Community discussions

 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24077
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

6.30 released

Wed Jul 08, 2015 5:02 pm

What's new in 6.30 (2015-Jul-08 09:07):

*) wireless - added WMM power save suport for mobile devices;
*) firewall - sip helper improved, large packets no longer dropped;
*) fixed encryption 'out of order' problem on SMP systems;
*) email - fix sending multiple consecutive emails;
*) fixed router lockup on leap seconds with installed ntp package;
*) ccr - made hardware watchdog work again (was broken since v6.26);
*) console - allow users with 'policy' policy to change script owner;
*) icmp - use receive interface address when responding with icmp errors;
*) ipsec - fail ph2 negitioation when initiator proposed key length
does not match proposal configuration;
*) timezone - updated timezone information to 2015e release;
*) ssh - added option '/ip ssh stong-crypto'
*) wireless - improve ac radio coexistence with other wireless clients, optimized
transmit times to not interfere with other devices;
*) console - values of $".id", $".nextid" and $".dead" are avaliable for
use in 'print where' expressions;
*) console - ':execute' command now accepts script source in "{}" braces,
like '/system scripts add source=' does;
*) console - ':execute' command now returns internal number of running job,
that can be used to check and stop execution. For example:
:local j [:execute {/interface print follow where [:log info "$name"]}]
:delay 10s
:do { /system script job remove $j } on-error={}
*) console - firewall 'print' commands now show all entries including
dynamic, 'all' argument now has no effect;
*) ipsec - increase replay window to 128;
*) fixed file transfer on devices with large RAM memory;
*) pptp - fixed "encryption got out of sync" problem;
*) ppp - disable vj tcp header compression;
*) api - reduce api tcp connection keepalive delay to 30 seconds,
will timeout idle connections in about 5 minutes;
*) pptp & l2tp & sstp client: support the case were server issues its tunnel
ip address the same as its public one;
*) removed wireless package from routeros bundle package,
new wireless-fp is left in place and wireless-cm2 added as option;
*) pptp & l2tp client: when adding default route, add special exception route for
a tunnel itself (no need to add it manually anymore);
*) improved connection list: added connection packet/byte counters,
added separate counters for fasttrack, added current rate display,
added flag wheather connection is fasttracked/srcnated/dstnated,
removed 2048 connection entry limit;
*) tunnels - eoip, eoipv6, gre,gre6, ipip, ipipv6, 6to4 tunnels
have new property - ipsec-secret - for easy setup of ipsec
encryption and authentication;
*) firewall - added ipsec-policy matcher to check wheather packet
was/will be ipsec processed or not;
*) possibility to disable route cache - improves DDOS attack
handling performance up to 2x (note that ipv4 fastpath depends on route cache);
*) fasttrack - added dummy firewall rule in filter and mangle tables
to show packets/bytes that get processed in fasttrack and bypass firewall;
*) fastpath - vlan interfaces support fastpath;
*) fastpath - partial support for bonding interfaces (rx only);
*) fastpath - vrrp interfaces support fastpath;
*) fixed memory leak on CCR devices (introduced in 6.28);
*) lte - improved modem identification to better support multiple identical modems;
*) snmp - fix system scripts table;
No answer to your question? How to write posts
 
JanezFord
Member Candidate
Member Candidate
Posts: 262
Joined: Wed May 23, 2012 10:58 am

Re: 6.30 released

Wed Jul 08, 2015 5:31 pm

Hello,

is there any specific command needed to enable WMM Power Save of is it enabled by default. TNX ... upgraded RB951G without issues.

JF.
 
kristaps
Member Candidate
Member Candidate
Posts: 272
Joined: Mon Jan 27, 2014 1:37 pm

Re: 6.30 released

Wed Jul 08, 2015 5:46 pm

No It just enabled by default on wireless-fp and cm2 packages
 
avantwireless
Member Candidate
Member Candidate
Posts: 137
Joined: Mon Nov 07, 2005 3:04 am

Re: 6.30 released

Wed Jul 08, 2015 6:12 pm

I could not get the regular wireless package be seen after uploading it to a router. What is the process to get it to be added to the packages? We see less disconnects with nstream with the regular wireless package than the fp or cm2 packages and need it for that reason.
 
User avatar
CyberTod
Long time Member
Long time Member
Posts: 511
Joined: Wed Jan 25, 2012 10:23 am

Re: 6.30 released

Wed Jul 08, 2015 6:48 pm

*) wireless - added WMM power save suport for mobile devices;
Waiting a long time for this. Nice.
 
lekozs
newbie
Posts: 46
Joined: Wed Aug 30, 2006 12:49 pm

Re: 6.30 released

Wed Jul 08, 2015 7:11 pm

I could not get the regular wireless package be seen after uploading it to a router. What is the process to get it to be added to the packages? We see less disconnects with nstream with the regular wireless package than the fp or cm2 packages and need it for that reason.
*) removed wireless package from routeros bundle package,
new wireless-fp is left in place and wireless-cm2 added as option;
... there is no "regular" wireless package anymore...
 
solaoxo
Frequent Visitor
Frequent Visitor
Posts: 94
Joined: Sun Oct 20, 2013 8:38 pm

Re: 6.30 released

Wed Jul 08, 2015 7:53 pm

'execute' in not running scheduler.
 
moep
newbie
Posts: 48
Joined: Mon Jul 02, 2012 2:12 pm

Re: 6.30 released

Wed Jul 08, 2015 8:15 pm

I just upgrades my CCR1009-PC
I now have problems on my bonding interface.
Its configured for active-backup. ether8 is master and ether7 is slave. If you disconnect the ethernet cable from ether8 you get an instant reboot with the following lines in the log/terminal:

System rebooted because of kernel failure
router was rebooted without proper shutdown, probably kernel failure

If you want to change the bonding interface, you will get the same instant reboot.

Is there a workaround/fix for this issue yet? Ist it even "on the radar"?

Otherwise the device is working well.

Thanks for any help :)
 
User avatar
paoloaga
Member Candidate
Member Candidate
Posts: 221
Joined: Tue Mar 08, 2011 2:52 am
Location: Vaprio d'Agogna (NO) - Italy
Contact:

Re: 6.30 released

Wed Jul 08, 2015 8:36 pm

Am I wrong or all_packages-smips-6.30.zip doesn't contain the wireless package? And I can't find it separately for download (capsman2 package).
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3077
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: 6.30 released

Wed Jul 08, 2015 8:42 pm

Am I wrong or all_packages-smips-6.30.zip doesn't contain the wireless package? And I can't find it separately for download (capsman2 package).
*) removed wireless package from routeros bundle package,
new wireless-fp is left in place and wireless-cm2 added as option;
Show your appreciation of this post by giving me Karma! Thanks.

Rudy R. Puister

WISP operator based on MT routerboard & ROS.
 
NicK
just joined
Posts: 4
Joined: Thu Jul 02, 2015 9:43 pm

Re: 6.30 released

Wed Jul 08, 2015 8:42 pm

It continues with the bugs that I reported. Apparently, you're not behind the comments of members. This is sad.
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3077
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: 6.30 released

Wed Jul 08, 2015 8:44 pm

I hope so many changes is going to work out.. Lets wait and see for two week if we will get a storm on this tread or just a mild breeze...
Show your appreciation of this post by giving me Karma! Thanks.

Rudy R. Puister

WISP operator based on MT routerboard & ROS.
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3077
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: 6.30 released

Wed Jul 08, 2015 8:46 pm

It continues with the bugs that I reported. Apparently, you're not behind the comments of members. This is sad.
That's not completely fair.. they must have worked hard to correct and introduce so many features. Some bugs just take time to figure out and fix. Maybe the are fixed in next release. Or ask them polite to their status. :)
Show your appreciation of this post by giving me Karma! Thanks.

Rudy R. Puister

WISP operator based on MT routerboard & ROS.
 
NicK
just joined
Posts: 4
Joined: Thu Jul 02, 2015 9:43 pm

Re: 6.30 released

Wed Jul 08, 2015 8:55 pm

It continues with the bugs that I reported. Apparently, you're not behind the comments of members. This is sad.
That's not completely fair.. they must have worked hard to correct and introduce so many features. Some bugs just take time to figure out and fix. Maybe the are fixed in next release. Or ask them polite to their status. :)
The bug is from the 6.29 version and has been reported in fixes topic 6.30 RC

They had to give priority to bugs than the news.
 
User avatar
paoloaga
Member Candidate
Member Candidate
Posts: 221
Joined: Tue Mar 08, 2011 2:52 am
Location: Vaprio d'Agogna (NO) - Italy
Contact:

Re: 6.30 released

Wed Jul 08, 2015 8:58 pm

Am I wrong or all_packages-smips-6.30.zip doesn't contain the wireless package? And I can't find it separately for download (capsman2 package).
*) removed wireless package from routeros bundle package,
new wireless-fp is left in place and wireless-cm2 added as option;
I was meaning I can't find ANY wireless package: I don't find both wireless-fp and wireless-cm2. I don't think that SMIPS ever had the plain wireless package at all. Are the features included into the system package?
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 545
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: 6.30 released

Wed Jul 08, 2015 8:59 pm

What version am I running ? :D
You do not have the required permissions to view the files attached to this post.
 
vys
just joined
Posts: 2
Joined: Wed Jun 03, 2015 8:46 pm

Re: 6.30 released

Wed Jul 08, 2015 9:02 pm

*) wireless - added WMM power save suport for mobile devices;
but I still get the following in the log from my iphone 5s:
20:55:22 wireless,info wlan1: data from unknown device 54:E4:3A:27:06:F3, sent deauth 
20:55:47 wireless,info wlan1: data from unknown device 54:E4:3A:27:06:F3, sent deauth 
20:55:47 wireless,info wlan1: data from unknown device 54:E4:3A:27:06:F3, sent deauth 
20:55:47 wireless,info wlan1: data from unknown device 54:E4:3A:27:06:F3, sent deauth 
20:55:47 wireless,info 54:E4:3A:27:06:F3@wlan1: connected 
20:57:45 wireless,info 54:E4:3A:27:06:F3@wlan1: disconnected, extensive data loss 
6.30, wireless-fp enabled
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3077
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: 6.30 released

Wed Jul 08, 2015 9:04 pm

It continues with the bugs that I reported. Apparently, you're not behind the comments of members. This is sad.
That's not completely fair.. they must have worked hard to correct and introduce so many features. Some bugs just take time to figure out and fix. Maybe the are fixed in next release. Or ask them polite to their status. :)
The bug is from the 6.29 version and has been reported in fixes topic 6.30 RC

They had to give priority to bugs than the news.
And that can't be the fact. If bugs always would have priority above new features we would still work with pigeons to send a message. They still have bugs.....
Technology advances because new features are introduce to do better. Bugs are always around and some bugs only affect some specific users where new features probably benefit more and put a manufacturer still in the market.
Its a balance....
But lets not clutter this tread. I'm waiting for the first reports of success or failures from the wide users base....
Show your appreciation of this post by giving me Karma! Thanks.

Rudy R. Puister

WISP operator based on MT routerboard & ROS.
 
NicK
just joined
Posts: 4
Joined: Thu Jul 02, 2015 9:43 pm

Re: 6.30 released

Wed Jul 08, 2015 9:08 pm

And that can't be the fact. If bugs always would have priority above new features we would still work with pigeons to send a message. They still have bugs.....
Technology advances because new features are introduce to do better. Bugs are always around and some bugs only affect some specific users where new features probably benefit more and put a manufacturer still in the market.
Its a balance....
But lets not clutter this tread. I'm waiting for the first reports of success or failures from the wide users base....
It seems that managed to solve, after upgrading the firmware of my RB750. I will wait to see if the problem returns because the bug began after 15h uptime.

#Edit
Image
The bug is still continuing. Only occurs when the port is connected but unused. Example: Using switch unmanaged.

By using the door with a computer for example, displays the correct data from the same use. Now, if the same stop using the door, and turns off when passing +/- 5 minutes, back to send packets from one port to the other, while the other is not in use, is connected only.
 
xavierbt
newbie
Posts: 40
Joined: Thu Jan 22, 2015 11:55 am

Re: 6.30 released

Wed Jul 08, 2015 9:17 pm

Be aware, There is a new routerboard firmware version 3.24 !!!
 
xavierbt
newbie
Posts: 40
Joined: Thu Jan 22, 2015 11:55 am

Re: 6.30 released

Wed Jul 08, 2015 9:33 pm

After upgrading, the Quick Set has changed from 'Home AP' to 'WISP AP'. The Wiressless Clients is not refreshing the Signal Strength.

It's a 951G-2HnD.
 
avantwireless
Member Candidate
Member Candidate
Posts: 137
Joined: Mon Nov 07, 2005 3:04 am

Re: 6.30 released

Wed Jul 08, 2015 9:46 pm

Yes there is just a regular wireless package in the all packages zip file... You have to get it though the zip file... Unfortunately when you put it into the packages on the router it doesn't add it in. I was looking for help adding it in, if possible, not the obvious, "It's been replaced in the bundle" .. Yes I do read the release notes, and yes I do understand what they say. So if anyone knows the magic to make it usable instead of fp and cm, I will give you karma!
 
Taylor
newbie
Posts: 33
Joined: Wed Aug 13, 2014 12:27 am

Re: 6.30 released

Wed Jul 08, 2015 9:49 pm

Why would you want to use it instead of fp? Its basically the same but improvements. I've been using it for around a year now.
 
mediana
just joined
Posts: 10
Joined: Tue Feb 04, 2014 9:03 am

Re: 6.30 released

Wed Jul 08, 2015 9:58 pm

Script to update DynDNS will fail after upgrade to v6.30.
Downgrade to v6.29.1, the same script works.
Have no idea what happened in the" /tool fetch" process, it just stop there......

The script code:

:local ddnsuser "myname";
:local ddnspass "mypass";
:local theinterface "pppoe-myisp";
:local ddnshost "ddnshost.dyndns.org";

:local ipddns [:resolve $ddnshost];
:local ipfresh [ /ip address get [/ip address find interface=$theinterface ] address ];
:if ([ :typeof $ipfresh ] = nil ) do={
:log info ("DynDNS: No ip address on $theinterface .");
} else={
:for i from=( [:len $ipfresh] - 1) to=0 do={
:if ( [:pick $ipfresh $i] = "/") do={
:set ipfresh [:pick $ipfresh 0 $i];
}
}

:if ($ipddns != $ipfresh) do={
:log info ("DynDNS: IP-DynDNS = $ipddns");
:log info ("DynDNS: IP-Fresh = $ipfresh");
:log info "DynDNS: Update IP needed, Sending UPDATE...!";
:local str "/nic/update?hostname=$ddnshost&myip=$ipfresh&wildcard=NOCHG&mx=NOCHG&backmx=NOCHG";
/tool fetch address=members.dyndns.org src-path=$str mode=http user=$ddnsuser \
password=$ddnspass dst-path=("/DynDNS.".$ddnshost);
:delay 1;
:local str [/file find name="DynDNS.$ddnshost"];
/file remove $str;
:global ipddns $ipfresh;
:log info "DynDNS: IP updated to $ipfresh!";
} else={
:log info "DynDNS: Don't need changes";
}
}
 
manitonetworks
Trainer
Trainer
Posts: 27
Joined: Wed Jul 08, 2015 9:53 pm

Re: 6.30 released

Wed Jul 08, 2015 10:00 pm

Update to RB751 seemed to go well, including the new firmware. I appreciate the new features and the bug fixes as well, but it would be nice if we could remove the dummy firewall rule and associated mangle rules introduced in this release.

I've been unable to remove or disable the filter rule from the command line or in Winbox ("cannot remove builtin" error), and I don't want to have to add this new rule to our firewall documentation, or explain to our auditors what this rule is and why it's suddenly appeared since our last audit. On the networks where we're required to be compliant, because there's been a firewall addition that we can't undo we'll also have to re-scan our networks for compliance.
Last edited by manitonetworks on Wed Jul 08, 2015 10:03 pm, edited 1 time in total.
Founder, Lead Auditor
Manito Networks, LLC
http://www.manitonetworks.com
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 545
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: 6.30 released

Wed Jul 08, 2015 10:01 pm

Yes there is just a regular wireless package in the all packages zip file... You have to get it though the zip file... Unfortunately when you put it into the packages on the router it doesn't add it in. I was looking for help adding it in, if possible, not the obvious, "It's been replaced in the bundle" .. Yes I do read the release notes, and yes I do understand what they say. So if anyone knows the magic to make it usable instead of fp and cm, I will give you karma!
Disable/uninstall -fp and cm2 pkgs ..reboot ..upload std wireless pkg.. reboot
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 545
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: 6.30 released

Wed Jul 08, 2015 10:16 pm

Script to update DynDNS will fail after upgrade to v6.30.
Downgrade to v6.29.1, the same script works.
.. cut..
Take a look here ... http://forum.mikrotik.com/viewtopic.php ... 04#p489204
 
lekozs
newbie
Posts: 46
Joined: Wed Aug 30, 2006 12:49 pm

Re: 6.30 released

Wed Jul 08, 2015 10:33 pm

Torrent link http://www.mikrotik.com/download/router ... 30.torrent is ready ...but no seeders, yet...
 
visalink
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Thu Oct 03, 2013 1:42 am

Re: 6.30 released

Wed Jul 08, 2015 10:44 pm

And that can't be the fact. If bugs always would have priority above new features we would still work with pigeons to send a message. They still have bugs.....
Technology advances because new features are introduce to do better. Bugs are always around and some bugs only affect some specific users where new features probably benefit more and put a manufacturer still in the market.
Its a balance....
But lets not clutter this tread. I'm waiting for the first reports of success or failures from the wide users base....
It seems that managed to solve, after upgrading the firmware of my RB750. I will wait to see if the problem returns because the bug began after 15h uptime.

#Edit
Image
The bug is still continuing. Only occurs when the port is connected but unused. Example: Using switch unmanaged.

By using the door with a computer for example, displays the correct data from the same use. Now, if the same stop using the door, and turns off when passing +/- 5 minutes, back to send packets from one port to the other, while the other is not in use, is connected only.
This also occurs to me.
 
User avatar
shahbazian
Trainer
Trainer
Posts: 166
Joined: Fri Sep 09, 2011 6:22 pm
Location: Iran
Contact:

Re: 6.30 released

Wed Jul 08, 2015 11:23 pm

I don't see "*) fixed kernel failure after queues configuration has been changed" in RouterOS v6.30 change log, but this is exist in v6.30rc
where is this changelog?
Learn MikroTik to improve your network.
( MTCNA, MTCRE, MTCWE, MTCTCE, MTCUME, MTCIPv6E, MTCINE )
MikroTik Certified Trainer & Consultant
RIPE NCC Trainer
 
barkas
Member Candidate
Member Candidate
Posts: 260
Joined: Sun Sep 25, 2011 10:51 pm

6.30 released

Wed Jul 08, 2015 11:26 pm

After installation on rb450g after boot it takes all interfaces offline and there is no way to get at it anymore.
Did netinstall, worked at first, but after configuration restore it is unreachable again. Then I reset the configuration but it's still unreachable.
Nothing on serial console either.
Now I'm downgrading to 6.29.1 again.
 
Lupin
Member Candidate
Member Candidate
Posts: 264
Joined: Mon Feb 16, 2009 10:22 pm
Location: Italy

Re: 6.30 released

Wed Jul 08, 2015 11:35 pm

How to use execute? (mAP)
[admin@MikroTik] > :execute script={interface print} file=test.txt
[admin@MikroTik] > 
No error in sintax
[admin@MikroTik] > file print
 # NAME                        TYPE                              SIZE CREATION-TIME       
 0 flash                       disk                                   jan/01/1970 00:00:00
 1 pub                         directory                              jul/08/2015 20:13:55
 2 flash/skins                 directory                              jan/01/1970 00:00:03
[admin@MikroTik] > 
but no file
 
User avatar
shahbazian
Trainer
Trainer
Posts: 166
Joined: Fri Sep 09, 2011 6:22 pm
Location: Iran
Contact:

Re: 6.30 released

Wed Jul 08, 2015 11:47 pm

Where is RouterBOOT v3.24 changelog in "http://wiki.mikrotik.com/wiki/RouterBOOT_changelog"?
Learn MikroTik to improve your network.
( MTCNA, MTCRE, MTCWE, MTCTCE, MTCUME, MTCIPv6E, MTCINE )
MikroTik Certified Trainer & Consultant
RIPE NCC Trainer
 
User avatar
noyo
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jan 28, 2012 12:25 am
Location: Mazury - Poland
Contact:

Re: 6.30 released

Wed Jul 08, 2015 11:51 pm

What version am I running ? :D
in my rb711 is ok
Where is RouterBOOT v3.24 changelog in "http://wiki.mikrotik.com/wiki/RouterBOOT_changelog"?
+1
 
xavierbt
newbie
Posts: 40
Joined: Thu Jan 22, 2015 11:55 am

Re: 6.30 released

Thu Jul 09, 2015 12:17 am

After upgrading, the Quick Set has changed from 'Home AP' to 'WISP AP'. The Wiressless Clients is not refreshing the Signal Strength.

It's a 951G-2HnD.

Safari and Firefox reports errors executing the Quick Set page

[Error] Failed to load resource: http://192.168.75.2/jsproxy/?%00%00%00% ... 0%C2%8B¿ÖÑ
the server responded with a status of 404 (Not Found) (jsproxy, line 0)

[Error] TypeError: undefined is not a function (evaluating 'this.udpateRow({ufe0001:i,ufe0013:1})')
updateTable (engine-4c6d1994ff94.js, line 442)
load (engine-4c6d1994ff94.js, line 441)
update (engine-4c6d1994ff94.js, line 233)
lstn (engine-4c6d1994ff94.js, line 222)
notify (engine-4c6d1994ff94.js, line 299)
load (engine-4c6d1994ff94.js, line 460)
lstn (engine-4c6d1994ff94.js, line 458)
notify (engine-4c6d1994ff94.js, line 299)
onreply (engine-4c6d1994ff94.js, line 828)
decrypt (engine-4c6d1994ff94.js, line 53)
(función anónima) (engine-4c6d1994ff94.js, line 792)
onreadystatechange (engine-4c6d1994ff94.js, line 782)
 
User avatar
paoloaga
Member Candidate
Member Candidate
Posts: 221
Joined: Tue Mar 08, 2011 2:52 am
Location: Vaprio d'Agogna (NO) - Italy
Contact:

Re: 6.30 released

Thu Jul 09, 2015 12:37 am

I was meaning I can't find ANY wireless package: I don't find both wireless-fp and wireless-cm2. I don't think that SMIPS ever had the plain wireless package at all. Are the features included into the system package?
I try to be more clear. I still can't find any wireless*.npk in the "extra packages" .zip file for the SMIPS architecture (hAP). Am I missing something?
 
User avatar
G2Dolphin
Member Candidate
Member Candidate
Posts: 154
Joined: Sun May 17, 2015 6:03 pm
Location: Moscow, Russia

Re: 6.30 released

Thu Jul 09, 2015 12:58 am

Please, add a checkbox for disabling dummy fasttrack rules.
Home: RB3011UiAS-IN (2011 case+3011-RM), hAP ac, mAP2n/mAP2nD, GrooveA-52HPn, hEX (r3), hAP lite, RB951G-2HnD
Work: RB2011UiAS-RM / UiAS-2HnD-IN, RB951G-2HnD, hEX (r3), CRS125-24G-1S-2HnD-IN, CCR1009-8G-1S-1S+
 
regi
just joined
Posts: 6
Joined: Wed Jul 08, 2015 9:27 pm

Re: 6.30 released

Thu Jul 09, 2015 1:26 am

upgraded from 6.27 (because of problems with l2tp/ipsec in 6.28 and 6.29)


on RB2011UAS-2HnD:
L2TP/IPSec still not working
20:24:42 ipsec,error key length mismatched, mine:128 peer:256. 
20:24:42 ipsec,error authtype mismatched: my:hmac-sha1 peer:hmac-md5 
default configuration with IPSec enabled on L2TP Server


on RB1100AHx2:
Packet marking not working as in 6.27.
In 6.27 i can easy mark (in mangle table) incoming packet:
- protocol 50-ipsec -> mark 1
- 17-udp (port 4500) -> mark 2
Next using mark matcher i can create separate filter rulles for:
- L2TP/IPSec (mark 0x1)
- L2TP/IPSec with NAT-T (mark 0x2)
- non encrypted L2TP (no mark)

Now in 6.30 decrypted traffic has no mark assigned to IPSec packet in mangle table.

In 6.30 I can use IPSec Policy "in ipsec", but there is no possibility to separate native IPSec from NAT-T
:(
 
mediana
just joined
Posts: 10
Joined: Tue Feb 04, 2014 9:03 am

Re: 6.30 released

Thu Jul 09, 2015 1:30 am

Script to update DynDNS will fail after upgrade to v6.30.
Downgrade to v6.29.1, the same script works.
.. cut..
Take a look here ... http://forum.mikrotik.com/viewtopic.php ... 04#p489204
Hi bajodel:

Thanks. Seems working.
 
mediana
just joined
Posts: 10
Joined: Tue Feb 04, 2014 9:03 am

Re: 6.30 released

Thu Jul 09, 2015 1:38 am

Another problem:

Site to Site IPsec is broken.
RB850Gx2 (Dynamic IP) to Vigor2920 (Fixed IP) don't work after upgrade to v6.30.
Haven't tried between Mikrotik routers yet.
 
User avatar
kometchtech
Member Candidate
Member Candidate
Posts: 194
Joined: Sat Jun 15, 2013 4:25 am
Location: Japan
Contact:

Re: 6.30 released

Thu Jul 09, 2015 1:59 am

Where is RouterBOOT v3.24 changelog in "http://wiki.mikrotik.com/wiki/RouterBOOT_changelog"?
According to heard, is Protect RouterBOOT related fixes.
For your device only change is that protected routerboot was not working
correctly. Now it is. You can disable pin hole reset now.
--
Routerboard Users Group JP
http://www.rb-ug.jp/
CCR1009-8G-1S-1S+, RB750Gr3, CRS226-24G-2S+, RB850Gx2, RB960PGS, CRS317-1G-16S+,
RB2011UAS, CRS125-24G-1S, RB962UiGS-5HacT2HnT, CRS212-1G-10S-1S+, RB3011UiAS
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 985
Joined: Fri Aug 10, 2012 6:46 am
Location: Jackson, MS, USA
Contact:

Re: 6.30 released

Thu Jul 09, 2015 2:35 am

Thanks MikroTik.

Just tested the new IPSEC key feature of EoIP and it works very well.....Great feature!
Global - MikroTik Support & Consulting - English | Francais | Español | Portuguese +1 855-645-7684
https://iparchitechs.com/services/mikro ... l-support/ mikrotiksupport@iparchitechs.com
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5913
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: 6.30 released

Thu Jul 09, 2015 9:01 am

upgraded from 6.27 (because of problems with l2tp/ipsec in 6.28 and 6.29)


on RB2011UAS-2HnD:
L2TP/IPSec still not working
20:24:42 ipsec,error key length mismatched, mine:128 peer:256. 
20:24:42 ipsec,error authtype mismatched: my:hmac-sha1 peer:hmac-md5 
default configuration with IPSec enabled on L2TP Server
But error says it all you have mismatched auth types.
Now in 6.30 decrypted traffic has no mark assigned to IPSec packet in mangle table.
See these examples
http://wiki.mikrotik.com/wiki/Manual:IP ... ed_Traffic
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5913
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: 6.30 released

Thu Jul 09, 2015 9:06 am

Site to Site IPsec is broken.
RB850Gx2 (Dynamic IP) to Vigor2920 (Fixed IP) don't work after upgrade to v6.30.
Haven't tried between Mikrotik routers yet.

*) ipsec - fail ph2 negitioation when initiator proposed key length
does not match proposal configuration;

Make sure key lengths are identical.
 
becs
MikroTik Support
MikroTik Support
Posts: 477
Joined: Thu Jul 07, 2011 8:26 am

Re: 6.30 released

Thu Jul 09, 2015 9:09 am

#Edit
Image
The bug is still continuing. Only occurs when the port is connected but unused. Example: Using switch unmanaged.

By using the door with a computer for example, displays the correct data from the same use. Now, if the same stop using the door, and turns off when passing +/- 5 minutes, back to send packets from one port to the other, while the other is not in use, is connected only.
@Nick
If there is a broadcast traffic, then it is normal behaviour that router sends it out to all connected bridge ports. You should check and verify it with packet sniffer on ether4 port.

In case you are not expecting router to do it, write email to MikroTik support with included supout.rif file to investigate this issue.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5913
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: 6.30 released

Thu Jul 09, 2015 9:10 am

How to use execute? (mAP)
[admin@MikroTik] > :execute script={interface print} file=test.txt
[admin@MikroTik] > 
No error in sintax
[admin@MikroTik] > file print
 # NAME                        TYPE                              SIZE CREATION-TIME       
 0 flash                       disk                                   jan/01/1970 00:00:00
 1 pub                         directory                              jul/08/2015 20:13:55
 2 flash/skins                 directory                              jan/01/1970 00:00:03
[admin@MikroTik] > 
but no file
Currently "file" is not working, we will add this feature correctly in next ROS release.
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24077
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: 6.30 released

Thu Jul 09, 2015 9:16 am

I was meaning I can't find ANY wireless package: I don't find both wireless-fp and wireless-cm2. I don't think that SMIPS ever had the plain wireless package at all. Are the features included into the system package?
I try to be more clear. I still can't find any wireless*.npk in the "extra packages" .zip file for the SMIPS architecture (hAP). Am I missing something?
you are right. we will fix it. however, the package does exist for the "check for updates" procedure to work. It is just not in the ZIP.
No answer to your question? How to write posts
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24077
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: 6.30 released

Thu Jul 09, 2015 9:18 am

How to use execute? (mAP)
[admin@MikroTik] > :execute script={interface print} file=test.txt
[/quote]

known issue,  v6.30.1  will have fix.
No answer to your question? How to write posts
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24077
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: 6.30 released

Thu Jul 09, 2015 9:20 am

'execute' in not running scheduler.
known issue, v6.30.1 will have fix
No answer to your question? How to write posts
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24077
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: 6.30 released

Thu Jul 09, 2015 9:20 am

After upgrading, the Quick Set has changed from 'Home AP' to 'WISP AP'
could it be that you used regular wireless.npk before? now this package is discontinued, wireless-fp is now default. it is possible that changing the package changed the mode.
No answer to your question? How to write posts

Who is online

Users browsing this forum: No registered users and 3 guests