MikroTik Changelogs
← Back to search All components

Component: ipsec

511 changelog entries across 207 version(s)

Releases by channel (stacked)

6.44beta50 Testing 2018-Dec-17 (7 years ago)
  • improved invalid policy handling when a valid policy is uninstalled;
6.43.7 Stable 2018-Nov-30 (7 years ago)
  • fixed hw-aead (H) flag presence under Installed SAs on startup;
  • improved stability when uninstalling multiple SAs at once;
  • properly handle peer profiles on downgrade;
  • properly update warnings under peer menu;
6.44beta40 Testing 2018-Nov-28 (7 years ago)
  • fixed active connection killing when changing peer configuration;
  • made peers autosort themselves based on reachability status;
  • moved "profile" menu outside "peer" menu (CLI only);
6.44beta39 Testing 2018-Nov-27 (7 years ago)
  • added new "remote-id" peer matcher (CLI only);
  • allow to specify single address instead of IP pool under "mode-config";
  • hide empty prefixes on "peer" menu;
  • made dynamic "src-nat" rule more specific;
  • made peers autosort themselves based on reachability status;
  • properly detect AES-NI extension as hardware AEAD;
  • properly handle peer profiles on downgrade;
  • removed limitation that allowed only single "auth-method" with the same "exchange-mode" as responder;
6.42.10 Long-term 2018-Nov-14 (7 years ago)
  • fixed hw-aead (H) flag presence under Installed SAs on startup;
  • improved stability when uninstalling multiple SAs at once;
  • properly update warnings under peer menu;
6.44beta28 Testing 2018-Oct-29 (7 years ago)
  • added basic pre-shared-key strength checks;
  • fixed hw-aead (H) flag presence under Installed SAs on startup;
  • improved stability when uninstalling multiple SAs at once;
  • made peers autosort themselves based on reachability status;
  • properly update warnings under peer menu;
6.43.4 Stable 2018-Oct-17 (7 years ago)
  • allow multiple peers to the same address with different local-address (introduced in v6.43);
6.44beta14 Testing 2018-Oct-01 (7 years ago)
  • added account log message when user is successfully authenticated;
  • allow multiple peers to the same address with different local-address (introduced in v6.43);
  • fixed stability issues after changing peer configuration (introduced in v6.43);
  • improved invalid policy handling when a valid policy is uninstalled;
6.42.9 Long-term 2018-Sep-27 (7 years ago)
  • improved invalid policy handling when a valid policy is uninstalled;
  • improved stability when using IPsec with disabled route cache;
6.43 Stable 2018-Sep-06 (7 years ago)
  • added "responder" parameter for "mode-config" to allow multiple initiator configurations;
  • added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule;
  • added warning messages for incorrect peer configuration;
  • do not allow removal of "proposal" and "mode-config" entries that are in use;
  • fixed AES-192-CTR fallback to software AEAD on ARM devices with wireless and RB3011UiAS-RM;
  • fixed AES-CTR and AES-GCM key size proposing as initiator;
  • fixed "static-dns" value storing;
  • improved invalid policy handling when a valid policy is uninstalled;
  • improved reliability on generated policy addition when IKEv1 or IKEv2 used;
  • improved stability when using IPsec with disabled route cache;
  • install all DNS server addresses provided by "mode-config" server;
  • separate phase1 proposal configuration from peer menu;
  • use monotonic timer for SA lifetime check;
6.43rc66 Testing 2018-Aug-28 (7 years ago)
  • added "responder" parameter for "mode-config" to allow multiple initiator configurations;
  • fixed AES-192-CTR fallback to software AEAD on ARM devices with wireless and RB3011UiAS-RM;
  • fixed "static-dns" value storing;
  • improved invalid policy handling when a valid policy is uninstalled;
  • separate phase1 proposal configuration from peer menu;
6.43rc64 Testing 2018-Aug-23 (7 years ago)
  • added warning messages for incorrect peer configuration;
  • improved stability when using IPsec with disabled route cache;
6.40.9 Long-term 2018-Aug-20 (7 years ago)
  • fixed policies becoming invalid if added after a disabled policy;
6.42.7 Stable 2018-Aug-17 (7 years ago)
  • fixed "sa-src-address" deduction from "src-address" in tunnel mode;
  • improved invalid policy handling when a valid policy is uninstalled;
6.43rc56 Testing 2018-Aug-13 (7 years ago)
  • added warning messages for incorrect peer configuration;
  • separate phase1 proposal configuration from peer menu;
6.43rc51 Testing 2018-Aug-01 (7 years ago)
  • fixed "sa-src-address" deduction from "src-address" in tunnel mode;
  • fixed "static-dns" value storing (CLI only);
  • fixed AES-CTR and AES-GCM key size proposing as initiator;
6.43rc45 Testing 2018-Jul-17 (7 years ago)
  • improved invalid policy handling when a valid policy is uninstalled;
6.42.4 Stable 2018-Jun-15 (7 years ago)
  • improved reliability on IPsec hardware encryption for RB1100Dx4;
6.43rc29 Testing 2018-Jun-13 (7 years ago)
  • improved reliability on IPsec hardware encryption for RB1100Dx4;
6.43rc27 Testing 2018-Jun-12 (7 years ago)
  • use monotonic timer for SA lifetime check;
6.43rc23 Testing 2018-Jun-05 (7 years ago)
  • added "responder" parameter for "mode-config" to allow multiple initiator configurations;
  • separate phase1 proposal configuration from peer menu;
6.43rc14 Testing 2018-May-18 (7 years ago)
  • improved reliability on generated policy addition when IKEv1 or IKEv2 used;
6.42.2 Stable 2018-May-17 (7 years ago)
  • fixed policies becoming invalid if added after a disabled policy;
  • improved reliability on IPsec hardware encryption for ARM devices except RB1100Dx4;
6.43rc12 Testing 2018-May-11 (7 years ago)
  • improved reliability on IPsec hardware encryption for ARM devices except RB1100Dx4;
6.43rc5 Testing 2018-Apr-25 (8 years ago)
  • fixed policies becoming invalid if added after a disabled policy;