Can you show your config? I am unable to get windows clients for l2tp ipsec to work… it’s lost somewhere in phase1 or 2
After upgrade to 6.44.1 on RB962 GRE+IPSec stopped working when connected to 6.44 on the other side. After downgrade to 6.44 back on-line.
@Chupaka, see this topic and you know without telepathie 
http://forum.mikrotik.com/t/load-balancing-dont-work/128208/1
Unable to upgrade from v6.43.2 to v6.44.1 on wAP 60G (arm). Log output after reboot shows:
jan/01 18:13:50 system,info installed system-6.44.1
jan/01 18:13:50 system,info installed (disabled) tr069-client-6.44.1
jan/01 18:13:50 system,info installed wireless@-6.44.1
jan/01 18:13:50 system,info installed (disabled) advanced-tools-6.44.1
jan/01 18:13:50 system,info installed (disabled) calea-6.44.1
jan/01 18:13:50 system,info installed (disabled) dhcp-6.44.1
jan/01 18:13:50 system,info installed (disabled) hotspot-6.44.1
jan/01 18:13:50 system,info installed (disabled) ipv6-6.44.1
jan/01 18:13:50 system,info installed (disabled) mpls-6.44.1
jan/01 18:13:50 system,info installed (disabled) multicast-6.44.1
jan/01 18:13:50 system,info installed (disabled) ntp-6.44.1
jan/01 18:13:50 system,info installed (disabled) openflow-6.44.1
jan/01 18:13:50 system,info installed (disabled) ppp-6.44.1
jan/01 18:13:50 system,info installed (disabled) routing-6.44.1
jan/01 18:13:50 system,error can not install security-6.44.1: dhcp-6.44.1 is not installed, but is required
jan/01 18:13:50 system,info router rebooted
Excluding security package allows the remainder of the packages to be installed, but after reboot, security package still cannot be installed separately as a workaround - same error.
Do you really need all those packages? You are likely out of space since the device only has 16MB flash.
Also, in the release notes, security now depends on dhcp. Maybe having DHCP package disabled is causing the problem. You should remove all of those extra packages that you have disabled.
Sent from my Pixel 3 using Tapatalk
Latest release, I was forced to re-enable dhcp package almost everywhere because of many errors errors like those.
3xHAC AC were updated from 6.44 to 6.44.1 no unexpected issues.
Thanks!
For me, windows l2tp ipsec client also stopped working, but I did not update my router (still on 6.44). I think it may be associated with installation of March windows 10 patches; the VPN worked before they installed last week.
MAC telnet broken in 6.44.1, appears to be when router has multiple interfaces.
Problem on all routers we’ve upgraded to 6.44.1 whilst 6.44 worked perfectly.
We’ll need to lab this, to provide more granular detail…
Windows 7 with all updates works fine here with 6.44.1
Are you sure about that? As far as I know on routers like hAP lite RAM is used for storing upgrade files …
As can be seen when we print resources with no update files
[admin@MikroTik] > file print
# NAME TYPE SIZE CREATION-TIME
0 flash disk jan/01/1970 01:00:05
1 flash/skins directory jan/01/1970 01:00:01
2 flash/pub directory jan/02/1970 01:33:40
[admin@MikroTik] > system resource print
uptime: 2d5h45m26s
version: 6.42.12 (long-term)
build-time: Feb/12/2019 08:23:13
factory-software: 6.29.1
free-memory: 41.7MiB
total-memory: 64.0MiB
cpu: MIPS 24Kc V7.4
cpu-count: 1
cpu-frequency: 650MHz
cpu-load: 5%
free-hdd-space: 4688.0KiB
total-hdd-space: 16.0MiB
write-sect-since-reboot: 807
write-sect-total: 95645
bad-blocks: 0%
architecture-name: mipsbe
board-name: hAP ac lite
platform: MikroTik
[admin@MikroTik] > file print
# NAME TYPE SIZE CREATION-TIME
0 flash disk jan/01/1970 01:00:05
1 routeros-mipsbe-6.42.7.npk package 10.3MiB mar/19/2019 14:11:46
2 flash/skins directory jan/01/1970 01:00:01
3 flash/pub directory jan/02/1970 01:33:40
[admin@MikroTik] > system resource print
uptime: 2d5h42m47s
version: 6.42.12 (long-term)
build-time: Feb/12/2019 08:23:13
factory-software: 6.29.1
free-memory: 31.4MiB
total-memory: 64.0MiB
cpu: MIPS 24Kc V7.4
cpu-count: 1
cpu-frequency: 650MHz
cpu-load: 8%
free-hdd-space: 4688.0KiB
total-hdd-space: 16.0MiB
write-sect-since-reboot: 807
write-sect-total: 95645
bad-blocks: 0%
architecture-name: mipsbe
board-name: hAP ac lite
platform: MikroTik
And after we upload upgrade files the only thing that changes is RAM usage, not to mention that there would be no room for 10.3MiB file on free-hdd-space: 4688.0KiB …
6.44.1 does not make it possible to stop MikroTik neighbour discovery announcements.
Winbox shows settings from 6.44 but advertisements are still broadcast and export config contradicts Winbox:
#> /ip neighbor discovery-settings set discover-interface-list=!external
#> /ip neighbor export
/ip neighbor discovery-settings set discover-interface-list=external
Export config does not retain negative expression…
Thats worrying, But I can’t confirm this at home
[xxxxxxxx@rba] > /ip neighbor pr
# INTERFACE ADDRESS MAC-ADDRESS IDENTITY VERSION BOARD
0 eth1 fe80::ce2d:e0ff:fe07:1f5e CC:2D:E0:07:1F:5E rbb 6.44.1 ... RB750Gr3
[xxxxxxxx@rba] > /tool mac-telnet CC:2D:E0:07:1F:5E
Login: xxxxxxxx
Password:
Trying CC:2D:E0:07:1F:5E...
Connected to CC:2D:E0:07:1F:5E
MMM MMM KKK TTTTTTTTTTT KKK
MMMM MMMM KKK TTTTTTTTTTT KKK
MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK
MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK
MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK
MikroTik RouterOS 6.44.1 (c) 1999-2019 http://www.mikrotik.com/
[?] Gives the list of available commands
command [?] Gives help on the command and list of arguments
[Tab] Completes the command/word. If the input is ambiguous,
a second [Tab] gives possible options
/ Move up to base level
.. Move up one level
/command Use command at the base level
[xxxxxxxx@rbb] >
Works fine here also without issues in all routers and interfaces so far.
found it!
probably windows is not properly detecting nat, there is registry to force windows to assume both client and server is behind NAT..
reg add HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f
0 - no nat
1 - server behind nat
2 - both
Yep, but you have hAP AC Lite, not hAP Lite. In hAP Lite, there’s no “flash” dir and only 32M RAM (6M free for me - definitely not enough to keep an upgrade files).
It would be nice when RouterOS had some setting to force UDP encapsulation without NAT-detection too!
The “NAT traversal” checkmark in Profiles is only enabling the autodetection, there could be another setting in Peers that forces it.
(e.g. for networks that do not have NAT but are not transparent for ESP/AH only for TCP and UDP)
I didn’t try MAC telnet but … I have an old RB411 which I use for testing different setups. After upgrading it to 6.44.1 all worked fine. Then it was time to clear all configuration from it to build some test environment from scratch. After reboot - no MAC connectivity at all using Winbox. It wasn’t shown in neighbors at all. Luckily I am old school guy and there is always an serial cable around. That worked and after adding IP to Ethernet port MAC connectivity was up again.
Very strange!
There is a problem with 6.44 and 6.44.1 with Radius servers - on NAS routers after around 24hours, we get radius timeouts, where PPP users are unable to authenticate. The only solution is to reboot the router.
We have seen this problem on both 6.44 and 6.44.1 and have downgraded these routers to 6.43.13.
I do not know if this issue is present or not in the 6.43 releases, as everything we had upgraded had been in the 6.42 strain.
BUT if you have radius authentication for clients, do not upgrade to 6.44.x