MikroTik RouterOS TILE Firmware 7.15 Beta 6

What's new in 7.15beta6:

- certificate - added support for importing pbes2 encrypted private keys with aes128;
- chr - fixed bogus messages printed out while booting up the system (introduced in v7.14);
- chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);
- ethernet - fixed default names for CRS310-8G+2S+ device (introduced in v7.14);
- lte - make interface persistent (unused interface configs can be removed, allow to export and examine current configuration without the device present);
- package - reduced package size for SMIPS;
- poe-out - improved firmware upgrade stability for AF/AT controlled boards;
- qos-hw - added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only);
- qos-hw - added WRED support for compatible switches;
- route - rework of route attributes;
- sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14);
- ssh - added passphrase option for host key import;
- vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);
- wifi-qcom - improved regulatory compliance for L11, L22 devices;
- wireguard - added peer "name" field and display it in logs;
- wireguard - do not attempt to connect to peer without specified endpoint-address;

Other changes since v7.14:

- system - added support for AMPERE hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package);
- bgp - fixed prefix count when BGP sessions run with multiple AFIs;
- bgp-vpn - use VRF interface as gateway for leaked connected routes;
- branding - added option to hide default configuration prompt;
- branding - added option to hide or replace default caps-mode-script;
- bridge - added MVRP support (CLI only);
- bridge - rename monitor property "path-cost" to "actual-path-cost";
- certificate - added trusted parameter for certificate import;
- chr - allow to "generate-new-id" only while CHR is running on level "free" license;
- console - added "proplist" parameter to interactive commands;
- console - added "type" parameter to ":resolve" command;
- console - added "use-script-permissions" option when running scripts from CLI;
- console - added hotkey "F8" to print entire multiline input;
- console - added log for script execution failures;
- console - added option to get "about" value (dynamically created text field by RouterOS services like CAPsMAN);
- console - added option to read and change file line endings in full-screen editor;
- console - added warning log for modified filenames due to reserved characters;
- console - do not convert string to array in ":deserialize" command;
- console - fixed ":onerror" behavior when "do" block is missing;
- console - fixed "export where" functionality in certain menus;
- console - fixed console prompt when entering hot lock mode with "F7";
- console - fixed do/while implementation not working with variables (introduced in v7.14);
- console - fixed filtering by "dhcp" flag in "/ip/arp" menu;
- console - fixed multiple typos in help;
- console - optimized configuration export to prevent startup of processes without any configuration;
- console - replace reserved characters to backup and certificate export file names with underscores;
- console - show system note before serial login if enabled;
- console - use user permissions when running scripts from WinBox and WebFig;
- discovery - added LLDP MAC/PHY Configuration/Status TLV support;
- discovery - added LLDP Maximum Frame Size TLV support;
- discovery - added LLDP Port Description TLV support;
- discovery - advertise only physical interface name for LLDP PortID TLV;
- discovery - always send LLDP MED Power TLV if MED was received;
- discovery - fixed high CPU utilization when "tx-only" mode is set;
- discovery - optimized LLDP information update;
- disk - added option to auto configure media sharing;
- disk - added support for formatting exfat file-system;
- disk - improved support for formatting ext4 file-system;
- dns - added support for "adlist";
- dns - added VRF support (CLI only);
- dns - improved system stability when caching entries;
- ethernet - fixed management port disable/enable on CCR2004-1G-12S+2XS, CCR2004-1G-2XS-PCIe, CCR2216, CCR2116 devices;
- file - allow adding and renaming files and directories;
- health - added log for fan state changes on CRS3xx, CRS5xx, CCR2xxx, CCR1016r2, CCR1036r2 devices;
- install - cdrom and hdd install images contain additional packages that can be interactively selected;
- lte - apply the same configuration for Microsoft branded EM12-G modem (Surface Mobile Broadband) as for Quectel EM12-G;
- lte - fixed R11e-LTE-US modem dial-up;
- media - added support for DLNA;
- modem - send APN authentication for BG77 modem also if ppp-client interface created manually;
- poe-out - added LLDP power management support for devices with single PoE-out port;
- poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);
- poe-out - moved "PoE LLDP" property from "/interface/ethernet/poe" to "/ip/neighbor/discovery-settings" and enable it by defau<
- ppp - added "Mikrotik-IPV6-Stats-Prefix" option for RADIUS "Delegated-IPv6-Prefix" account by using statistics from dynamic queues;
- ppp - added log when disconnecting a client due to "WISPr-Session-Terminate-Time" RADIUS attribute;
- ppp - fixed "on-down" script running even when tunnel was not up;
- profiler - added "neighbor-discovery" task;
- qos-hw - added ECN marking support for compatible switches;
- qos-hw - added support for QoS profile assignment via ACL rules;
- radius - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Accept/Challenge/Reject messages;
- radius - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;
- route - do not allow routes with empty "dst-address";
- route - fixed bgp-vpn prefix import with the same route distinguisher (RD);
- route - improved system stability;
- route - show route-distinguisher (RD) in route print;
- route-filter - fixed ext community list matcher;
- sfp - added "100M-baseFX" link mode support for compatible devices;
- sfp - added "sfp-ignore-rx-los" setting;
- sfp - fixed link establishment with 100Mbps optical modules (requires "/interface ethernet reset" or adding "100M-baseFX" modes for advertise or speed properties);
- sfp - fixed missing Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases;
- sfp - ignore SFP RX LOS signal for modules with bad EEPROM;
- sfp - improved "sfp-tx-power" value monitoring in certain cases;
- sms - added option to select SMS storage;
- sms - added SMS PDU to SMS inbox "print detail";
- sms - improved SMS handling;
- sms - use "gsm" logging topic for serial modem SMS logs;
- ssh - added passphrase option for host key export;
- ssh - added support for user Ed25519 private keys;
- ssh - export host Ed25519 public key;
- ssh - fixed permissions to run ".auto.rsc" scripts;
- ssh - removed RSA flag for user SSH keys;
- ssh - show key type and key length for user SSH keys;
- sstp - disconnect clients when server is disabled;
- switch - added support for multiple ingress and egress port mirroring on 98DXxxxx switches;
- switch - added support for RSPAN mirroring on 98DXxxxx switches;
- switch - fixed L3HW and QoS monitor during switch reset;
- system - added resource values (Product name, File name and File version) for Windows executable files;
- traffic-flow - detect IPv4 source address if not set;
- userman - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Request messages;
- userman - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;
- vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;
- vlan - fixed MTU reset on bridge after reboot;
- wifi - do not report disabled state for CAPsMAN managed interface;
- wifi - fixed configuration export for "disabled" property;
- wifi - improve channel selection after radar detection events;
- wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
- wifi - report current CAPsMAN address and identity on CAP;
- winbox - added "Download" and "Flush" buttons under "System/Certificates/CRL" menu;
- winbox - added "Flat Snoop" button under "WiFi" menu;
- winbox - added "Request logout" button under "System/Users/Active Users" menu;
- winbox - added "Trusted" checkbox under "System/Certificates/Import" menu;
- winbox - added invalid flag under "IP/DHCP Relay" menu;
- winbox - added missing SFP monitoring properties under "Interface/SFP" menu;
- winbox - allow to specify "M" or "G" postfix for download, upload or total limits under "User Manager/Limitations" menu;
- winbox - show "Valid Servers" and "Unknown Servers" column by default under "IP/DHCP Server/Alerts" menu;
- winbox - show SIM settings for SXTR device under "Interfaces/LTE/Modem" menu;
- wireguard - fixed "auto" argument usage for "private-key" and "preshared-key" settings;
- x86 - fixed ixgbe Tx hang by disabling TSO;
- x86 - ice driver update to v1.13.7;
- x86 - ixgbe driver update to 5.19.9;

About Router Firmware:

Before you consider downloading this firmware, go to the system information page of the router and make sure that the currently installed version isn't either newer or matching this release.

Due to the large variety of router models and different methods for upgrading the device, it is highly recommended that you read and, above all, understand the installation steps before you apply the new firmware, even if you are a power user.

In theory, these steps shouldn't be much of a hassle for anyone, because manufacturers try to make them as easy as possible, even if they don't always succeed. Basically, you must upload the new firmware to the router through its administration page and allow it to upgrade.

If you install a new version, you can expect increased security levels, different vulnerability issues to be resolved, improved overall performance and transfer speeds, enhanced compatibility with other devices, added support for newly developed technologies, as well as several other changes.

If you're looking for certain safety measures, remember that it would be best if you perform the upload using an Ethernet cable rather than a wireless connection, which can be interrupted easily. Also, make sure you don't power off the router or use its buttons during the installation, if you wish avoid any malfunctions.

If this firmware meets your current needs, get the desired version and apply it to your router unit; if not, check with our website as often as possible so that you don't miss the update that will improve your device.