MikroTik Changelogs
← Back to search All components

Component: ike2

257 changelog entries across 109 version(s)

Releases by channel (stacked)

6.48beta58 Testing 2020-Nov-24 (5 years ago)
  • improved EAP message integrity checking;
6.48beta48 Testing 2020-Oct-14 (5 years ago)
  • added support for IKEv2 Message Fragmentation (RFC7383);
  • fixed EAP MSK length validation;
  • fixed too small payload parsing;
6.46.7 Long-term 2020-Sep-07 (5 years ago)
  • fixed local side NAT detection;
  • fixed policy reference for pending acquire;
  • retry RSA signature validation with deduced digest from certificate;
6.48beta35 Testing 2020-Sep-02 (5 years ago)
  • fixed local side NAT detection;
6.47.3 Stable 2020-Sep-01 (5 years ago)
  • fixed local side NAT detection;
6.47.1 Stable 2020-Jul-08 (5 years ago)
  • fixed initiator child SA init without policy;
  • fixed policy reference for pending acquire;
  • retry RSA signature validation with deduced digest from certificate;
6.48beta12 Testing 2020-Jul-06 (5 years ago)
  • added "prf-algorithm" support for phase 1;
  • fixed initiator child SA init without policy;
  • fixed policy reference for pending acquire;
  • improved child SA rekeying process;
  • retry RSA signature validation with deduced digest from certificate;
6.47 Stable 2020-Jun-02 (5 years ago)
  • added support for "INTERNAL_DNS_DOMAIN" payload attribute;
  • added support for RADIUS Disconnect-Request message handling;
  • added support for RFC8598;
  • allow initiator address change before authentication;
  • fixed authentication handling when initiator disconnects before RADIUS response;
6.47rc2 Testing 2020-May-25 (5 years ago)
  • added support for RFC8598;
  • allow initiator address change before authentication;
  • fixed authentication handling when initiator disconnects before RADIUS response;
6.47beta60 Testing 2020-Apr-24 (6 years ago)
  • added support for RADIUS Disconnect-Request message handling;
6.46.4 Stable 2020-Feb-21 (6 years ago)
  • fixed DHCP Inform package handling when received on PPPoE interface;
6.47beta32 Testing 2020-Feb-10 (6 years ago)
  • added support for "INTERNAL_DNS_DOMAIN" payload attribute;
  • fixed DHCP Inform package handling when received on PPPoE interface;
6.46 Stable 2019-Dec-02 (6 years ago)
  • improved CHILD SA rekey process with Apple iOS 13;
  • improved stability when retransmitting first packet as responder;
6.46beta68 Testing 2019-Nov-21 (6 years ago)
  • improved stability when retransmitting first packet as responder;
6.46beta59 Testing 2019-Oct-25 (6 years ago)
  • improved CHILD SA rekey process with Apple iOS 13;
6.45.7 Stable 2019-Oct-24 (6 years ago)
  • fixed phase 1 rekeying (introduced in v6.45);
6.44.6 Long-term 2019-Oct-24 (6 years ago)
  • fixed policy port selection for responder with natted initiator;
  • fixed traffic selector address family selection when using IPv6;
6.46beta44 Testing 2019-Sep-19 (6 years ago)
  • fixed phase 1 rekeying (introduced in v6.45);
6.45.5 Stable 2019-Aug-26 (6 years ago)
  • don't release policy on rekey when child not found;
  • fixed ID validation with multiple SAN;
  • fixed policy port selection for responder with natted initiator;
  • fixed traffic selector address family selection when using IPv6;
  • improved rekeying process with Windows initiators;
  • properly start all initiators to the same remote address;
6.46beta34 Testing 2019-Aug-22 (6 years ago)
  • fixed IPv6 policy generation (introduced in v6.46beta28);
  • fixed traffic selector address family selection when using IPv6;
  • properly start all initiators to the same remote address;
6.46beta28 Testing 2019-Aug-08 (6 years ago)
  • don't release policy on rekey when child not found;
  • fixed ID validation with multiple SAN;
  • fixed policy port selection for responder with natted initiator;
  • improved rekeying process with Windows initiators;
6.45.1 Stable 2019-Jun-27 (6 years ago)
  • added support for ECDSA certificate authentication (rfc4754);
  • added support for IKE SA rekeying for initiator;
  • do not send "User-Name" attribute to RADIUS server if not provided;
  • improved certificate verification when multiple CA certificates received from responder;
  • improved child SA rekeying process;
  • improved XAuth identity conversion on upgrade;
  • prefer SAN instead of DN from certificate for ID payload;
6.45beta54 Testing 2019-May-24 (6 years ago)
  • added support for IKE rekeying for initiator;
  • improved child SA rekeying process;
6.45beta50 Testing 2019-May-20 (6 years ago)
  • fixed pre-shared-key authentication failure (introduced in v6.45beta34);
  • improved certificate verification when multiple CA certificates received from responder;
6.45beta37 Testing 2019-Apr-25 (7 years ago)
  • fixed first child SA generation (introduced in v6.45beta34);