MikroTik Changelogs
← Back to search All components

Component: ipsec

511 changelog entries across 207 version(s)

Releases by channel (stacked)

7.22.2 Stable 2026-Apr-22 (1 week ago)
  • fixed expired SA handling to prevent “no such item” errors during listing;
7.21.4 Long-term 2026-Apr-21 (1 week ago)
  • improved aes256-ctr stability on L009;
  • removed modp8192 proposal on MIPS architectures;
7.23rc1 Testing 2026-Apr-14 (2 weeks ago)
  • improved NAT encapsulation parameter forwarding;
7.23beta2 Development 2026-Mar-13 (1 month ago)
  • added netlink-based SA and policy handling;
  • fixed SA proto parameter conversion and policy "none" type handling;
7.22 Stable 2026-Mar-09 (1 month ago)
  • added "none" option to IPsec key QKD certificate field;
  • added IKEv2 DDoS cookie activation setting;
  • added logging for IPsec policy template group;
  • added logging of IKEv2 connection SPI and initiator address;
  • adjusted minimum generated PSK key length;
  • fixed IKEv2 child policy reqid lost on rekey;
  • fixed IKEv2 child reqid handling on traffic selector update;
  • improved aes256-ctr stability on L009;
  • removed modp8192 proposal on MIPS architectures;
7.22rc3 Testing 2026-Feb-26 (2 months ago)
  • improved aes256-ctr stability on L009;
7.22rc2 Testing 2026-Feb-17 (2 months ago)
  • removed modp8192 proposal on MIPS architectures;
7.21 Stable 2026-Jan-12 (3 months ago)
  • fixed CHACHA20 typo in log messages;
  • support Post-Quantum Pre-shared Key (PPK) with QKD integration (CLI only);
7.22beta1 Development 2026-Jan-02 (4 months ago)
  • added "none" option to IPsec key QKD certificate field;
  • added IKEv2 DDoS cookie activation setting;
  • added logging for IPsec policy template group;
  • added logging of IKEv2 connection SPI and initiator address;
  • adjusted minimum generated PSK key length;
  • fixed IKEv2 child policy reqid lost on rekey;
  • fixed IKEv2 child reqid handling on traffic selector update;
7.21beta4 Testing 2025-Oct-28 (6 months ago)
  • support Post-Quantum Pre-shared Key (PPK) with QKD integration (CLI only) (additional fixes);
7.21beta2 Testing 2025-Oct-06 (6 months ago)
  • fixed CHACHA20 typo in log messages;
  • support Post-Quantum Pre-shared Key (PPK) with QKD integration;
7.20 Stable 2025-Sep-29 (7 months ago)
  • fixed degraded IPsec performance for IPQ-6010 (introduced in v7.17);
  • move raw RSA keys to /ip/ipsec/key/rsa;
7.20beta5 Testing 2025-Jul-03 (9 months ago)
  • fixed responder on key exchange compute failure (introduced in v7.19);
7.19.2 Stable 2025-Jun-20 (10 months ago)
  • fixed responder on key exchange compute failure (introduced in v7.19);
7.20beta4 Testing 2025-Jun-13 (10 months ago)
  • move raw RSA keys to /ip/ipsec/key/rsa;
7.20beta2 Testing 2025-May-27 (11 months ago)
  • fixed degraded IPsec performance for IPQ-6010 (introduced in v7.17);
7.19 Stable 2025-May-22 (11 months ago)
  • fixed system failure on MMIPS devices when using IPsec services;
  • lower standalone cipher, hash priority when using ctr aead;
7.19rc1 Testing 2025-Apr-28 (1 year ago)
  • fixed system failure on MMIPS devices when using IPsec services;
7.19beta8 Testing 2025-Apr-04 (1 year ago)
  • lower standalone cipher, hash priority when using ctr aead;
7.18 Stable 2025-Feb-24 (1 year ago)
  • added hardware acceleration support for hEX refresh;
  • fixed chacha20 poly1305 proposal;
  • fixed installed SAs update process when SAs are removed;
7.18beta6 Testing 2025-Feb-12 (1 year ago)
  • added hardware acceleration support for hEX refresh (additional fixes);
7.18beta4 Testing 2025-Jan-31 (1 year ago)
  • fixed chacha20 poly1305 proposal;
7.17.1 Stable 2025-Jan-30 (1 year ago)
  • fixed chacha20 poly1305 proposal;
  • fixed installed SAs update process when SAs are removed;
7.18beta2 Testing 2025-Jan-21 (1 year ago)
  • added hardware acceleration support for EN7562CT (hEX refresh);
  • fixed installed SAs update process when SAs are removed;
7.17 Stable 2025-Jan-16 (1 year ago)
  • ike2 improved process for policies;