Hey,
I managed to get management port into its separate VRF and routing-table and it works great (other than lack of SNMPd listening there), but in 7.1 and 7.1.1 I’m encountering an issue that after booting the router - ssh and www services that are bound to management VRF are marked as invalid.
I need to mac-telnet into router, disable ssh and www and enable them again and then it works.
Any idea? Is this already fixed in 7.2.x ?
Cheers, Jan
Same happens in 7.2rc1 
Please, please, please fix this ASAP as this is far from production ready.
Cheers, Jan Žorž
6connect labs
Hi,
Noticed the same issue with 7.1.1 and 7.1.2.
Tried 7.2rc3, same issue. Everytime the router reboots (tested in CHR virtual and hEX S) the service is flaged Invalid.
[admin@MikroTik] > ip service/print
Flags: X, I - INVALID
Columns: NAME, PORT, CERTIFICATE, VRF
# NAME PORT CERTIFICATE VRF
0 X telnet 23 main
1 ftp 21
2 www 80 main
3 I ssh 22 hb9y
4 X www-ssl 443 none main
5 api 8728 main
6 winbox 8291 main
7 api-ssl 8729 none main
Is there any specific thing to do to get it consistently operational ? I just changed the vrf (POC testing right now).
/ip service set ssh vrf=hb9y
Cheers.
Hi!
Have you found any solution to this problem? Winbox service seems to be running fine after reboot but telnet and SSH are both in inactive state after reboot. Only manual disable/enable helped me on this. Running version 7.2.
Cheers
Dennis
Hmm… for now I’ve setup a scheduler job at startup which restarts the desired service(s). Ugly but works for now.
/system scheduler
add name=schedule1 on-event="/ip/service/disable [find name=\"telnet\"]\r\
\n/ip/service/enable [find name=\"telnet\"]\r\
\n" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-time=startup
You can also have a different aproach: Use root vrf as management vrf and move others services on a named vrf
Best Regards,
Diego