Citrix SD-WAN Orchestrator

Fixed issues

The following issues are fixed.

July 15, 2021


Using the ping utility for All Sites, when you ping an IPv6 address, the error message Invalid IP address is displayed.

[ SDW-18766 ]

Configuration of primary and secondary WAN links on an IPsec tunnel fails.

[ SDWANHELP-2239 ]

July 01, 2021


Sorting based on site name does not work in the window that pops up on clicking Assign in License view tab under Administration > Licensing.

[ SDW-19920 ]

Whenever a new license is retrieved using License Access Codes or is assigned for a device, Citrix SD-WAN Orchestrator service software maintenance date does not get extended.

[ SDW-19792 ]

When there is a failure in upgrading a customer’s account to production, the UI does not display the failure message.

[ SDW-19574 ]

For customers having only perpetual license, Citrix SD-WAN Orchestrator service software maintenance date is not set resulting in indefinite usage of appliance software.

[ SDW-19367 ]

Citrix SD-WAN Orchestrator service license expiration status does not get updated even after updating the license.

[ SDW-19340 ]

Citrix SD-WAN Orchestrator service license end date gets reset incorrectly when the Set License For Customer API is called on a production upgraded customer account.

[ SDW-19307 ]

When there is a failure in assigning licenses, the UI does not display the failure message under Administration > Licensing.

[ SDW-19238 ]

For customers having both perpetual and subscription licenses, assigning subscription license to a device might fail.

[ SDW-19237 ]

Assign option is not available for sites in the Site View tab under Administration > Licensing even when licenses are available.

[ SDW-19171 ]

Assigning licenses to multiple sites simultaneously fails to update the correct count in Licenses Available and Assigned To Sites columns of the License View tab under Administration > Licensing.

[ SDW-19168 ]

After importing valid production entitlements, Upgrade to production option is made available under Licensing even before assigning the license to the appliance.

[ SDW-18721 ]

Configuration and Management

When the software package download fails due to intermittent network connectivity and the device has the same software package in its recovery partition, stage operation fails. The issue is observed only when Stage operation is performed before the device connects to Citrix SD-WAN Orchestrator service.

[ SDW-19873 ]

In some rare cases, the Deployment page shows incorrect appliance change management status.

[ SDW-18654 ]

In real-time statistics, when a customer’s site is deployed in high availability mode then DHCP server/relay data, IGMP data, PPPoE data, and DNS data are incorrect and stale data.

[ SDW-17047 ]

For In-band high availability, the GUI does not have an option to select the direction of the Destination Rule with Service Type as Any resulting in failure of the outbound rules. The error message [EC818] At Site site-name: service type ‘any’ may not be used when direction is outbound.

[ SDW-16968 ]

June 17, 2021

Configuration and Management

If you perform staging on a Citrix SD-WAN appliance with an inbuilt LTE modem before the appliance comes online, then the staging fails.

[ SDW-14759 ]


Virtual path details under the QoS reports for Bulk traffic show null-null instead of showing valid virtual path details.

[ SDW-19162 ]

The GUI displays the usage percentage for WAN link metering even when Approximate Data Used (MD) is not configured.

[ SDW-17994 ]

Platform and systems

MTU size for the IPsec tunnel was displayed as 1430 KB instead of 1430 Bytes.

[ SDW-17896 ]

SD-WAN Orchestrator

When the starting date is a future date, the WAN link metering reports displayed a negative value for Days Elapsed instead of 0.

[ SDW-18067 ]

May 27, 2021

Configuration and Management

When you override the application routing policy for the O365Optimize_InternetBreakout application group from Site Configuration page, an error message Cannot set 'set_site_office_365_policy' multiple times is displayed on clicking Verify. If you see this error message, but have not explicitly created application routing policy from Site Configuration page, it can be because the network configuration is generated using database migration.

[ SDW-18573 ]


The software versions listed in the Software Version drop-down list under Configuration > Network Configuration Home does not specify the build type. The issue is fixed and the software versions are annotated (GA or HOTFIX) to specify the build type.

[ SDWANHELP-2140 ]

Pushing the syslog settings from Citrix SD-WAN Orchestrator service to the Citrix SD-WAN appliance removes the existing SNMP settings on the appliance.

[ SDW-19240 ]

May 13, 2021

SDW-18374: If the number of MPLS queues on two sites in the network do not match, EC 310 audit errors are displayed.

SDW-18305: The DHCP server instance crashes, if the data type for the TFTP server address in DHCP Option set (IPv4 and IPv6) is set as String using Custom Option.

SDW-16128: Although the changes made in the SSID profiles are inherited by SSIDs created using the SSID profiles, the changes do not reflect in the Citrix SD-WAN Orchestrator service GUI.

SDW-13046: When you roll back the network software version to lower than version 11.2, sites configured as Advanced Edition (AE) fail to stage with the message - Package extraction failure. This is because AE is supported from version 11.2 and above.

SDW-17638: For custom roles created with feature access set to No Access, the Citrix SD-WAN Orchestrator service GUI displays the default feature configuration instead of hiding the feature or displaying a 403 error message.

April 29, 2021

SDW-18374: If the number of MPLS queues on two sites in the network do not match, EC 310 audit errors are displayed.

SDW-16128: Although the changes made in the SSID profiles are inherited by SSIDs created using these SSID profiles, the changes do not reflect in the Citrix SD-WAN Orchestrator service GUI.

SDW-13046: When you roll back the network software version to lower than version 11.2, sites configured as Advanced Edition (AE) fail to stage with the message - Package extraction failure. This is because AE is supported from version 11.2 and above.

SDW-17638: For custom roles created with feature access set to No Access, the Citrix SD-WAN Orchestrator service GUI displays the default feature configuration instead of hiding the feature or displaying a 403 error message.

April 08, 2021

SDWANHELP-1994: Upon upgrading the software from Citrix SD-WAN 11.3.0 to 11.3.1 release, an audit error EC15002 might be shown if you have a DNS proxy configured for any of the sites.

March 04, 2021

SDW-16124: If the configuration is deployed after a new site has been added, Citrix SD-WAN Orchestrator service incorrectly detects this as a software upgrade and throws a warning that - Near Hitless is not possible as there needs to be at least one site supporting hitless upgrade.

February 18, 2021

SDW-15522: While creating a site by cloning and deleting the original site leads to an error - Unable to find Site name belonging to Uiid < num >.

January 28, 2021

SDW-15602: In rare conditions, the Citrix SD-WAN Orchestrator service UI does not populate the standby appliance log files.

SDW-16183: The sorting of the Application Usage Network and Site Report table column was incorrect.

SDW-16244: An incorrect Short Name displayed on the Reboot/Reset dialog box.

SDW-16267: The Dynamic Routing Import/Export filters UI not updating when a site is changed.

SDW-16274: WAN Optimization software staging was not happening for Citrix SD-WAN Premium Edition (PE) devices when the appliance software version is

January 13, 2021

SDW-13205: In Citrix SD-WAN Orchestrator service, information under deployment history is incorrect and it might show some negative values for activated sites.

SDW-14968: When the site had three WAN links, the third WAN link was not displayed in the side picture depicting links.

SDW-15608: During the software upgrade, If the branches are connected to Citrix SD-WAN Orchestrator service through the virtual path to the control node, then it’s possible that the control nodes get activated before the branch got the command to activate.

SDWANHELP-1606: The number of x-axis ticks was wrong for 1 week which leads to repetitive days on the x-axis for graphs.

SDWANHELP-1613: The appliances which were having a slow internet connection used to time out during the staging file download operation.

December 17, 2020

SDW-14810: In-band Management drop-down list option will be populated with IPs after a site is cloned.

SDW-11941: Advanced firewall functionalities don’t work in one of the following scenarios. Also, no audit error is seen while performing the following scenarios:

  • Downgrade of 1100-AE from 11.2.0 to lower builds which do not support advanced firewall functionalities
  • Conversion of 1100-AE to 1100-SE on 11.2.0

December 03, 2020

SDW-11224: While performing the software upgrade on networks with the Cloud Direct enabled sites, the activation status for such sites gets stuck in progress even after completion.

SDW-14772: The Change Management status would not show the latest status after completing staging or activation.

SDW-14773: During activation, the Change Management did not provide a warning to users about skipping the HA near-hitless software upgrade. The issue is now fixed. The UI provides a warning to the users when the HA near-hitless software upgrade is skipped or run by skipping the selected sites.

SDW-14774: The HA near-hitless software upgrade feature would activate all HA pairs in the network even if some sites were offline. This caused the activation to fall back to single-step activation for the entire network.

The issue is now fixed. The sites that cannot undergo HA near-hitless software upgrade are ignored and the remaining HA pairs undergo two-step activation.

SDW-14775: Users were unable route the Citrix SD-WAN Orchestrator service traffic through the defined Application Route with the default internet breakout policy set to Discard and all traffic routed through the Virtual Path. When the Virtual Path was dead, the appliances were unable to reach the internet. This issue is fixed now. The SD-WAN appliances can always communicate to the internet using Default Application Routes created for SD-WAN Orchestrator Breakout, provided the user has WAN Link configured with internet service and there is internet connectivity.

November 12, 2020

SDW-10283: When software upgrade to version is done from an appliance which has Virtual WAN service disabled and is relying on only the LTE link for internet connectivity, the activation of the appliance does not complete and the appliance goes offline.

SDW-14411: An audit error occurs when you create a custom application route at the site level under Configuration > Site Configuration > Routes using the match criteria as Custom Application or Application Group.

SDW-14777: The IP addresses in an IP Group were not validated for its uniqueness.

October 29, 2020

SDW-12994: When the Force Internal VIP Matching is enabled along with subnets which match the network subnets of the Virtual IP address, would cause an audit error leading to failure of deployment.

SDW-13419: In production mode, when you have licenses assigned to all sites (that is, no spare licenses), and making a change to a site’s bandwidth, platform, or appliance edition, then the site becomes unlicensed.

SDW-13931: When a perpetual user enters an add-on entitlement, Citrix SD-WAN Orchestrator service indicates that the license billing model does not match the customer billing model.

SDW-13946: When a configuration update is done for a network, a device can intermittently go into an Activation Pending state after it has been marked as Activation Complete. This occurs if the Citrix SD-WAN Orchestrator service checks for auto-correction during the period the device has marked Activation Complete and the new configuration version running on this device is yet to be received by Citrix SD-WAN Orchestrator service.

The newly issued activation command sees the version of the running software and its configuration and relays to Citrix SD-WAN Orchestrator service that auto-correction is not needed; moving the device to Activation Complete state.

October 1, 2020

SDWANHELP-1539: The default member paths for static virtual paths of MPLS are populated incorrectly based on the From and To queue names. The issue is fixed and the member paths are populated based on the From and To queue DSCP tags.

SDW-13329: Unable to perform the edit and clone operations as the action icons in the network configuration home page are grayed out.

SDW-11020: Citrix SD-WAN appliances on the Citrix SD-WAN Orchestrator service are displayed as online, even when the appliances are offline.

September 16, 2020

SDW-12669: Messages Display is not switching or going off unless you refresh the browser.

SDW-12822: Deleting a site operation can sometimes fail.

SDW-13001: On configuring a Transit Node, if the tertiary control node is selected once and a cost specified then that cost value keeps appearing even after clearing it.

SDW-13023: Enabling the private check box reflects a blank tooltip while creating a virtual interface under Interfaces.

SDW-13031: While creating an Interface under Virtual interfaces, against the virtual interface name field, an inline help is asking the user to select a virtual interface from an editable text box.

SDW-13214: Some reports had responses in Kbps and some in Bytes. But due to the granular report changes, the Citrix SD-WAN Orchestrator service UI was expecting all the graph response to be in Kbps or KB.

SDW-13261: While creating the bridge pair as fail-to-block, there is no delete icon displayed against the Actions label.

SDW-13275: New users are getting the Access Denied error during the On-Boarding process post requesting for SD-WAN Trial.

SDW-13307: Breadcrumb Site selection was a hyperlink instead of drop-down list when logged as customer Admin.

SDW-13320: Enhanced the displayed information in the Network configuration home page.

SDW-13327: Corrected the confirmation messages for reset and reboot operations to be more user-friendly by including the site name in addition to the serial number of the box.

SDW-13367: Under Service and Bandwidth configuration, the hover text for the Service Type field refers to the NAT translation.

SDW-13373: At the site level configuration, under Advanced settings > DNS, incorrect terminology appeared (reflecting DNS Server instead of DNS Service).

SDW-13385: WAN link name validation is missing on the Citrix SD-WAN Orchestrator service UI.

September 3, 2020

SDW-12350: The WAN link access-type was not considered as part of the provisioning, which caused MPLS links, to not have the proper traffic shaping applied.

SDW-12414: If an appliance fails staging or activation, the Citrix SD-WAN Orchestrator service keeps trying to auto-correct the appliance and bring it in sync with the network in a loop. The loop continues until a new stage is issued from the UI.

SDW-12868: Activation for builds failing in production for fresh SD-WAN 110/210 appliance (factory reset state) due to some permission issues.

August 12, 2020

SDW-9407: Once the Citrix SD-WAN Orchestrator service UI is opened for some duration, at times the UI buttons cannot be clicked.

SDW-10310: Unable to download large log files from the appliance through the Citrix SD-WAN Orchestrator service.

July 15, 2020

SDW-11988: For releases 11.0 and above, configuration updates to add or delete sites causes the virtual paths to go down due to network security key rotation. Although the issue is fixed, push a configuration update to synchronize the network secure key with the Citrix SD-WAN Orchestrator service. The configuration updates, post the synchronization, will not cause virtual path disruption.

SDW-11920: The Real-time Statistics table pagination icons are not rendering.

SDW-11906: The IPsec tunnels are not getting created when the type chosen is LAN.

SDW-9572: Uploading log bundles larger than 32 MB from an appliance to the Citrix SD-WAN Orchestrator service service fails.

July 6, 2020

SDW-7501: The bandwidth test under the diagnostics tool displays the virtual path connections between 2 sites even when there are no virtual path connections.

SDW-10335: In some rare scenarios, the delete site operation does not complete. The operation terminates prematurely, the GUI is not loaded, and rendering the network unusable in Citrix SD-WAN Orchestrator service.

SDW-11120: Importing of the config.json file that contains the sub model as LTE-WiFi, was giving an error.

June 11, 2020

SDW-10685: There was a difference between 11.x and 10.x builds, while creating the software package. In a result, the staging was failing for 10.2.5 and prior releases.

SDW-10738: Starting 11.1.0, a new configuration knob is added for inband management configuration on the site interface group page. This is a mandatory configuration for any appliance that needs to be managed through an inband IP. Missing this configuration in the Citrix SD-WAN Orchestrator service can cause the appliance to go offline (especially important when the 210 s and 110 s that were managed over LTE upgrade to 11.1.0).

June 1, 2020

SDW-10348: In some rare scenarios, the total sites that are displayed in the Deployment History were not the same as the actual sites configured.

SDW-10378: In some rare scenarios, the staging gets stuck after deleting the GeoMCN site.

SDW-10587: While attempting network deployment from the Citrix SD-WAN Orchestrator service, 500 internal server errors were occurring.

SDW-10615: For IP Routes, when you select valid to/from links for Eligibility based on Path, an audit error occurred - Path Does Not Exist.

SDW-10713: For VPX/VPXL, there were issue in license string parsing.

SDW-10764: Corrected the validation checks about the usage of SFP ports of the SD-WAN 1100 platform when the Y-cable feature is enabled.

SDW-10777: In some rare scenarios, Citrix SD-WAN Orchestrator service was blocking changes to firmware builds even though the customer has valid software maintenance license.

SDW-10778: A configuration conversion error occurs when a WAN link is saved in the configuration without any access interface as part of it.

SDW-10811: In some rare scenarios, the routing domain is not visible in the WAN Link reports.

SDW-10812: In some rare scenarios, the routing domain is not visible in the ARP reports.

SDW-10815: Check box for optimize is not checked by default for office 365. This was the expected behavior for when the feature was designed.

SDW-10840: Added validation when the primary appliance serial number is not added but the secondary appliance serial number is added.

SDW-10844: The unknown_network error was appearing while performing staging activity during change management.

SDW-10857: WAN link specific upload and download speed got interchanged while using in Cloud Direct site.

SDW-11033: There was a possibility for staging to get stuck for networks, where few sites were deleted and staging were attempted during change management.

May 13, 2020

SDW-10576: When the customer updates the Virtual Interface (VIF) Name under the Site Configuration > Interfaces > Sub Interfaces at the site level, the corresponding DHCP Relay VIF Name is not updated.

April 28, 2020

SDW-9511: During staging, the change management failure always showed the message as Staging Failed.

SDW-9913: The WAN link throughput value displayed in the statistics page is less than the actual throughput value.

SDW-9973: Deleting a site does not remove the reference of the deleted site from all the global features, resulting in configuration verification failure.

SDW-9513: In the HA primary/secondary appliances, if the serial number is swapped between the primary and secondary appliances, the configuration is not pushed as per the swapped serial numbers. The configuration is pushed as per the initial serial number assignment or, in rare cases, both the appliances are treated as primary or secondary.

April 15, 2020

SDW-10018: You might observe QoS data inconsistency between the tabular and graphical views.

SDW-9913: The WAN link throughput value displayed in the statistics page is less than the actual throughput value.

SDW-9739: You might observe that the configuration version is different on some appliances after network configuration deployment. It results in some virtual path not getting established between a branch and a control node.

SDW-9618: During the change management/configuration deployment process, the GUI allows you to continue with activation even when there are failures in the staging process. Once the activation succeeds in other appliances, the GUI incorrectly reports that the activation was successful.

SDW-9888: The WAN link usage real-time statistics table is staggered and misaligned for a WAN link configured with standby, metered, or standby with metered connection.