Citrix SD-WAN

Release Notes

This release notes describes what’s new, fixed issues, and known issues applicable to Citrix SD-WAN software release 11.2 version 2 for the SD-WAN Standard Edition, WANOP, Premium Edition appliances, and SD-WAN Center.

For information about the previous release versions, see the Citrix SD-WAN documentation.

What’s New

External USB modem MBIM and NCM support - External USB modems that use MBIM and NCM mode are supported on Citrix SD-WAN 110 and 210 appliances. You can also configure the APN settings and Enable/Disable modem through the new Citrix SD-WAN GUI and Citrix SD-WAN Center. Mobile broadband operations are not supported on CDC Ethernet USB modems.

Edge Security logs - Citrix SD-WAN Edge Security logs now follow the CEF (Common Event Format). CEF is a standard that defines the syntax of log messages and therefore allows interoperability of multiple devices generating log messages in a solution.

Citrix SD-WAN Advanced Edition support - The Citrix SD-WAN Advanced Edition (AE) is now supported on Citrix SD-WAN 210 SE and Citrix SD-WAN 210 SE LTE appliances.

Office 365 Optimization - Microsoft Office 365 Default category traffic is classified based on all the application endpoints marked as required in the Default category. For more information, refer to Office 365 URLs and IP address ranges.

Fixed Issues

SDWANHELP-1161: After upgrading to build, the SD-WAN UI access became very slow.

SDWANHELP-1353: The SD-WAN service might get aborted when WAN links are added for internet load balancing as part of the configuration update.

SDWANHELP-1363: The SD-WAN service might get aborted when ARP entry is updated from host to persistent type.

SDWANHELP-1420: On SD-WAN Premier Edition (PE), the WANOP GUI pages are not accessible over the In-band management Virtual IP address.

SDWANHELP-1423: You must not start the site diagnostics test at the same time for a given site from the peer appliance.

SDWANHELP-1463: Some SD-WAN devices were entering the grace period for a few minutes because the license server was temporarily unreachable.

SDWANHELP-1484: An error in PCKS12 bundle processing prevents bundles where the key precedes the certificate from being processed.

SDWANHELP-1503: Modems can go to unresponsive over time, which leads to qmi-proxy failure in accepting new requests.

SDWANHELP-1504: The SD-WAN service might get aborted when the ARP entries are manually cleared from the GUI.

SDWANHELP-1535: When Geo MCN is used as a active MCN, the standby RCN shows as Not Connected state at the Geo MCN. This issue can occur if there was a switchover done from Active MCN to Geo MCN.

SDWANHELP-1538: The following rare issues are addressed:

  • Data path goes to a state where configuration updates of learned source IP/Port, DHCP IP, and PPPoE IP are not applied/missed.

  • A configuration update can take more than expected time and cause a data path crash.

SDWANHELP-1553: Back-end validation that the certificate matched the signing authority was broken.

SDWANHELP-1554: Back-end parsing of certificate information was broken.

SDWANHELP-1555: Underscores were not allowed when entering the common name field.

Known Issues

NSSDW-20500: On the Citrix SD-WAN 5100 PE appliance, when you initiate domain join operation, a warning message can display stating that WANOP is initializing.

  • Workaround: Rejoin the domain after 2 minutes.

NSSDW-28788: The client subnets are not exported when the deployment is in Bridge mode.

NSSDW-30660: An error is thrown while trying to push the certificate to collectors, after entering the credentials of the collector from SD-WAN Center Headend during the initial discovery of the RCN based network from SD-WAN Center.

  • Workaround: Add the NTP server and rediscover the network and enter the SD-WAN Center collector’s IP and credentials to push the certificate.

NSSDW-30662: Discovery of RCN fails with Appliance Error when an appliance is in standby mode whose IP is listed in the SD-WAN Center.

  • Workaround: Make the RCN appliance whose management IP is listed in the collector configuration table as active for discovery to proceed.

SDWANHELP-1400: For an internet service route in a non-default routing domain and a path eligibility configured when the path goes down and the remote site that does not have the given routing domain configured, the internet route is not marked unreachable.

Release Notes