RB750Gr3 Crash on file copy over RDP

marko1982m · January 25, 2017, 1:38pm

Hi,

I have configured RB700Gr3 (version 6.38.1) with L2TP/IPSec for road warior. The problems is that the router crash (log: router was rebooted without proper shutdown) when the connection is established with L2TP/IPSec and when I try to copy a file that is larger than 1mb form local computer to the remote computer with RDP. If the connection is established with PPTP there is no such problems. Does anyone have such problem or an idea of what might be? Bellow is my setup. Thanks in advance.

\

jan/25/2017 14:31:22 by RouterOS 6.38.1

software id = PPIK-GN12

/caps-man channel
add band=2ghz-g/n name=channel2.4 width=20
add band=5ghz-a/n/ac extension-channel=Ce name=channel5 width=20
/interface bridge
add name=bridge-Company
add name=bridge-VOIP
add name=bridge-WlanGuest protocol-mode=none
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
set [ find default-name=ether3 ] master-port=ether2-master
set [ find default-name=ether4 ] master-port=ether2-master
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-optima
password=XXX use-peer-dns=yes user=XXX
/ip neighbor discovery
set ether1 discover=no
/interface vlan
add interface=ether5 name=vlan10-VOIP vlan-id=10
add interface=ether1 name=vlan20-WlanGuest vlan-id=20
/caps-man datapath
add bridge=bridge-Company name=WirelessCompany
add bridge=bridge-WlanGuest name=WirelessGuest
/caps-man security
add authentication-types=wpa2-eap encryption=aes-ccm name=WirelessCompany
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm
name=WirelessGuest passphrase=XXXX
/caps-man configuration
add channel=channel5 country=croatia datapath=WirelessCompany distance=
indoors mode=ap name=WirelessCompany5 rates.vht-basic-mcs=""
rates.vht-supported-mcs="" security=WirelessCompany ssid=aWiFi
add channel=channel2.4 country=croatia datapath=WirelessCompany distance=
indoors mode=ap name=WirelessCompany2.4 rates.vht-basic-mcs=""
rates.vht-supported-mcs="" security=WirelessCompany ssid=aWiFi
add channel=channel5 country=croatia datapath=WirelessGuest distance=indoors
mode=ap name=WirelessGuest5 rates.vht-basic-mcs=""
rates.vht-supported-mcs="" security=WirelessGuest ssid=XXX
add channel=channel2.4 country=croatia datapath=WirelessGuest distance=
indoors mode=ap name=WirelessGuest2.4 rates.vht-basic-mcs=""
rates.vht-supported-mcs="" security=WirelessGuest ssid=XXX
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-server
add interface=ether2-master name=defconf
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=vpn ranges=192.168.89.2-192.168.89.255
add name=L2TP ranges=10.10.71.100-10.10.71.150
add name=dhcp-VOIP ranges=10.10.68.100-10.10.68.150
add name=dhcp-WlanGuest ranges=192.168.200.50-192.168.200.254
/ip dhcp-server
add address-pool=dhcp-VOIP disabled=no interface=bridge-VOIP name=VOIP
add address-pool=dhcp-WlanGuest disabled=no interface=bridge-WlanGuest name=
WlanGuest
/ppp profile
add dns-server=10.10.70.21 local-address=10.10.71.1 name=L2TP remote-address=
L2TP
set *FFFFFFFE local-address=192.168.89.1 remote-address=vpn
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=ac master-configuration=
WirelessCompany5 name-format=identity slave-configurations=WirelessGuest5
add action=create-dynamic-enabled master-configuration=WirelessCompany2.4
name-format=identity slave-configurations=WirelessGuest2.4
/interface bridge port
add bridge=bridge-Company interface=ether2-master
add bridge=bridge-VOIP disabled=yes interface=vlan10-VOIP
add bridge=bridge-WlanGuest interface=vlan20-WlanGuest
add bridge=bridge-VOIP interface=ether5
/interface l2tp-server server
set authentication=mschap2 default-profile=L2TP enabled=yes ipsec-secret=
P@ssw0rd use-ipsec=yes
/interface pptp-server server
set enabled=yes
/interface sstp-server server
set default-profile=default-encryption
/ip address
add address=10.10.70.1/24 comment=defconf interface=bridge-Company network=
10.10.70.0
add address=10.10.68.1/24 interface=bridge-VOIP network=10.10.68.0
add address=192.168.200.1/24 interface=bridge-WlanGuest network=192.168.200.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=10.10.68.0/24 dns-server=10.10.70.21 gateway=10.10.68.1
add address=10.10.70.0/24 comment=defconf gateway=10.10.70.1 netmask=24
add address=192.168.200.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.200.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=10.10.70.1 name=router
/ip firewall filter
add action=fasttrack-connection chain=forward comment="defconf: fasttrack"
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related"
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid"
connection-state=invalid
add action=drop chain=forward comment=
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat
connection-state=new in-interface=pppoe-optima
add action=accept chain=input in-interface=!pppoe-optima protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=accept chain=forward comment="Network isolation" dst-address=
10.10.70.21 in-interface=bridge-VOIP
add action=accept chain=forward out-interface=bridge-VOIP src-address=
10.10.70.21
add action=accept chain=input in-interface=bridge-VOIP protocol=icmp
add action=drop chain=forward in-interface=bridge-Company out-interface=
bridge-VOIP
add action=drop chain=forward in-interface=bridge-VOIP out-interface=
!pppoe-optima
add action=drop chain=input in-interface=bridge-VOIP
add action=drop chain=forward in-interface=bridge-WlanGuest out-interface=
!pppoe-optima
add action=drop chain=input in-interface=bridge-WlanGuest
add action=accept chain=input comment="allow l2tp" dst-port=1701 protocol=udp
add action=accept chain=input dst-port=500 protocol=udp
add action=accept chain=input dst-port=4500 protocol=udp
add action=accept chain=input disabled=yes protocol=ipsec-esp
add action=accept chain=input comment="allow pptp" dst-port=1723 protocol=tcp
add action=accept chain=input protocol=gre
add action=accept chain=input comment="allow sstp" disabled=yes dst-port=443
protocol=tcp
add action=drop chain=input in-interface=pppoe-optima
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade"
out-interface=pppoe-optima
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=
10.10.71.100-10.10.71.150
/ppp aaa
set use-radius=yes
/ppp secret
add name=vpn password=XXX profile=L2TP
add name=marko password=XXX profile=default-encryption
/radius
add address=10.10.70.21 secret=
XXX service=
ppp,wireless
/system clock
set time-zone-name=Europe/Zagreb
/system identity
set name=port01
/system routerboard settings

Warning: memory not running at default frequency

set memory-frequency=1200DDR
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2-master
add interface=bridge-Company
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2-master
add interface=bridge-Company

andriys · January 25, 2017, 2:27pm

The usual advice in such cases is to send supout to support@. Have you done that already?

marko1982m · January 25, 2017, 2:32pm

No, I have not sent to the support. Thanks for the advice.

tomaz_borstnar · January 26, 2017, 9:07am

This part is interesting:

Warning: memory not running at default frequency

I tried to set this to other values and I always got the same warning.

I am also on 6.38.1.

Poslano z mojega Nexus 5 z uporabo Tapatalk