CHR no longer boots after 7.1.2 update in Hetzner cloud. Rolled back to 7.1.1 snapshot which works as well as it used to. Have you removed some disk driver along the way? And why on earth between minor versions and without a notice? Edit: FYI disk-related kernel output from a generic linux box runni...

Still does not boot in Hetzner hosted CHR. 7.1.1 starts OK, but none of the 7.2 rc{1,2,3} are able to mount the boot disk. Probably something to do with the disk driver (scsi-virtio, maybe, dunno) present in 7.1 line missing from 7.2. Couldn't get OSPFv2 with MD5 security to work in the 7.1.1 agains...

I think the problem is in: /ip firewall mangle add action=mark-routing chain=prerouting dst-address-list=org-a-intra new-routing-mark=org-a-intra passthrough=yes You have to put src-address-list=org-a-intra instead of dst-address-list. Try it No, that's not it. Those org-a and org-b are a bit misle...

OK I did some tests and even tried to downgrade to 6.46 and the problem persisted. However, I was able to go through it. The problem was triggered by the routing table entry: /ip route add distance=1 gateway=l2tp-org-a routing-mark=org-a-intra And the actual trigger was that the address 0.0.0.0/0 in...

I don't have a spare router that I could use right now, so I don't dare downgrading to 6.46.8 long-term. If I find one sometime soon, I'll try that.

Oh, and the address "leak". I was using PPP Torch in the server end router. I was amazed to see the IP address of the host I was pinging from, to appear.

I was also able to ping directly from the router via the VPN (at least the router in the other end). But I was not able to ping form other host. Masquerade statistics counter is increased by every connection. I did virtually identical configuration to three separate routers with identical problems. ...

And indeed, if I remove mangle rule and the route, and instead add static route to all destination addresses separately (and without routing mark), it works as expected.

/interface list add name=org-a-ppp /ppp profile add interface-list=org-a-ppp name=org-a-ppp use-encryption=required /interface l2tp-client add allow=chap connect-to=12.34.56.78 disabled=no keepalive-timeout=disabled name=l2tp-org-a profile=org-a-ppp use-ipsec=yes user=l2tp-org-b /ip firewall addres...

I have a following VPN routing problem. I have a sparse list of network ranges that are inside private address space (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) from organisation A and I want to route the traffic to these addresses from organisation B over VPN tunnel. These address ranges get update...

It would be extremely useful in many cases to have a ppp interface dynamically created form the ppp secret (when more than one connection is allowed and/or there is no explicit server binding) to be automatically added to a named interface list when it's created and removed when it's deleted. Basica...

I often miss "copy rule" feature in web management firewall setup. What I'd like to be able to do, is to create a new rule from the existing one so that instead of starting from blank (as in "Add New") I would start with the data of an existing rule. While this might be really us...

I'd like to see a dummy network interface like one available in generic Linux kernel (http://www.tldp.org/LDP/nag/node72.html). If all physical interfaces are DHCP it might simplify things to be able to assign a static addresses to an internal interface to make routing and firewall rules simpler. j...

Hello I love CHR! What a great innovation! I'm a bit worried that there is no option (as far as I can see) to use different password in CHR for license renewals from the actual "main password" that is used when accessing the site itself and purchasing licenses and assigning pre-paid licens...

hi

I'd like to see a dummy network interface like one available in generic Linux kernel (http://www.tldp.org/LDP/nag/node72.html).

If all physical interfaces are DHCP it might simplify things to be able to assign a static addresses to an internal interface to make routing and firewall rules simpler.

493G upgraded via web interface System / Packages from 6.31 to 6.32 went to reboot loop and had to be recovered via netinstall. Now running 6.30.4 and works again.