Release Notes for SD-WAN Orchestrator for On-premises 1.0 Release

SD-WAN Orchestrator for On-premises is a self-hosted, management service available as separate instance for each customer. It provides a single-pane of glass management platform that enables you to configure, monitor, and analyze all the SD-WAN appliances on your SD-WAN network.

SD-WAN Orchestrator for On-premises is recommended for customers with strong regulatory requirements around data sovereignty and data privacy.

The following are some of the key capabilities:

  • Authentication: Supports local and RADIUS / TACACS+ authentication.
  • Centralized configuration: Centralized configuration of SD-WAN networks, with guided workflows, visual aids, and profiles.
  • Zero touch provisioning: Seamless bring up of the network and connections.
  • Application-centric policies: Application based traffic steering, Quality of Service (QoS), and Firewall policies, configurable globally or per site.
  • Hierarchical summarization of health: Ability to centrally monitor the health, usage, quality, and performance of a network as a whole, with the ability to drill down into individual sites and associated connections.
  • Troubleshooting: Device & Audit Logs, Diagnostic utilities such as Ping, Traceroute, Packet Capture to troubleshoot network connectivity issues.


  • Appliances: A minimum of two appliances. Each SD-WAN appliance or virtual instance must have an IP address configured.

  • Citrix SD-WAN Orchestrator service account: To use Citrix SD-WAN Orchestrator on-premises, you must have an account in the Citrix SD-WAN Orchestrator service. For more information, see Onboarding Citrix SD-WAN Orchestrator service.

SD-WAN Orchestrator for On-premises 1.0.1

Fixed Issues

  • SDW-16456: Any to any routing domain is not supported in SD-WAN Orchestrator for On-premises.

  • SDW-16063: At the network level, the Wi-Fi summary reports are unavailable.

  • SDW-16054: If a customer account is created outside of the US region on Citrix SD-WAN Orchestrator service, then the API token obtained by the Identity and Management (IDAM) page from Citrix Cloud does not work. The customer’s login to SD-WAN Orchestrator for On-premises fails with the following error message: “Invalid Customer ID, Client ID, or Client Secret”.

    You can now select the POP in which your cloud account was on-boarded, on booting up the SD-WAN Orchestrator for On-premises for the first time.

Known issues

  • SDW-16068: The CLI allows users to create a password out of the allowed 8–128 length range but the GUI login fails if the password length is out of the allowed range.

    • Workaround: On logging into the GUI, the user is forced to change the length of the password to the allowed range.
  • SDW-16024: When a user logs in to the UI, a red banner might display at the top of the page for a fraction of a second before displaying the login page.

  • SDW-15984: When the database backup of an appliance is restored on another appliance having the same release of SD-WAN Orchestrator for On-premises, the user details are not restored. On the restored appliance, if you create a user with the same user name as in the backed-up database, the following error is displayed:

    User has a role already assigned

    • Workaround: Create a user with a different user name that did not exist on the backed-up database.
  • SDW-16103: When you create a site by cloning an existing site, Deploy Config/Software > Verify Config fails.

    • Workaround: Do not create a site by cloning an existing site.
  • SDW-16404: If the disk is resized to more than 1.8 TB, resizing of the disk does not happen.

Release Notes for SD-WAN Orchestrator for On-premises 1.0 Release