Community discussions

 
mkx
Forum Guru
Forum Guru
Posts: 2604
Joined: Thu Mar 03, 2016 10:23 pm

Re: v6.44.5 [long-term] is released!

Sat Jul 13, 2019 12:02 pm

Can't you connect via ssh but using administrative user name?
BR,
Metod
 
sanitycheck
newbie
Posts: 47
Joined: Wed Nov 16, 2011 6:03 am
Location: USA

Re: v6.44.5 [long-term] is released!

Sat Jul 13, 2019 7:32 pm

Can't you connect via ssh but using administrative user name?

Not in the standard configuration I use.

As a security measure the only user on the router with ssh rights is a special user for just that purpose, and it only has the ssh permission. I remove the ssh rights from admin. Admin user can only connect by remote through a second local login (Winbox, telnet) through ssh port redirect.

I can issue commands in the terminal window as the limited ssh user, but of course they are rejected because of no rights. From what I've found it is not possible to change users from within that window.

I have a server behind that router I connect to through ssh port redirect, in this case also with ssh. I can't connect to it either without the error and disconnection. So the problem isn't just trying to connect back to the router, it happens with any attempt to connect using an ssh port redirect.
 
tdw
Member Candidate
Member Candidate
Posts: 173
Joined: Sat May 05, 2018 11:55 am

Re: v6.44.5 [long-term] is released!

Sun Jul 14, 2019 12:04 am

I connect to manage routers with ssh using an rsa ssh key. SSH stong-crypto is set to yes. I upgraded a remote test router from 6.43.16 long-term to 6.44.5 long-term.

It allows me to make a connection using Putty as usual, the connection terminal window displays correctly. But when I try to manage the router through ssh port tunnel (redirect) to winbox or telnet it disconnects the ssh session with this error:

Strange packet received: type 82

The firmware was not upgraded to 6.44.5 because I could never reconnect to do it (user with ssh permissions is limited to just ssh, so management has to be through a redirected winbox or telnet unless there is a way to change users inside the ssh console window).

My Winbox is 3.19. If there is a change in the changelog that explains this problem I don't see it.

Upgrading to 6.44.5 (and possibly prior 6.44.x releases) does bonkers things to the SSH settings, in particular:
If strong-crypto=yes then allow-none-crypto=no is added - AFAIK this is fixed in the latest beta.
Pertinent to your situation forwarding-enabled=remote is added - IIRC this has been mentioned in previous threads that forwarding-enabled=both, or at least forwarding-enabled=local, would be a better choice on upgrade.

Message ID (packet type) 82 is SSH_MSG_REQUEST_FAILURE

Unless you have a port allowed through the firewall through which you can fangle a remote SSH tunnel I see a long drive in your future.
 
oxy1
just joined
Posts: 8
Joined: Tue Mar 07, 2017 2:19 am

Re: v6.44.5 [long-term] is released!

Mon Jul 15, 2019 8:27 am

How do you guys propose we make such a changelog? This is the long term branch, where releases are very rare, and the jumps are very big.
Imagine there could be 15 fixes, new bugs, fixes again, then the feature could be already removed, then a new one added, removed again, and then a new feature made and fixed.

Listing fixes for non existing feature would be useless.
Realistically though, the introduction then removal of a feature in "stable" prior to moving to "long-term" is unlikely to occur often. It's supposed to be "stable". :-)

The problem with reading the list of changes for "stable" is that often quite a few of the changes have already made it into the previous "long-term" branch. E.g. some fixes in 6.44.1 "stable" were also applied to 6.43.13 "long-term". So there's often quite a lot of duplicate information to wade through that may not be relevant at all. If I'm going from 6.43.16 to 6.44.5, I don't want to have to read a list of the changes that are already incorporated in the release I'm already running.

The way it is now means everyone who wants to upgrade would need to lay out both "stable" and "long-term" changelogs, side-by-side in chronological order, with all the possible changes, and then cross-reference between the two lists to see if there any (probable) matches. It really does make sense for this to be done once (by the team that actually develop the software?), rather than everyone having to do it each time the minor version number is bumped (or possibly multiple times, if you don't actually keep a copy of what you worked out). Do it once properly, and everyone (else) benefits enormously. It really will save a lot of effort overall (and probably grief).
 
Matrix64
just joined
Posts: 3
Joined: Thu Apr 18, 2019 11:37 am

Re: v6.44.5 [long-term] is released!

Mon Jul 15, 2019 2:44 pm

I wish the "long-term" channel would only have releases with bugfixes and security fixes, not a bunch of new features and underlying changes that need to be tested before I can apply the update to fix a security vulnerability. IMO, "long-term" channel should stay in 6.43.x branch and just receive fixes for at least 1 year, preferably more.
 
User avatar
Anumrak
Forum Veteran
Forum Veteran
Posts: 979
Joined: Fri Jul 28, 2017 2:53 pm

Re: v6.44.5 [long-term] is released!

Mon Jul 15, 2019 4:18 pm

I wish the "long-term" channel would only have releases with bugfixes and security fixes, not a bunch of new features and underlying changes that need to be tested before I can apply the update to fix a security vulnerability. IMO, "long-term" channel should stay in 6.43.x branch and just receive fixes for at least 1 year, preferably more.
This exactly what long-term branch is:

https://wiki.mikrotik.com/wiki/Manual:U ... _numbering
 
Matrix64
just joined
Posts: 3
Joined: Thu Apr 18, 2019 11:37 am

Re: v6.44.5 [long-term] is released!

Mon Jul 15, 2019 5:42 pm

I wish the "long-term" channel would only have releases with bugfixes and security fixes, not a bunch of new features and underlying changes that need to be tested before I can apply the update to fix a security vulnerability. IMO, "long-term" channel should stay in 6.43.x branch and just receive fixes for at least 1 year, preferably more.
This exactly what long-term branch is:

https://wiki.mikrotik.com/wiki/Manual:U ... _numbering
So why was 6.44 pushed to long-term if all we needed were a few Linux kernel fixes? I remember "long-term" channel going from 6.42 to 6.43 not long ago.
 
User avatar
chebedewel
just joined
Posts: 5
Joined: Tue Feb 02, 2016 6:41 am
Location: Noumea
Contact:

Re: v6.44.5 [long-term] is released!

Tue Jul 16, 2019 1:28 am

An upgrade on a hAP ac lite from 6.43.16 to 6.44.5 had an issue, only one wireless interface came back => one wireless interface was missing hence no connexion to CAP'sMAN.
It was fixed with a routerboard upgrade an a reboot.
Hopefully it was just a glitch on this device, as I have 1500 more in the wild with autoupgrade ...
Bertrand Cherrier
MTCNA - MTCTCE
_______________________________________________________
MikroTik Consultant & Distributor for New Caledonia
 
User avatar
Anumrak
Forum Veteran
Forum Veteran
Posts: 979
Joined: Fri Jul 28, 2017 2:53 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 16, 2019 11:01 am

I wish the "long-term" channel would only have releases with bugfixes and security fixes, not a bunch of new features and underlying changes that need to be tested before I can apply the update to fix a security vulnerability. IMO, "long-term" channel should stay in 6.43.x branch and just receive fixes for at least 1 year, preferably more.
This exactly what long-term branch is:

https://wiki.mikrotik.com/wiki/Manual:U ... _numbering
So why was 6.44 pushed to long-term if all we needed were a few Linux kernel fixes? I remember "long-term" channel going from 6.42 to 6.43 not long ago.
Cause previous version became stable enough?
 
sanitycheck
newbie
Posts: 47
Joined: Wed Nov 16, 2011 6:03 am
Location: USA

Re: v6.44.5 [long-term] is released!

Tue Jul 16, 2019 7:15 pm

Upgrading to 6.44.5 (and possibly prior 6.44.x releases) does bonkers things to the SSH settings, in particular:
If strong-crypto=yes then allow-none-crypto=no is added - AFAIK this is fixed in the latest beta.
Pertinent to your situation forwarding-enabled=remote is added - IIRC this has been mentioned in previous threads that forwarding-enabled=both, or at least forwarding-enabled=local, would be a better choice on upgrade.

Thanks for that. Confirmed SSH changes you mention above were the problem. To upgrade any other routers with my SSH configuration to 6.44.x I will first have to create a temporary remote access method to prevent being locked out. Another riskier option would be to add a script in scheduler that sets the correct SSH options at next startup, since they can't be set in advance.

I agree that SSH forwarding-enabled might be better set to 'both' as a default, at least during upgrades, to prevent this type of problem.
 
ttaiw
just joined
Posts: 13
Joined: Mon Jun 29, 2009 5:48 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 17, 2019 4:11 pm

I got problem with dhcp-relay , after upgrade my client cannot get address.
Now I downgrade to version 6.43.16 it work fine.
 
mducharme
Trainer
Trainer
Posts: 788
Joined: Tue Jul 19, 2016 6:45 pm

Re: v6.44.5 [long-term] is released!

Fri Jul 19, 2019 8:16 pm

I got problem with dhcp-relay , after upgrade my client cannot get address.
Now I downgrade to version 6.43.16 it work fine.
FYI we have tested this on our devices - DHCP relay is working fine for us on 6.44.5.
 
mszru
just joined
Posts: 15
Joined: Wed Aug 10, 2016 10:42 am

Re: v6.44.5 [long-term] is released!

Fri Jul 19, 2019 9:56 pm

The Dude on hEX (6.44.3) shows weird Expires After time in DHCP Leases for hAP ac at the latest long-term build (6.44.5). The lease time for DHCP server at hAP ac is set to 1 day.

DHCP_Leases_Expires_Afterx.png
You do not have the required permissions to view the files attached to this post.
 
shujanster
just joined
Posts: 22
Joined: Wed Apr 05, 2017 7:02 pm

Re: v6.44.5 [long-term] is released!

Sat Jul 20, 2019 3:44 am

I can't update 6.43.16 to 6.44.5. Don't know why.

Sent from my Redmi Note 5 using Tapatalk

 
sindy
Forum Guru
Forum Guru
Posts: 3770
Joined: Mon Dec 04, 2017 9:19 pm

Re: v6.44.5 [long-term] is released!

Sat Jul 20, 2019 8:34 am

I can't update 6.43.16 to 6.44.5. Don't know why.
Does the beginning of /log print show anything after reboot with the new package downloaded? Typical reasons are .npk for a wrong architecture or a mythical malware preventing upgrade to protect itself.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
shujanster
just joined
Posts: 22
Joined: Wed Apr 05, 2017 7:02 pm

Re: v6.44.5 [long-term] is released!

Sat Jul 20, 2019 10:41 pm



You do not have the required permissions to view the files attached to this post.
 
shujanster
just joined
Posts: 22
Joined: Wed Apr 05, 2017 7:02 pm

Re: v6.44.5 [long-term] is released!

Sat Jul 20, 2019 10:43 pm

I can't update 6.43.16 to 6.44.5. Don't know why.
Does the beginning of /log print show anything after reboot with the new package downloaded? Typical reasons are .npk for a wrong architecture or a mythical malware preventing upgrade to protect itself.
It's show me after reboot.
Screenshot_20190721-012612_Chrome.jpg
Sent from my Redmi Note 5 using Tapatalk

You do not have the required permissions to view the files attached to this post.
 
sindy
Forum Guru
Forum Guru
Posts: 3770
Joined: Mon Dec 04, 2017 9:19 pm

Re: v6.44.5 [long-term] is released!

Sat Jul 20, 2019 11:17 pm

So the router tells you that it cannot install an enabled package (security) because it requires another package (dhcp) to work. It's not a nonsense - since 6.44, IKEv2 (from the security package) responder responds to DHCPINFORM messages from Windows clients which explains the dependency. So enable the dhcp package before upgrade and you should be good.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
gunther01
newbie
Posts: 39
Joined: Sun Aug 01, 2010 7:00 pm

Re: v6.44.5 [long-term] is released!

Sun Jul 21, 2019 12:19 am

44.5 caused Mipse and CCR's to port flap.. I'm not sure why, but when we go to 44.3 it stops..
Going to 445 or above, including the latest BETA crashed an entire leg of our network. Ports were flapping that had nothing plugged in to them, and some where BH's were and it would just flap OSPF constantly to the point I couldn't change settings or keep a winbox open.. Going to 44.3 fixed this issue.

It was very bad.
 
shujanster
just joined
Posts: 22
Joined: Wed Apr 05, 2017 7:02 pm

Re: v6.44.5 [long-term] is released!

Sun Jul 21, 2019 2:36 am

So the router tells you that it cannot install an enabled package (security) because it requires another package (dhcp) to work. It's not a nonsense - since 6.44, IKEv2 (from the security package) responder responds to DHCPINFORM messages from Windows clients which explains the dependency. So enable the dhcp package before upgrade and you should be good.
Thanks sir, it's working. Best wishes for you.

Sent from my Redmi Note 5 using Tapatalk

 
phendry
Member Candidate
Member Candidate
Posts: 258
Joined: Fri May 28, 2004 4:42 pm

Re: v6.44.5 [long-term] is released!

Sun Jul 21, 2019 9:22 am

44.5 caused Mipse and CCR's to port flap.. I'm not sure why, but when we go to 44.3 it stops..
Going to 445 or above, including the latest BETA crashed an entire leg of our network. Ports were flapping that had nothing plugged in to them, and some where BH's were and it would just flap OSPF constantly to the point I couldn't change settings or keep a winbox open.. Going to 44.3 fixed this issue.

It was very bad.
We saw something similar on a CCR1036 when upgrading from v6.43.12 to v6.44.5. What is strange is that we upgraded another CCR1036 from v6.43.12 to v6.44.5 before that which has very similar config (BGP, MPLS, EoIP) but saw no issues. Could only log into the device via mac-telnet and when checking routing table we saw it populate and then completely disappear. Had to factory reset, downgrade to v6.43.12 then restore from backup file.
 
gunther01
newbie
Posts: 39
Joined: Sun Aug 01, 2010 7:00 pm

Re: v6.44.5 [long-term] is released!

Sun Jul 21, 2019 6:30 pm

44.5 caused Mipse and CCR's to port flap.. I'm not sure why, but when we go to 44.3 it stops..
Going to 445 or above, including the latest BETA crashed an entire leg of our network. Ports were flapping that had nothing plugged in to them, and some where BH's were and it would just flap OSPF constantly to the point I couldn't change settings or keep a winbox open.. Going to 44.3 fixed this issue.

It was very bad.
We saw something similar on a CCR1036 when upgrading from v6.43.12 to v6.44.5. What is strange is that we upgraded another CCR1036 from v6.43.12 to v6.44.5 before that which has very similar config (BGP, MPLS, EoIP) but saw no issues. Could only log into the device via mac-telnet and when checking routing table we saw it populate and then completely disappear. Had to factory reset, downgrade to v6.43.12 then restore from backup file.
I was able to downgrade back to 44.3 and the problem went away. But, some other routers didn't seem to act the same way as the two that were totally freaking out either. I even went so far as to try the latest Beta to see if it stopped and it acted the exact same. Ports that weren't even part of OSPF were flapping like mad. Then other ports that were part of OSPF and BH's were flapping also. Which of course screwed up an entire leg of our network. It was very very bad.. 44.3 instantly fixed that issue. SOMETHING IS BROKEN PAST 44.3. I don't know what it is, but it is for sure.
 
Halfeez92
newbie
Posts: 36
Joined: Tue Oct 30, 2012 12:58 pm
Contact:

Re: v6.44.5 [long-term] is released!

Mon Jul 22, 2019 10:06 am

I got error "TLS Failed" on Mikrotik OVPN client when enabling the verify-server-certificate. Can tell me what is the reason? When disabled, my Mikrotik OVPN client can connect without problem. I have been reading the mikrotik wiki on https://wiki.mikrotik.com/wiki/Manual:Interface/OVPN but nothing mention on the "verify-server-certificate", it has not been update is not it?
 
Halfeez92
newbie
Posts: 36
Joined: Tue Oct 30, 2012 12:58 pm
Contact:

Re: v6.44.5 [long-term] is released!

Mon Jul 22, 2019 10:09 am

I got error "TLS Failed" on Mikrotik OVPN client when enabling the verify-server-certificate. Can tell me what is the reason? When disabled, my Mikrotik OVPN client can connect without problem. I have been reading the mikrotik wiki on https://wiki.mikrotik.com/wiki/Manual:Interface/OVPN but nothing mention on the "verify-server-certificate", it has not been update is not it?
Oh it's okay. I already found the solution.
Apparently you have to import the CA into the client mikrotik, then it will use the CA to verify the remote server certificate.
 
ste
Forum Guru
Forum Guru
Posts: 1789
Joined: Sun Feb 13, 2005 11:21 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 23, 2019 8:27 am

44.5 caused Mipse and CCR's to port flap.. I'm not sure why, but when we go to 44.3 it stops..
Going to 445 or above, including the latest BETA crashed an entire leg of our network. Ports were flapping that had nothing plugged in to them, and some where BH's were and it would just flap OSPF constantly to the point I couldn't change settings or keep a winbox open.. Going to 44.3 fixed this issue.

It was very bad.
We saw something similar on a CCR1036 when upgrading from v6.43.12 to v6.44.5. What is strange is that we upgraded another CCR1036 from v6.43.12 to v6.44.5 before that which has very similar config (BGP, MPLS, EoIP) but saw no issues. Could only log into the device via mac-telnet and when checking routing table we saw it populate and then completely disappear. Had to factory reset, downgrade to v6.43.12 then restore from backup file.
I was able to downgrade back to 44.3 and the problem went away. But, some other routers didn't seem to act the same way as the two that were totally freaking out either. I even went so far as to try the latest Beta to see if it stopped and it acted the exact same. Ports that weren't even part of OSPF were flapping like mad. Then other ports that were part of OSPF and BH's were flapping also. Which of course screwed up an entire leg of our network. It was very very bad.. 44.3 instantly fixed that issue. SOMETHING IS BROKEN PAST 44.3. I don't know what it is, but it is for sure.
Updated some CCRs with OSPF and BGP and do not see this problem. Must be specific to your config/installation.
 
gunther01
newbie
Posts: 39
Joined: Sun Aug 01, 2010 7:00 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 23, 2019 4:54 pm

44.5 caused Mipse and CCR's to port flap.. I'm not sure why, but when we go to 44.3 it stops..
Going to 445 or above, including the latest BETA crashed an entire leg of our network. Ports were flapping that had nothing plugged in to them, and some where BH's were and it would just flap OSPF constantly to the point I couldn't change settings or keep a winbox open.. Going to 44.3 fixed this issue.

It was very bad.
We saw something similar on a CCR1036 when upgrading from v6.43.12 to v6.44.5. What is strange is that we upgraded another CCR1036 from v6.43.12 to v6.44.5 before that which has very similar config (BGP, MPLS, EoIP) but saw no issues. Could only log into the device via mac-telnet and when checking routing table we saw it populate and then completely disappear. Had to factory reset, downgrade to v6.43.12 then restore from backup file.
I was able to downgrade back to 44.3 and the problem went away. But, some other routers didn't seem to act the same way as the two that were totally freaking out either. I even went so far as to try the latest Beta to see if it stopped and it acted the exact same. Ports that weren't even part of OSPF were flapping like mad. Then other ports that were part of OSPF and BH's were flapping also. Which of course screwed up an entire leg of our network. It was very very bad.. 44.3 instantly fixed that issue. SOMETHING IS BROKEN PAST 44.3. I don't know what it is, but it is for sure.
Updated some CCRs with OSPF and BGP and do not see this problem. Must be specific to your config/installation.
Yeah, that's a lot of help..
Like I said, ports that aren't even part of OSPF were flapping.. Made no sense at all.

And last time I had issues with MPLS and OSPF Mikrotik told me to reboot after I spent the tiem to send them support files on my routers.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1239
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.44.5 [long-term] is released!

Tue Jul 23, 2019 7:51 pm

Please stop quoting the quote. Quote only part needed to quote, use Post Reply in post to answer a post...
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
ste
Forum Guru
Forum Guru
Posts: 1789
Joined: Sun Feb 13, 2005 11:21 pm

Re: v6.44.5 [long-term] is released!

Thu Jul 25, 2019 11:08 am

Updateing to 6.44.5 brings a problem with PPOE Server. Using a Remote Address in PPP Secret which is from a pool this address is not reserved/blocked. So PPPOE-Server uses this IP twice. Hard to find the problem as pings alway go through from the server side but customers complain like mad. So the static IP has to be removed from the pool.
 
mducharme
Trainer
Trainer
Posts: 788
Joined: Tue Jul 19, 2016 6:45 pm

Re: v6.44.5 [long-term] is released!

Thu Jul 25, 2019 7:57 pm

Updateing to 6.44.5 brings a problem with PPOE Server. Using a Remote Address in PPP Secret which is from a pool this address is not reserved/blocked. So PPPOE-Server uses this IP twice. Hard to find the problem as pings alway go through from the server side but customers complain like mad. So the static IP has to be removed from the pool.
For us it has always had this behavior (from when we started using it at around 6.35.x onward) - if a customer is assigned a static remote address for PPP (through RADIUS for example) it doesn't get tracked in pool usage so the same address can be given to another customer.
 
ste
Forum Guru
Forum Guru
Posts: 1789
Joined: Sun Feb 13, 2005 11:21 pm

Re: v6.44.5 [long-term] is released!

Fri Jul 26, 2019 8:39 am

Updateing to 6.44.5 brings a problem with PPOE Server. Using a Remote Address in PPP Secret which is from a pool this address is not reserved/blocked. So PPPOE-Server uses this IP twice. Hard to find the problem as pings alway go through from the server side but customers complain like mad. So the static IP has to be removed from the pool.
For us it has always had this behavior (from when we started using it at around 6.35.x onward) - if a customer is assigned a static remote address for PPP (through RADIUS for example) it doesn't get tracked in pool usage so the same address can be given to another customer.
I hop from long term to long term and reduce updates where possible. Still got burnt with such changes. I read the changelog carefully but ... I am really tired with complaining customers.
 
DummyPLUG
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Wed Jan 03, 2018 10:17 am

Re: v6.44.5 [long-term] is released!

Tue Jul 30, 2019 7:53 pm

when did routeros start support DNSSEC? with 6.44.5 I see it support dnssec but no validation, as I remember I didn't see it support DNSSEC before.
 
Sob
Forum Guru
Forum Guru
Posts: 4411
Joined: Mon Apr 20, 2009 9:11 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 30, 2019 11:41 pm

AFAIK only "support" for DNSSEC in RouterOS is when you ask its resolver for DNSSEC-related records, it will ask upstream resolver and if it gets them from there, it will pass them on. But it's nothing special, any resolver that's not horribly broken does that.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply.
 
DummyPLUG
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Wed Jan 03, 2018 10:17 am

Re: v6.44.5 [long-term] is released!

Wed Jul 31, 2019 7:47 am

AFAIK only "support" for DNSSEC in RouterOS is when you ask its resolver for DNSSEC-related records, it will ask upstream resolver and if it gets them from there, it will pass them on. But it's nothing special, any resolver that's not horribly broken does that.
well at least it pass the record instead of do nothing like before, now wish they can fully implement it
 
Sob
Forum Guru
Forum Guru
Posts: 4411
Joined: Mon Apr 20, 2009 9:11 pm

Re: v6.44.5 [long-term] is released!

Thu Aug 01, 2019 7:17 am

@DummyPLUG: Since it's probably OT here, because I really doubt that anything changed, maybe you could open new thread and share some details about what differences you see. I don't remember RouterOS having trouble with DNS records of any kind.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply.
 
wolfktl
just joined
Posts: 21
Joined: Thu Jun 27, 2013 6:07 pm

Re: v6.44.5 [long-term] is released!

Mon Aug 05, 2019 12:10 am

TLS+failed OpenVPN
Certificate migration issue
viewtopic.php?f=2&t=143045&p=743141#p743141
 
User avatar
Deantwo
Member Candidate
Member Candidate
Posts: 289
Joined: Tue Sep 30, 2014 4:07 pm

Re: v6.44.5 [long-term] is released!

Wed Aug 07, 2019 11:02 am

Can you maybe update the security blog post to include this RouterOS version as a fix?
Here: https://blog.mikrotik.com/security/cve- ... 11479.html
I wish my FTP was FTL.
 
sport80
just joined
Posts: 10
Joined: Sat May 24, 2014 6:32 pm

Re: v6.44.5 [long-term] is released!

Thu Aug 08, 2019 5:19 pm

TLS+failed OpenVPN
Certificate migration issue
viewtopic.php?f=2&t=143045&p=743141#p743141
Same problem to me :(
 
xt22
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Tue Jul 14, 2015 1:16 pm

Re: v6.44.5 [long-term] is released!

Fri Aug 09, 2019 12:51 am

has anyone had any wireless problems with cAP (RBcAPGi-5acD2nD) and 6.44.5? After upgrading from the great 6.43.16 (I didn't know about the devices for like a year) to 6.44.5, I started to receive complaints from users. I don't see anything in logs or monitoring, but users say internet drops for a while, or the wifi(s) disappear totally for a short while.

I have like 100 of them and it is not a single complaint, there probably are some other non-Mikrotik factors involved in this, but anyway - 6.43.16 seems rock solid to me compared to 6.44.5,, has anyone experienced this too?
 
bda
Member Candidate
Member Candidate
Posts: 124
Joined: Fri Sep 03, 2010 11:07 am
Location: Russia,Moscow

Re: v6.44.5 [long-term] is released!

Wed Aug 14, 2019 6:58 pm

has anyone had any wireless problems with cAP (RBcAPGi-5acD2nD) and 6.44.5? After upgrading from the great 6.43.16 (I didn't know about the devices for like a year) to 6.44.5, I started to receive complaints from users. I don't see anything in logs or monitoring, but users say internet drops for a while, or the wifi(s) disappear totally for a short while.

I have like 100 of them and it is not a single complaint, there probably are some other non-Mikrotik factors involved in this, but anyway - 6.43.16 seems rock solid to me compared to 6.44.5,, has anyone experienced this too?
I have several cAPlite, wAP, wAPac. No any problem with wifi.
We have multiple any other issues, but no with WiFi,

What kind of problem do you have?
God bless UNIX!
 
parham
newbie
Posts: 27
Joined: Sun Feb 15, 2015 11:35 pm

Re: v6.44.5 [long-term] is released!

Thu Aug 15, 2019 11:40 am

Hi All,

I believe the SMNP v3 is broken, I have chaged all my device to 2c.

Parham
 
nje431
newbie
Posts: 40
Joined: Tue Sep 10, 2013 5:17 pm

Re: v6.44.5 [long-term] is released!

Thu Aug 15, 2019 10:28 pm

Yes, SNMPv3 is broken. The one configuration I've found that works is Authentication=MD5 / Privacy=None. Anything else fails for me.
 
S4bulba
just joined
Posts: 12
Joined: Mon May 07, 2018 12:18 am

Re: v6.44.5 [long-term] is released!

Wed Aug 21, 2019 1:32 pm

This build is ok with 951Ui-2nD.
Over & Out !
 
Kampfwurst
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Mon Mar 24, 2014 2:53 pm

Re: v6.44.5 [long-term] is released!

Fri Aug 23, 2019 12:35 pm

i use a HAP ac² and i crashes when i try to use the bandwitdh test. I tried to connect to a 1100X4 also with the 6.44.5 version.
The log it shows "kernel failure"

Has someone the same problem?
The mikrotik support wrote me to update to the 6.45.3. But this is no option. Mikrotik need to get there software more stable.

Who is online

Users browsing this forum: No registered users and 17 guests