Support
 

MikroTik product support service

Most of your questions are answered and explained in RouterOS documentation.

  1. If you have bought a RouterOS license or a RouterBOARD product, limited support service might be provided by e-mail for 30 days after the purchase by support@mikrotik.com. Contact your distributor for help and support, if device is not purchased from MikroTik directly.
  2. You can hire a certified consultant for full configuration support, network design and other diagnostics.
  3. Check our community forum.

Support request instructions

When contacting us at support@mikrotik.com for faster help:

  1. Check documentation and configuration examples at our wiki page. Maybe answer is already there.
  2. Make sure that your issue is present with the latest version of MikroTik RouterOS. The latest version is available at the download section.
  3. Give us a brief problem description that includes information about your network setup.
  4. Provide us with support output file (suppout.rif), that is created when problem appears, instruction how to make it.
  5. Make sure to include previous conversation in the body of the e-mail when replying, do not delete the ticket number from the message subject.
  6. Technical support does not include training on TCP/IP.
  7. E-mail reply might take up to 3 business days.

If you are in need of immediate assistance, now you can hire a certified consultation specialist. See the list of specialists near you!

Responsible disclosure of discovered vulnerabilities

It is important for us at MikroTik that our customers can feel safe and secure when using our products. We therefore constantly strive to achieve the highest possible security and quality. Despite this, an issue could be discovered, that affects our device security. If you have found such a security flaw, we would like to hear more about it to be able to correct the problem as soon as possible.

We are thankful to you for taking the time to report to us weaknesses you discover, as long as you do so with adherence to the following responsible disclosure guidelines.

What you can report:

  • Vulnerabilities in RouterOS, that allow unauthorised users to gain access to the software administation tools
  • Vulnerabilities in our webpages that enable disclosure of non-public client information; enable a user to modify data that is not their own or could lead to compromise or leakage of data and directly affect the confidentiality or integrity of user data or which affects user privacy

What you should not report:

  • Any vulnerabilities without a properly described evidence report of proof of possible exploitation
  • Vulnerabilities only affecting users of outdated or unpatched browsers and platforms (older than two major releases) or for users who have intentionally reduced security settings on their platform
  • Issues that arise from misconfiguration or misuse of equipment or software
  • Situations where equipment resurces are used by user run tasks (eg. my CPU is being used when I run this command or my device is overloaded by network traffic)

If you have found a vulnerability, we kindly ask you to:

  • Not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying (third party) data
  • Not reveal the problem to others until it has been resolved and MikroTik agrees on its disclosure
  • Never publicise any personal data that you have retrieved and delete all such information retrieved through the vulnerability
  • Not use attacks on physical security, social engineering, distributed denial of service (DoS and DDoS), spam or applications of third parties
  • Provide sufficient information to reproduce the problem so we will be able to resolve it as quickly as possible.

We promise you that:

  • Your notification will be reviewed with our evaluation of the notification and if the problem will be discovered it will be fixed according to our internal processes
  • If you have followed the instructions above, we will not take any legal action against you in regard to the notification
  • We will not pass on your personal details described in notification to third parties without your permission (unless so required under the law and request by authorities)

When contacting MikroTik about vulnerabilities, please use the e-mail address security@mikrotik.com