MikroTik RouterOS ARM Firmware 6.45 RC 62

MikroTik RouterOS ARM Firmware 6.45 RC 62

MikroTik RouterOS ARM Firmware 6.45 RC 62 Download Summary

  • File size: 13.20 MB
  • Platform: OS Independent
  • Price: FREE DOWNLOAD
  • Downloads: 166
  • Released: June 15, 2019
  • Manufacturer URL: Mikrotik

MikroTik RouterOS ARM Firmware 6.45 RC 62

Important note!!!

- Downgrading to any version prior to v6.43 (v6.42.12 and older) will clear all user passwords and allow password-less authentication. Please secure your router after downgrading.

MAJOR CHANGES IN v6.45:

- dot1x - added support for IEEE 802.1X Port-Based Network Access Control;
- ike2 - added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap, eap-mschapv2) as initiator;
- user - removed insecure password storage;

Changes in this release:

- dot1x - added support for IEEE 802.1X Port-Based Network Access Control;
- ike2 - added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap, eap-mschapv2) as initiator;
- bridge - correctly handle bridge host table;
- capsman - fixed CAP system upgrading process for MMIPS;
- certificate - added "key-type" field;
- certificate - added support for ECDSA certificates (prime256v1, secp384r1, secp521r1);
- crs3xx - fixed "tx-drop" counter;
- defconf - fixed channel width selection for RU locked devices;
- dhcpv4-server - added "client-mac-limit" parameter;
- dhcpv6-client - added option to disable rapid-commit;
- dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
- dhcpv6-server - added "address-list" support for bindings;
- dhcpv6-server - added "insert-queue-before" and "parent-queue" parameters;
- dhcpv6-server - added RADIUS accounting support with queue based statistics;
- dhcpv6-server - added "route-distance" parameter;
- e-mail - properly release e-mail sending session if the server's domain name can not be resolved;
- ipsec - added dynamic comment field for "active-peers" menu inherited from identity;
- ipsec - added "ph2-total" counter to "active-peers" menu;
- ipsec - added support for RADIUS accounting for "eap-radius" and "pre-shared-key-xauth" authentication methods;
- ipsec - added traffic statistics to "active-peers" menu;
- ipsec - disallow setting "src-address" and "dst-address" for transport mode policies;
- ipsec - renamed "remote-peers" to "active-peers";
- ltap - renamed SIM slots "up" and "down" to "2" and "3";
- lte - added passthrough interface subnet selection;
- lte - fixed LTE interface running state on RBSXTLTE3-7 (introduced in v6.45beta);
- m33g - added support for additional Serial Console port on GPIO headers;
- routerboard - renamed 'sim' menu to 'modem';
- snmp - fixed "send-trap" not working when "trap-generators" does not contain "temp-exception";
- snmp - improved reliability on SNMP service packet validation;
- winbox - added "System/SwOS" menu for all dual-boot devices;
- winbox - do not allow setting "dns-lookup-interval" to "0";

Other changes since v6.44.3:

- bridge - correctly add interface list as bridge port (introduced in v6.45beta34);
- bridge - correctly display bridge FastPath status when vlan-filtering or dhcp-snooping is used;
- bridge - fixed log message when hardware offloading is being enabled;
- bridge - fixed port running state for non-ethernet interfaces (introduced in v6.45beta33);
- capsman - fixed interface-list usage in access list;
- ccr - improved packet processing after overloading interface;
- certificate - added "key-type" field (CLI only);
- certificate - added support for ECDSA certificates (prime256v1, secp384r1, secp521r1) (CLI only);
- certificate - made RAM the default CRL storage location;
- certificate - removed DSA (D) flag;
- cloud - added "replace" parameter for backup "upload-file" command;
- conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
- conntrack - significant stability and performance improvements;
- crs317 - fixed known multicast flooding to the CPU;
- crs3xx - added ethernet tx-drop counter;
- crs3xx - correctly display auto-negotiation information for SFP/SFP+ interfaces in 1Gbps rate;
- crs3xx - correctly handle switch reset (introduced in v6.45beta31);
- crs3xx - fixed auto negotiation when 2-pair twisted cable is used (downshift feature);
- crs3xx - improved switch-chip resource allocation on CRS326, CRS328, CRS305;
- defconf - added "custom-script" field that prints custom configuration installed by Netinstall;
- defconf - automatically set "installation" parameter for outdoor devices;
- defconf - changed default configuration type to AP for cAP series devices;
- dhcp - create dual stack queue based on limitations specified on DHCPv4 server lease configuration;
- dhcp - do not require lease and binding to have the same configuration for dual-stack queues;
- dhcp - show warning in log if lease and binding dual-stack related parameters do not match and create separate queues;
- dhcpv4-server - added "client-mac-limit" parameter (CLI only);
- dhcpv4-server - added RADIUS accounting support with queue based statistics;
- dhcpv4-server - added "vendor-class-id" matcher (CLI only);
- dhcpv4-server - improved stability when performing "check-status" command;
- dhcpv4-server - replaced "busy" lease status with "conflict" and "declined";
- dhcpv6-client - added option to disable rapid-commit (CLI only);
- dhcpv6-client - fixed status update when leaving "bound" state;
- dhcpv6-server - added "address-list" support for bindings (CLI only);
- dhcpv6-server - added "insert-queue-before" and "parent-queue" parameters (CLI only);
- dhcpv6-server - added RADIUS accounting support with queue based statistics;
- dhcpv6-server - added "route-distance" parameter (CLI only);
- dhcpv6-server - fixed dynamic IPv6 binding without proper reference to the server;
- dhcpv6-server - override prefix pool and/or DNS server settings by values received from RADIUS;
- discovery - correctly create neighbors from VLAN tagged discovery messages;
- discovery - fixed CDP packets not including address on slave ports (introduced in v6.44);
- discovery - improved neighbour's MAC address detection;
- discovery - limit max neighbour count per interface based on total RAM memory;
- discovery - show neighbors on actual mesh ports;
- e-mail - include "message-id" identification field in e-mail header;
- ethernet - added support for 25Gbps and 40Gbps rates;
- ethernet - increased loop warning threshold to 5 packets per second;
- export - fixed SMS "allowed-number" compact export (introduced in v6.45beta);
- fetch - added SFTP support;
- fetch - improved user policy lookup;
- firewall - fixed fragmented packet processing when only RAW firewall is configured;
- firewall - process packets by firewall when accepted by RAW with disabled connection tracking;
- gps - fixed missing minus close to zero coordinates in dd format;
- gps - make sure "direction" parameter is upper case;
- gps - strip unnecessary trailing characters from "longtitude" and "latitude" values;
- hotspot - moved "title" HTML tag after "meta" tags;
- ike1 - adjusted debug packet logging topics;
- ike1 - fixed rekeying process when NAT is detected (introduced in v6.45beta16);
- ike1 - general stability improvements (introduced in v6.45beta);
- ike2 - added support for ECDSA certificate authentication (rfc4754);
- ike2 - added support for IKE SA rekeying for initiator;
- ike2 - do not send "User-Name" attribute to RADIUS server if not provided;
- ike2 - fixed first child SA generation (introduced in v6.45beta34);
- ike2 - fixed pre-shared-key authentication failure (introduced in v6.45beta34);
- ike2 - improved certificate verification when multiple CA certificates received from responder;
- ike2 - improved child SA rekeying process;
- ike2 - improved XAuth identity conversion on upgrade;
- ike2 - prefer SAN instead of DN from certificate for ID payload;
- ippool - improved logging for IPv6 Pool when prefix is already in use;
- ipsec - added dynamic comment field for "active-peers" menu inherited from identity (CLI only);
- ipsec - added "ph2-total" counter to "active-peers" menu (CLI only);
- ipsec - added support for RADIUS accounting for "eap-radius" and "pre-shared-key-xauth" authentication methods (CLI only);
- ipsec - added traffic statistics to "active-peers" menu (CLI only);
- ipsec - do not allow adding identity to a dynamic peer;
- ipsec - fixed policies becoming invalid after changing priority;
- ipsec - general improvements in policy handling;
- ipsec - properly drop already established tunnel when address change detected;
- ipsec - renamed "remote-peers" to "active-peers" (CLI only);
- ipsec - renamed "rsa-signature" authentication method to "digital-signature";
- ipsec - replaced policy SA address parameters with peer setting;
- ipsec - use tunnel name for dynamic IPsec peer name;
- ipv6 - improved system stability when receiving bogus packets;
- lte - added initial support for Vodafone R216-Z;
- lte - added passthrough interface subnet selection;
- lte - added support for manual operator selection;
- lte - allow setting empty APN;
- lte - allow to specify URL for firmware upgrade "firmware-file" parameter;
- lte - do not show error message for info commands that are not supported;
- lte - fixed session reactivation on R11e-LTE in UMTS mode;
- lte - improved firmware upgrade process;
- lte - improved "info" command query;
- lte - improved R11e-4G modem operation;
- lte - renamed firmware upgrade "path" command to "firmware-file" (CLI only);
- lte - show alphanumeric value for operator info;
- lte - show correct firmware revision after firmware upgrade;
- lte - use default APN name "internet" when not provided;
- lte - use secondary DNS for DNS server configuration;
- ospf - added support for link scope opaque LSAs (Type 9) for OSPFv2;
- ospf - fixed opaque LSA type checking in OSPFv2;
- ospf - improved "unknown" LSA handling in OSPFv3;
- ovpn - added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);
- ppp - added initial support for Quectel BG96;
- proxy - increased minimal free RAM that can not be used for proxy services;
- rb3011 - improved system stability when receiving bogus packets;
- rb4011 - fixed MAC address duplication between sfp-sfpplus1 and wlan1 interfaces (wlan1 configuration reset required);
- rb4011 - fixed SFP linking (introduced in v6.45beta6);
- rb921 - improved system stability ("/system routerboard upgrade" required);
- sfp - fixed S-35LC20D transceiver DDMI readouts after reboot;
- sms - added USSD message functionality under "/tool sms" (CLI only);
- sms - allow specifying multiple "allowed-number" values;
- sms - fixed long message parsing (introduced in v6.45beta19);
- sms - improved delivery report logging;
- snmp - added "dot1dStpPortTable" OID;
- snmp - added OID for neighbor "interface";
- snmp - added "write-access" column to community print;
- snmp - allow setting interface "adminStatus";
- snmp - improved reliability on SNMP service packet validation;
- snmp - properly return multicast and broadcast packet counters for IF-MIB OIDs;
- ssh - accept remote forwarding requests with empty hostnames;
- ssh - added new "ssh-exec" command for non-interactive command execution;
- ssh - fixed non-interactive multiple command execution;
- ssh - improved remote forwarding handling (introduced in v6.44.3);
- ssh - improved session rekeying process on exchanged data size threshold;
- ssh - use correct user when "output-to-file" parameter is used;
- supout - added IPv6 ND section to supout file;
- supout - added "kid-control devices" section to supout file;
- supout - added "pwr-line" section to supout file;
- supout - changed IPv6 pool section to output detailed print;
- switch - properly reapply settings after switch chip reset;
- tftp - added "max-block-size" parameter under TFTP "settings" menu (CLI only);
- tile - improved link fault detection on SFP+ ports;
- tr069-client - added LTE CQI and IMSI parameter support;
- tr069-client - fixed potential memory corruption;
- tr069-client - improved error reporting with incorrect firware upgrade XML file;
- traceroute - improved stability when sending large ping amounts;
- traffic-generator - improved stability when stopping traffic generator;
- tunnel - removed "local-address" requirement when "ipsec-secret" is used;
- userman - added support for "Delegated-IPv6-Pool" and "DNS-Server-IPv6-Address" (CLI only);
- w60g - do not show unused "dmg" parameter;
- w60g - prefer AP with strongest signal when multiple APs with same SSID present;
- w60g - show running frequency under "monitor" command;
- winbox - added "System/SwOS" menu for all dual-boot devices;
- winbox - fixed crash when opening CAPsMAN menu (introduced in v6.45beta27);
- winbox - show "LCD" menu only on boards that have LCD screen;
- wireless - fixed 5GHz interface disappearing after upgrade (introduced in v6.45beta19);
- wireless - fixed "country-info" printing (introduced in v6.45beta27);
- wireless - fixed frequency duplication in the frequency selection menu;
- wireless - fixed incorrect IP header for RADIUS accounting packet;
- wireless - improved 160MHz channel width stability on rb4011;
- wireless - improved DFS radar detection when using non-ETSI regulated country;
- wireless - improved installation mode selection for wireless outdoor equipment;
- wireless - set default SSID and supplicant-identity the same as router's identity;
- wireless - updated "china" regulatory domain information;
- wireless - updated "india" regulatory domain information;
- wireless - updated "new zealand" regulatory domain information;
- www - improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);

About Router Firmware:

Before you consider downloading this firmware, go to the system information page of the router and make sure that the currently installed version isn't either newer or matching this release.

Due to the large variety of router models and different methods for upgrading the device, it is highly recommended that you read and, above all, understand the installation steps before you apply the new firmware, even if you are a power user.

In theory, these steps shouldn't be much of a hassle for anyone, because manufacturers try to make them as easy as possible, even if they don't always succeed. Basically, you must upload the new firmware to the router through its administration page and allow it to upgrade.

If you install a new version, you can expect increased security levels, different vulnerability issues to be resolved, improved overall performance and transfer speeds, enhanced compatibility with other devices, added support for newly developed technologies, as well as several other changes.

If you're looking for certain safety measures, remember that it would be best if you perform the upload using an Ethernet cable rather than a wireless connection, which can be interrupted easily. Also, make sure you don't power off the router or use its buttons during the installation, if you wish avoid any malfunctions.

If this firmware meets your current needs, get the desired version and apply it to your router unit; if not, check with our website as often as possible so that you don't miss the update that will improve your device.

MikroTik RouterOS ARM Firmware 6.45 RC 62 Bookmark

Hyperlink code:
Hyperlink for Forum code:

MikroTik RouterOS ARM Firmware 6.45 RC 62 Drivers Download Notice

Top 4 Download periodically updates information of MikroTik RouterOS ARM Firmware 6.45 RC 62 full driver from the manufacturer, but some information may be slightly out-of-date.

Using warez version of MikroTik RouterOS ARM Firmware 6.45 RC 62 driver is hazardous. Our driver download links are directly from our mirrors or publisher's website, MikroTik RouterOS ARM Firmware 6.45 RC 62 torrent files or shared files from free file sharing and free upload services, including Rapidshare, HellShare, HotFile, FileServe, MegaUpload, YouSendIt, MailBigFile, DropSend, MediaMax, zUpload, MyOtherDrive, SendSpace, DepositFiles, Letitbit, LeapFile, DivShare or MediaFire, are not allowed!

It is not recommended to download drivers from illegal sites which distribute a keygens, key generators, pirate keys, serial numbers, warez full versions or cracks for MikroTik RouterOS ARM Firmware 6.45 RC 62. These drivers might corrupt your computer installation or breach your privacy. A driver might contain a trojan horse opening a backdoor on your computer. Hackers can use this backdoor to take control of your computer, copy data from your computer or to use your computer to distribute viruses and spam to other people.