MikroTik Changelogs
← Back to search All components

Component: ipsec

511 changelog entries across 207 version(s)

Releases by channel (stacked)

7.17beta5 Testing 2024-Nov-13 (1 year ago)
  • ike2 improved process for policies;
7.16 Stable 2024-Sep-20 (1 year ago)
  • changed default dpd-interval from 2 minutes to 8 seconds and dpd-maximum-failures from 5 to 4;
  • improved installed SA statistics update;
7.16rc3 Testing 2024-Aug-26 (1 year ago)
  • fixed setting "static-dns" for mode configuration (introduced in v7.16beta1);
7.16beta7 Testing 2024-Jul-25 (1 year ago)
  • improved installed SA statistics update;
  • improved performance by balancing multicore CPU usage for key exchange calculation;
7.16beta3 Testing 2024-Jun-27 (1 year ago)
  • improved performance by balancing multicore CPU usage;
7.16beta2 Testing 2024-Jun-12 (1 year ago)
  • changed default dpd-interval from 2 minutes to 8 seconds and dpd-maximum-failures from 5 to 4;
7.12 Stable 2023-Nov-09 (2 years ago)
  • fixed Diffie-Hellman public value encoding size;
  • fixed IPSec policy when using modp3072;
  • fixed minor typo in logs;
  • reduce disk writes when started without active configuration;
7.12beta7 Testing 2023-Sep-13 (2 years ago)
  • fixed Diffie-Hellman public value encoding size;
  • fixed minor typo in logs;
  • reduce disk writes when started without active configuration;
7.11.1 Stable 2023-Aug-30 (2 years ago)
  • fixed IPSec policy when using modp3072;
7.12beta3 Testing 2023-Aug-24 (2 years ago)
  • fixed IPSec policy when using modp3072;
7.11 Stable 2023-Aug-15 (2 years ago)
  • fixed public key export (introduced in v7.10);
  • fixed signature authentication using secp521r1 certificate (introduced in v7.10);
  • improved IKE2 rekey process;
  • properly check ph2 approval validity when using IKE1 exchange mode;
7.11rc3 Testing 2023-Aug-09 (2 years ago)
  • fixed public key export (introduced in v7.10);
  • fixed signature authentication using secp521r1 certificate (introduced in v7.10);
7.11beta4 Testing 2023-Jul-05 (2 years ago)
  • improved IKE2 rekey process;
  • properly check ph2 approval validity when using IKE1 exchange mode;
7.10 Stable 2023-Jun-15 (2 years ago)
  • added hardware acceleration support for IPQ-5010 (hAP ax lite);
  • refactor public key authentication;
  • removed "ec2n185" and "ec2n155" values from proposal configurations;
7.10beta8 Testing 2023-May-22 (2 years ago)
  • added hardware acceleration support for IPQ-5010 (hAP ax lite);
  • removed "ec2n185" and "ec2n155" values from proposal configurations;
7.10beta5 Testing 2023-May-09 (2 years ago)
  • added hardware acceleration support for IPQ-5010 (hAP ax lite);
  • refactor public key authentication;
7.9 Stable 2023-May-02 (3 years ago)
  • added error log message when peer ID does not match certificate;
  • fixed packet processing by hardware encryption engine on RB850Gx2 device;
  • refactor X.509 implementation;
7.9rc1 Testing 2023-Mar-30 (3 years ago)
  • added error log message when peer ID does not match certificate;
  • improved handling of configuration that refers to non-existent certificate (introduced in v7.9beta4);
7.9beta4 Testing 2023-Mar-23 (3 years ago)
  • fixed packet processing by hardware encryption engine on RB850Gx2 device;
  • refactor X.509 implementation;
7.8 Stable 2023-Feb-24 (3 years ago)
  • added support for "Framed-Route" RADIUS attribute support;
  • do not match incoming IKE requests by unresolved DNS name peers;
  • fixed peer matcher for incoming connection with unresolved DNS;
7.8beta3 Testing 2023-Feb-01 (3 years ago)
  • fixed peer matcher for incoming connection with unresolved DNS;
7.8beta2 Testing 2023-Jan-20 (3 years ago)
  • added support for "Framed-Route" RADIUS attribute support;
  • do not match incoming IKE requests by unresolved DNS name peers;
7.7 Stable 2023-Jan-12 (3 years ago)
  • added "current-address" parameter for peers with DNS address;
  • added hardware acceleration support for IPQ-6010;
  • added support for AVX optimized SHA acceleration;
  • improved "H" (hw-aead) flag presence for accelerated SA's;
  • improved IKE payload processing;
  • improved configuration of IPsec proposal auth-algorithms;
  • removed Blowfish and Camellia encryption algorithms for IKE;
7.7rc2 Testing 2022-Dec-16 (3 years ago)
  • improved IKE payload processing;
7.7rc1 Testing 2022-Dec-08 (3 years ago)
  • added "current-address" parameter for peers with DNS address;