Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
Hi, I have a MikroTik hAP ac3. Almost every time I update it, it crashes, and I have to reset it and reload the configuration. Any tips on a solution or what might be causing this? (I'm running 6.49.17 now)
Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
Really would like to have a peek at your config:
Remove serial and any other private info.
Code: Select all
/export file=anynameyoulike
Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
Code: Select all
/export hide-sensitiveRe: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
Code: Select all
# aug/13/2024 17:37:27 by RouterOS 6.49.17
# software id = PXI0-UD7M
#
# model = RBD53iG-5HacD2HnD
# serial number = MYSERIALNUMBER
/interface bridge
add admin-mac=ADMIN-MAC auto-mac=no comment=defconf name=bridge
add name=bridge-guest
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-g/n comment="2437 = Kanal 6" \
country="united states" disabled=no distance=indoors frequency=2462 \
installation=indoor mode=ap-bridge ssid=REMOVED-Not wireless-protocol=802.11 \
wmm-support=enabled wps-mode=disabled
set [ find default-name=wlan2 ] band=5ghz-n/ac channel-width=20/40mhz-Ce \
comment="5180 = Kanal 36" country="united states" disabled=no distance=\
indoors installation=indoor mode=ap-bridge ssid=REMOVED-Not-5G \
wireless-protocol=802.11 wmm-support=enabled wps-mode=disabled
/interface wireless manual-tx-power-table
set wlan1 comment="2437 = Kanal 6"
set wlan2 comment="5180 = Kanal 36"
/interface wireless nstreme
set wlan1 comment="2437 = Kanal 6"
set wlan2 comment="5180 = Kanal 36"
/interface list
add comment=defconf name=WAN
add comment=defconf name=LREMOVED:EBAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" \
group-key-update=1h mode=dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=profile-guest \
supplicant-identity=""
/interface wireless
add default-forwarding=no disabled=no keepalive-frames=disabled mac-address=\
master-interface=wlan1 multicast-buffering=disabled \
name=guest-wifi security-profile=profile-guest ssid=REMOVED-Guest \
wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
/ip kid-control
add name=VVVVV
/ip pool
add name=dhcp ranges=192.168.88.100-192.168.88.254
add name=dhcp_pool1 ranges=10.0.0.2-10.0.0.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge lease-time=1d name=local
add address-pool=dhcp_pool1 disabled=no interface=bridge-guest name=\
dhcp-guest
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
add bridge=bridge-guest interface=guest-wifi
/ip neighbor discovery-settings
set discover-interface-list=none
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
add address=10.0.0.1/24 interface=bridge-guest network=10.0.0.0
/ip cloud
set update-time=no
/ip dhcp-client
add comment=defconf disabled=no interface=ether1
/ip dhcp-server lease
add address=10.0.0.0/24 dns-server=8.8.8.8,9.9.9.9 gateway=10.0.0.1
add address=192.168.88.0/24 comment=defconf dns-server=1.1.1.3,1.0.0.3 \
gateway=192.168.88.1
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall address-list
add address=10.0.0.2-10.0.0.254 list="Guest Users"
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
add action=drop chain=input comment="Block Guest - Local Ports" dst-address=\
10.0.0.1 dst-port=80,21,22,23,8291 protocol=tcp src-address-list=\
"Guest Users"
add action=drop chain=input comment="Block Guets - LAN" dst-address=\
192.168.88.0/24 src-address-list="Guest Users"
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ip service
set telnet address=192.168.88.0/24 disabled=yes
set ftp address=192.168.88.0/24 disabled=yes
set www address=192.168.88.0/24
set ssh address=192.168.88.0/24
set www-ssl address=192.168.88.0/24
set api address=192.168.88.0/24 disabled=yes
set winbox address=192.168.88.0/24
set api-ssl address=192.168.88.0/24 disabled=yes
/ip ssh
set strong-crypto=yes
/ip upnp interfaces
add interface=bridge type=internal
add interface=ether1 type=external
/system clock
set time-zone-name=Europe/Stockholm
/system leds
set 0 interface=wlan1 leds=led1,led2,led3,led4,led5 type=\
wireless-signal-strength
set 1 leds=poe-led type=poe-out
/system ntp client
set enabled=yes primary-ntp=194.58.202.148 secondary-ntp=194.58.202.148 \
server-dns-names=""
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool mac-server ping
set enabled=no
Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
- Today, for example, I updated to the latest version.
- Restarted.
- Connected via Wi-Fi.
- Then, after a few seconds, everything (the network) dropped.
- The modem stopped blinking.
- Performed a reset and logged in with the default settings. Did a new update, updated the routerboard, and restored the configuration.
- Everything is working normally again.
- Restarted.
- Connected via Wi-Fi.
- Then, after a few seconds, everything (the network) dropped.
- The modem stopped blinking.
- Performed a reset and logged in with the default settings. Did a new update, updated the routerboard, and restored the configuration.
- Everything is working normally again.
Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
My first approach would be to netinstall to latest ROS6.
Then import config block by block via terminal, don't restore from backup because you will bring the problems right back in.
It's a working assumption for most experienced users here that after upgrade to upgrade to upgrade ... some blobs can remain in config causing havoc (not visible but binary they are there).
Netinstall makes sure to clean all that garbage.
Then import config block by block via terminal, don't restore from backup because you will bring the problems right back in.
It's a working assumption for most experienced users here that after upgrade to upgrade to upgrade ... some blobs can remain in config causing havoc (not visible but binary they are there).
Netinstall makes sure to clean all that garbage.
Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
I understand, but if I import block by block, won't I just bring the problem back again? Can't the exported file be cleaned up somehow? I currently have a solution to the problem that is relatively quick, but going through all the steps you mentioned seems like it will take a lot of time.
Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
No, the point is that the export is either clean or can be easily cleaned (or corrected), but there is (probably) some "cruft" that does not belong to (nor shows in) an export, you need to clean this "invisible" part (netinstall) and re-apply the exported settings (block by block, NOT by restoring a backup) this is the only way to make sure that the *whatever* is invisible is the "standard", "factory" default and is not corrupted/altered (for *whatever* reason that happened)I understand, but if I import block by block, won't I just bring the problem back again? Can't the exported file be cleaned up somehow? I currently have a solution to the problem that is relatively quick, but going through all the steps you mentioned seems like it will take a lot of time.