MikroTik Changelogs
← Back to search All components

Component: ike2

257 changelog entries across 109 version(s)

Releases by channel (stacked)

7.8 Stable 2023-Feb-24 (3 years ago)
  • added support for "address", "key-id" and "dn" for Remote ID matching (CLI only);
  • fixed active SA flush on responder after an unsuccessful peer connection attempt;
7.8beta3 Testing 2023-Feb-01 (3 years ago)
  • fixed active SA flush on responder after an unsuccessful peer connection attempt;
7.8beta2 Testing 2023-Jan-20 (3 years ago)
  • added support for "address", "key-id" and "dn" for Remote ID matching (CLI only);
7.7 Stable 2023-Jan-12 (3 years ago)
  • added support for ChaChaPoly1305 encryption;
  • added support for DH Group 31 (EC25519) (CLI only);
  • fixed rekey notify creation;
  • improved certificate payload parsing;
7.7rc5 Testing 2023-Jan-11 (3 years ago)
  • added support for ChaChaPoly1305 encryption;
7.7rc3 Testing 2022-Dec-21 (3 years ago)
  • added support for ChaChaPoly1305 encryption;
7.7beta9 Testing 2022-Nov-30 (3 years ago)
  • fixed rekey notify creation;
7.7beta8 Testing 2022-Nov-23 (3 years ago)
  • improved certificate payload parsing;
7.7beta6 Testing 2022-Nov-04 (3 years ago)
  • added support for ChaChaPoly1305 encryption (CLI only);
  • added support for DH Group 31 (EC25519) (CLI only);
7.5 Stable 2022-Aug-30 (3 years ago)
  • allow sending certificate chain as initiator;
7.5rc1 Testing 2022-Aug-19 (3 years ago)
  • allow sending certificate chain as initiator;
7.5beta8 Testing 2022-Aug-09 (3 years ago)
  • allow sending certificate chain as initiator;
7.2 Stable 2022-Mar-31 (4 years ago)
  • ignore "INITIAL-CONTACT" payload on responder when "send-initial-contact" is disabled;
7.2rc2 Testing 2022-Jan-28 (4 years ago)
  • ignore "INITIAL-CONTACT" payload on responder when "send-initial-contact" is disabled;
6.49 Stable 2021-Oct-06 (4 years ago)
  • added support for ASN.1 DN "my-id" value setting for initiators;
  • check if TS is still valid after obtaining SPI;
  • fixed initiator packet retransmit with DDOS cookie;
6.48.5 Long-term 2021-Sep-21 (4 years ago)
  • check if TS is still valid after obtaining SPI;
6.48.4 Stable 2021-Aug-18 (4 years ago)
  • added "MS-CHAP-Domain" attribute to RADIUS requests;
6.49beta54 Testing 2021-Jul-05 (4 years ago)
  • added "MS-CHAP-Domain" attribute to RADIUS requests;
  • added support for ASN.1 DN "my-id" value setting for initiators;
  • check if TS is still valid after obtaining SPI;
6.49beta44 Testing 2021-May-12 (4 years ago)
  • added "MS-CHAP-Domain" attribute to RADIUS requests;
6.49beta36 Testing 2021-Apr-23 (5 years ago)
  • fixed initiator packet retransmit with DDOS cookie;
6.48.2 Stable 2021-Apr-09 (5 years ago)
  • added "MS-CHAP-Domain" attribute to RADIUS requests;
  • fixed DH group negotiation with EAP;
  • fixed EAP MSK length validation (introduced in v6.48);
  • fixed initial traffic selector's protocol and port in transport mode;
6.49beta22 Testing 2021-Mar-08 (5 years ago)
  • fixed DH group negotiation with EAP;
  • fixed initial traffic selector's protocol and port in transport mode;
6.48.1 Stable 2021-Feb-03 (5 years ago)
  • fixed phase 2 rekeying with enabled PFS (introduced in v6.48);
  • improved stability when invalid certificate is configured (introduced in v6.48);
  • properly register packet time after expensive CPU operations;
6.49beta11 Testing 2021-Feb-01 (5 years ago)
  • added support for ASN.1 DN "my-id" value setting for initiators;
  • fixed EAP MSK length validation (introduced in v6.48);
  • fixed phase 2 rekeying with enabled PFS (introduced in v6.48);
  • improved stability when invalid certificate is configured (introduced in v6.48);
  • properly register packet time after expensive CPU operations;
6.48 Stable 2020-Dec-22 (5 years ago)
  • added "prf-algorithm" support for phase 1;
  • added support for IKEv2 Message Fragmentation (RFC7383);
  • fixed EAP MSK length validation;
  • fixed too small payload parsing;
  • improved EAP message integrity checking;
  • improved child SA rekeying process;