Product Documentation

Citrix SD-WAN WANOP plug-in

What methods can I use to the install the Citrix SD-WAN WANOP plug-in on my computer?

You can use any of the following methods to install the Citrix SD-WAN WANOP plug-in on your computer:

  • Standalone installation: Run the Microsoft Installer (msi) file.

  • Silent installation: Run the following command:

    > msiexec.exe /i path\CitrixSD-WANWANOPPluginReleasex64-<Release_Nunmer> /qn

  • Remote installation: Install the Citrix SD-WAN WANOP plug-in remotely from Citrix Receiver.

Can I customize the Citrix SD-WAN WANOP plug-in installer?

Yes. You can customize the signaling IP address and disc based compression (DBC) size with the msi file for the Citrix SD-WAN WANOP plug-in.

What are the minimum hardware requirements for installing the Citrix SD-WAN WANOP plug-in?

For the Citrix SD-WAN WANOP plug-in, your computer should meet the following requirements:

  • Pentium 4 class CPU

  • Minimum 4 GB of RAM

  • Minimum 2 GB for free hard disk space

On which operating systems can I install the Citrix SD-WAN WANOP plug-in?

You can install the Citrix SD-WAN WANOP plug-in on the following operating systems:

Operating System Edition Version
Windows XP  Home, Professional 32-bits
Windows Vista  Home Basic, Home Premium, Business, Enterprise, Ultimate 32-bits
Windows 7 Home Basic, Home Premium, Business, Enterprise, Ultimate 32-bits, 64-bits
Windows 8 Professional, Enterprise 32-bits, 64-bits 
Windows 10 Professional, Enterprise 32-bits, 64-bits

What precautions should I take before installing the Citrix SD-WAN WANOP plug-in?

Before you install the Citrix SD-WAN WANOP plug-in on your computer, take the following precautions:

  • Depending on your operating system version, download either 32-bit or 64-bit Citrix SD-WAN WANOP installer version.

  • You cannot install the Citrix SD-WAN WANOP plug-in on a compressed drive or folder.

  • Make sure that the computer has sufficient free disk space.

  • You cannot downgrade the Citrix SD-WAN WANOP plug-in release. If you want to use an earlier Citrix SD-WAN WANOP release, you must uninstall the current release and then install an earlier release.

Which Citrix SD-WAN WANOP appliances support the Citrix SD-WAN WANOP plug-in?

The following Citrix SD-WAN WANOP appliances support the Citrix SD-WAN WANOP plug-in:

  • SD-WAN WANOP 2000

  • SD-WAN WANOP 2000 appliance with Windows Server

  • SD-WAN WANOP 3000

  • SD-WAN WANOP 4000

  • SD-WAN WANOP 5000

Which Citrix SD-WAN WANOP appliances do not support the Citrix SD-WAN WANOP plug-in?

The following Citrix SD-WAN WANOP appliances do not support the Citrix SD-WAN WANOP plug-in:

  • SD-WAN WANOP 400

  • SD-WAN WANOP 700

  • SD-WAN WANOP 800

  • SD-WAN WANOP 1000 with Windows Server

Do I need to install a Concurrent (CCU) license on Citrix SD-WAN WANOP 2000, 3000, and VPX appliances to use the Citrix SD-WAN WANOP plug-in?

Yes. You must install a CCU license on Citrix SD-WAN WANOP 2000, 3000, and VPX appliances to use the Citrix SD-WAN WANOP plug-in.

Do I need install a CCU license on Citrix SD-WAN WANOP 4000 and 5000 appliances to use the Citrix SD-WAN WANOP plug-in?

No. You do not need to install a CCU license on Citrix SD-WAN WANOP 4000 and 5000 appliances to use the Citrix SD-WAN WANOP plug-in. The appliance base license is sufficient for the Citrix SD-WAN WANOP plug-in to connect to these appliances.

What are the Citrix recommendations for accelerating subnets?

Citrix recommends following for accelerating subnets:

  • Never use ALL/ALL for acceleration configuration. Specify the subnets on the basis of the requirements.

  • Do not configure acceleration for the Citrix Gateway VIP address.

Is the Citrix SD-WAN WANOP plug-in supported on Windows thin clients?

No. The Citrix SD-WAN WANOP plug-in is not supported on Windows thin clients.

Which Citrix Receiver and Citrix Gateway releases are supported with the Citrix SD-WAN WANOP plug-in?

The Citrix SD-WAN WANOP plug-in supports Citrix Receiver 4.1 and Citrix Gateway 10.5 releases.

Which Citrix SD-WAN WANOP features are not supported with the Citrix SD-WAN WANOP plug-in?

The Citrix SD-WAN WANOP plug-in does not support the following Citrix SD-WAN WANOP features:

  • Video Caching

  • Traffic Shaping

  • IPv6

Do I need to configure acceleration rules on a Citrix SD-WAN WANOP 4000 or 5000 appliance for the Citrix SD-WAN WANOP plug-in to work with it?

Yes. You must configure acceleration rules on a Citrix SD-WAN WANOP 4000 or 5000 appliance for the Citrix SD-WAN WANOP plug-in to work with it.

What is the significance of signaling-channel source filtering?

By using signaling-channel source filtering, you can either allow or deny a specific subnet or IP address the ability to connect to the appliance and fetch acceleration rules. The denied source subnet cannot establish signaling connections and accelerate the traffic.

What is the significance of LAN detection?

When you enable LAN detection, it prevents traffic acceleration when the Citrix SD-WAN WANOP plug-in and appliance are on the same LAN. Local acceleration is not desirable, because applying the bandwidth limit of the appliance to the local connection might reduce the speed of the local traffic.

To accelerate traffic, what is the minimum recommended RTT value between the Citrix SD-WAN WANOP plug-in and appliance?

Citrix recommends that you configure an RTT value that is greater than any RTT (ping time) on the local LAN, but less than the RTT for any remote user. The default value of 20 milliseconds is adequate for most networks.

What conditions should I consider when defining acceleration rules for the Citrix SD-WAN WANOP plug-in?

Consider the following conditions when defining acceleration rules for the Citrix SD-WAN WANOP plug-in:

  • Define acceleration rules for all subnets that are local to the appliance. These subnets are the LAN subnets at the site where the appliance is installed.

  • If there are any destination IP addresses that are not part of the LAN, add exclude rules for these IP addresses. Make sure that the rules for excluding IP addresses precede the rules for accelerating traffic for subnets. This includes subnets at remote sites with IP addresses that appear local.

  • If you have installed the appliance in inline mode with a VPN and it is operating in transparent mode, you can configure the appliance to accelerate all enterprise traffic, not just the traffic originated by or destined to the local site. In this case, the only accelerated connections are between the Citrix SD-WAN WANOP plug-in and VPN. Acceleration of the traffic between the Citrix SD-WAN WANOP plug-in and the VPN is optimal.

Where are the Citrix SD-WAN WANOP plug-in crash and trace files stored on the computer?

The crash and trace files of the Citrix SD-WAN WANOP plug-in are stored in the following folders:

  • Crash files: C:/ProgramFiles/Citrix/Citrix SD-WAN WANOP

  • Trace files: C:/Users/admin/AppData/Local/Temp

How does the Citrix SD-WAN WANOP plug-in connect to a high availability pair?

The Citrix SD-WAN WANOP plug-in always connects to the same signaling IP address. The signaling IP address is bound to only the primary appliance of the high availability pair, not to the secondary appliance. Therefore, the Citrix SD-WAN WANOP plug-in always connects to the primary appliance of the high availability pair.

Which deployment modes does the Citrix SD-WAN WANOP plug-in support?

The Citrix SD-WAN WANOP plug-in supports the following deployment modes:

  • Inline.

  • WCCP.

  • High Availability.

  • Citrix SD-WAN WANOP plug-in with NAT deployment.

  • Citrix SD-WAN WANOP plug-in with Citrix SD-WAN WANOP appliance in WCCP mode using ICA proxy.

  • Citrix SD-WAN WANOP plug-in with Citrix SD-WAN WANOP 4000 or 5000 appliance. In this deployment, the  management port (0/1) is connected to the management network, and the  signaling IP address is on a different network.

How do packets flow in transparent and redirector modes?

In transparent mode, the Citrix SD-WAN WANOP appliance does not change the source IP address of the packet. In redirector mode, the Citrix SD-WAN WANOP appliance proxies servers and changes the IP address of the packets.

Note

Citrix recommends transparent mode for the production deployment.

How can I establish a secure tunnel between the Citrix SD-WAN WANOP plug-in and appliance?

To establish a secure tunnel between the Citrix SD-WAN WANOP plug-in and appliance, complete the following procedure:

  1. On the Citrix SD-WAN WANOP plug-in user interface, open the Certificates tab.

  2. Select the CA Certificate option.

  3. Click Import and upload the relevant CA certificate.

  4. Select a Certificate Store where you want to store the certificate.

  5. Select the Client Certificate option.

  6. Click Import.

  7. Select appropriate certificate formats and upload the relevant certificates.

  8. Store the certificates in a Certificate Store.

  9. If the private key is password protected, enter the password to decrypt the private key.

  10. You must upload the same CA certificate and key pair to the appliance to establish a secure tunnel.

How can I verify that a secure tunnel is established?

To verify that a secure tunnel is established, complete the following procedure:

  1. The computer where you have installed the Citrix SD-WAN WANOP plug-in, run the following command:

    > telnet localhost 1362

  2. On the console, run the following command:

    > showtunnels

    Following is sample output of the command. If the output includes the text secure in the Connected Available section, a secure tunnel has been established. If a secure tunnel is not established, the text reads cleartext.

    ```
    Showtunnels
    Message Tunnels:
      Connected Available:
        172.16.9.100 auto,secure,client,initiator,configured
        CN: mike.199.130
    
    
    Connected Available : 1
    Clients: 1 peers: 0
    ```
    

    For more information on Citrix SD-WAN WANOP plug-in, see Citrix SD-WAN WANOP Plug-in.

Citrix SD-WAN WANOP plug-in

In this article