persist since last version, same behavior as described here: viewtopic.php?f=21&t=134940&start=50#p665710)Does reconnection to router after recent disconnection work? It seems that it doesn't work in 3.14 for me reliably.
Isn't this address just written in reverse order? Also the following NAT rule is disabled.Code: Select all... add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=0.89.168.192-255.89.168.192
How this feature actually works?*) vrrp - fix arp=reply-only;
*) vrrp - do not warn about version mismatch if VRID does not match;
*) vrrp - allow VRRP to work behind firewall and NAT rules;