October 14, 2021
Citrix SD-WAN Orchestrator service has the following known issues:
Configuration and Management
The WAN-OP Settings > SSL Profiles > Add section of the UI fails to display the list of newly created WAN optimization rules in the Service classes drop-down list.
Workaround: Create an SSL profile without specifying service classes, and then edit the same profile. The list of WAN optimization rules is displayed.
[ SDW-21734 ]
When the transit node configuration is removed, the static virtual paths between a transit node and the branch sites are not deleted.
Workaround: Delete the static virtual paths manually when the transit node configuration is removed.
[ SDW-16045 ]
Scheduling Information of the appliance in Change Management Settings might display outdated data, when the appliance reconnects to the Orchestrator after a factory reset.
Workaround: In the Change Management settings, select the desired scheduled window and apply it. The appliance is updated and the data between the appliance and the Orchestrator is synchronized.
[ SDW-15169 ]
Creating the transit nodes for the branches does not form virtual paths.
Workaround: Create the static virtual paths manually between the transit site and the branch nodes.
[ SDW-10104 ]
Staging process fails on SD-WAN Orchestrator. This issue occurs when there is a missing primary WAN link configuration for the Intranet service. The error message displayed on the UI is Index 1 out of bounds for length 1.
[ SDWANHELP-2388 ]
The UI displays an audit error when users try to configure VRRP. The error message states that VRRP IP cannot be configured for virtual IP with In-band management. This issue occurs when In-band management is not selected, Internet service is enabled, and there is only 1 routing domain.
[ SDWANHELP-2380 ]
Under certain conditions, the SD-WAN appliance fails to communicate with Orchestrator service over In-band management when In-band management is enabled and the Out-of-band management is plugged in.
Workaround: Reboot the appliance.
[ SDWANHELP-2368 ]
Citrix SD-WAN Orchestrator service incorrectly reports that the In-band management is triggered although it is not used. This issue occurs when In-band provisioning is enabled on the SD-WAN appliance.
[ SDWANHELP-2363 ]
During staging or activation, fetching real-time statistics data from a site fails. It is because, the SD-WAN appliance gives higher priority to the Staging and Activation process compared to that of fetching the real-time statistics data.
[ SDWANHELP-2227 ]
At the site level, the Quality reports generated for one day duration does not show complete data. The issue is seen intermittently.
[ SDWANHELP-2329 ]
A change in the SSL inspection root Certificate Authority (CA) and the key will not be propagated to the SD-WAN appliance unless another edge security related setting is also changed. This results in SSL inspection being performed with the previous root CA.
Workaround: Change another setting related to edge security, then stage and activate it. This triggers the download and application of the root CA and key.
[ SDW-16050 ]
Before you convert the TRUSTED interface to UNTRUSTED which is used for the DNS proxy, delete it from the DNS proxy and then modify the interface type. Otherwise, you might see an audit error Only a TRUSTED interface can be used for DNS Proxy.
[ SDW-13696 ]
For the existing Standard Edition (SE) devices, the Inspect action can be selected in firewall policies. Also, Advanced Edition (AE) to SE conversion throws an error when there are existing firewall policies with Inspect action enabled. In both of these scenarios, Staging and Activation work without any errors.
[ SDW-11355 ]
Platform and systems
In the Citrix SD-WAN 210 appliance, if you remove the add-on license, the services get disabled.
Workaround: Remove the firewall policy having security profile, stage, and activate the changes to convert the appliance to standard edition.
[ SDW-18031 ]