- Release notes
- What's new
- Updating and Upgrading to NetScaler SD-WAN 9.3
- Single-Step Upgrade for SD-WAN Appliances
- Before You Begin
Getting Started by Using NetScaler SD-WAN
- NetScaler SD-WAN Management Web Interface
- One Touch Start
- Installing the SD-WAN Appliance Packages on the Clients
- Preparing the SD-WAN Appliance Packages on the MCN
- Connecting the Client Appliances to Your Network
Setting up the SD-WAN Appliances
- Setting up the Appliance Hardware
- Setting the Management IP Addresses for the Appliances
- Setting the Management IP Address for a SD-WAN Appliance
- Setting the Date and Time on an SD-WAN Appliance
- Setting the Console Session Timeout Interval (Optional)
- Uploading and Installing the SD-WAN Software License File
- Troubleshooting DHCP Management IP Address Configuration
- Configuring Alarms
- Configuration Rollback
- About SD-WAN VPX Standard Edition
- Installing and Deploying a SD-WAN VPX Standard Edition on VMware ESXi
Setting up the Master Control Node (MCN) Site
- Master Control Node (MCN)
- How to Switch the Management Web Interface to MCN Console Mode
- How to Add the MCN Site
- How to Configure Virtual Interface Groups for the MCN Site
- How to Configure Virtual IP Addresses for the MCN Site
- How to Configure GRE Tunnels for the MCN Site (Optional)
- How to Configure WAN Links for the MCN Site
- How to Configure Routes for the MCN Site
- How to Configure High Availability (HA) for the MCN Site (Optional)
- How to Enable and Configure Virtual WAN Security and Encryption (Optional)
- Naming, Saving, and Backing Up the MCN Site Configuration
Adding and Configuring the Branch Sites
- How to Add the Branch Site
- How to Configure Virtual Interface Groups for the Branch Site
- How to Configure Virtual IP Addresses for the Branch Site
- How to Configure GRE Tunnels for the Branch Site
- How to Configure WAN Links for the Branch Site
- How to Configure Routes for the Branch Site
- How to Configure High Availability (HA) for the Branch Site (Optional)
- How to Clone the Branch Site (Optional)
- How to Resolve Configuration Audit Alerts
- How to Save the Completed Sites Configuration
Deployment use Cases
- Deploying SD-WAN in Gateway Mode
- Deploying SD-WAN in PBR mode (Virtual Inline Mode)
- Building a SD-WAN Network
- Dynamic Paths for Branch to Branch Communication
- Configuring Static WAN Paths
- Routing Support for LAN Segmentation
- Utilizing Enterprise Edition Appliance to Provide WAN Optimization Services Only
- SD-WAN SE/EE Appliance in Hairpin Deployment Mode
- Two Box Mode
- SD-WAN Overlay Routing
- High Availability Deployment
- Basic Configuration Mode
Virtual Routing and Forwarding
- How To Configure Routing Domain
- How To Configure Routes
- How To Select Routing Domain for Intranet Service
- How To Configure Interface Groups
- How To Configure Virtual IP Addresses
- How To Configure Virtual IP Address Identity
- How To Configure GRE Tunnels
- How To Configure Access Interface
- How to Customize Classes
- How to Add Rule Groups and Enable MOS
- How to Create Rules
- How To Configure Firewall Segmentation
- Dynamic routing
- Route Filtering
- Network Objects
- Application Classification
- QoS Fairness With Random Early Detection (RED)
- Application QoS Rules
- MPLS QoS Queues
- Application Quality of Experience (QoE)
- Link State Propagation
- Metering and Standby WAN Links
- Multiple Net Flow collectors
- IPSec Tunnel Termination
- Stateful Firewall and NAT Support
- Configuring Multicast Groups
- NetScaler SD-WAN and Zscaler - Using GRE Tunnels and IPsec Tunnels
- Enabling FIPS Compliance Mode in NetScaler SD-WAN
- Configuring Virtual WAN IPsec for FIPS Compliant Operation
- Firewall Traffic Redirection Support by Using Forcepoint in NetScaler SD-WAN
- Internet Service
- DHCP Server and DHCP Relay Agent
- DHCP Client for Data Port (WAN Link IP Address Learning)
- Adaptive Bandwidth Detection
- Active Bandwidth Testing
- Diagnostic Tool
- Monitoring Your Virtual WAN
Auto Secure Peering and Manual Secure Peering
- Auto Secure Peering to an EE appliance from a Standalone WANOP / SDWAN SE/WANOP on the DC site
- Auto Secure Peering Initiated from EE Appliance at DC Site and Branch Site EE Appliance
- Auto Secure Peering Initiated from EE Appliance at DC Site and Branch with WANOP/SE Appliance
- Manual Secure Peering Initiated from EE Appliance at DC Site and Branch EE Appliance
- Manual Secure Peering initiated from EE appliance at DC site to Branch WANOP/SDWAN-SE Appliance
- Domain Join and Delegate User Creation
- SNMPv3 Polling and Trap Capability
- Zero Touch Deployment
- Configure 210-SE LTE
- NetScaler SD-WAN WANOP 9.3
The WANOP Client Plug-in
- Hardware and software requirements
- How the WANOP plug-in works
- Deploying appliances for use with plug-ins
- Customizing the plug-in MSI file
- Deploying plug-ins on Windows systems
- WANOP plug-in GUI commands
- Updating the WANOP plug-in
- Troubleshooting WANOP plug-in
- Configuring Service Class Association with SSL Profiles
- Standard MIB Support
- Best Practices - Security
- Reference Material
- Installing SD-WAN SE Virtual Appliances (VPX) in Linux-KVM Platform
- SD-WAN Standard Edition Virtual Appliance (VPX) HA Support for AWS
- SD-WAN Standard Edition Virtual Appliance (VPX) in Hypervisor on HyperV 2012 R2 and 2016
- SD-WAN Standard Edition Virtual Appliance (VPX) HA Support for Microsoft Azure
- XenServer 6.5 Upgrade for SD-WAN Standard Edition Appliances
Configuring the Appliance by Connecting a Computer to the Ethernet Port
Aug 09, 2017
For initial configuration of a SD-WAN appliance, perform the following tasks::
- Configure the appliance for use on your site.
- Install the Citrix license.
- Enable acceleration.
- Enable traffic shaping (inline mode only).
With inline deployments, this configuration might be all you need, because most acceleration features are enabled by default and require no additional configuration.
You can configure the appliance connecting the appliance to your computer through either the Ethernet port or the serial console. The following procedure enables you to configure the appliance by connecting it to your computer through the Ethernet port.
Note: On a SD-WAN 1000 appliance, you use the Ethernet port labeled as MGMT. However, on SD-WAN 2000 appliance, you use the Ethernet port labeled as PRI or LOM.
If you want to configure the appliance by connecting it to the computer through the serial console, assign the management service IP address from your Worksheet by completing the Assigning a Management IP Address through the Serial Console procedure, and then run steps 4 through 25 of the following procedure.
Note: Make sure that you have physical access to the appliance.
To configure the appliance by connecting a computer to the SD-WAN appliance’s Ethernet port 0/1
Set the Ethernet port address of a computer (or other browser-equipped device with an Ethernet port), to 192.168.100.1, with a network mask of 255.255.0.0. On a Windows device, this is done by changing the Internet Protocol Version 4 properties of the LAN connection, as shown below. You can leave the gateway and DNS server fields as blank.
Using an Ethernet cable, connect this computer to the port labeled MGMT on a SD-WAN 1000 appliance, or to the port labeled PRI on a SD-WAN 2000 appliance.
Switch on the appliance. Using the web browser on the computer, access the appliance by using the default management service IP address http://192.168.100.1.
On the login page, use the following default credentials to log on to the appliance.
Start the configuration wizard by clicking Get Started.
On the Platform Configuration page, enter the respective values from your worksheet, as shown in the following example:
Note: If, for SD-WAN configuration, you want to use the same network mask and gateway as those for Network Configuration, select the Use System Netmask and Gateway option.
Click Done. A screen showing the Installation in Progress… message appears. This process takes approximately 2 to 5 minutes, depending on your network speed.
Note: If you are configuring the appliance by connecting it to your computer through the serial console port, skip step 8 through step 14.
A Redirecting to new management IP message appears.
Unplug your computer from the Ethernet port and connect the port to your management network.
Reset the IP address of your computer to its previous setting.
From a computer on the management network, log on to the appliance by entering the new Management Service IP address, such as https://<Managemnt_IP_Address>, in a web browser.
To continue the configuration, accept the certificate and continue. The option to continue varies according to the web browser you are using.
Log on to the appliance.
The Configuration wizard starts again. In this wizard, some of the values which you have already provided, appear by default. Specify rest of the values you have recorded in your worksheet.
In System Services section, update the values if necessary.
In the Licensing section, select the appropriate license type. You can either select a local license or a remote license server to apply a license to the appliance.
- If you opt for a local license, you must generate a license by using the host ID of the appliance. To generate a local license for the appliance, see http://support.citrix.com/article/ctx131110. To apply the license, you can navigate to the SD-WAN > Configuration > Appliance Settings > Licensing page, after completing the Configuration wizard.
- If you opt for a remote licensing server, you must select a remote appliance model and provide the IP address of the licensing server in the Licensing Server Address field.
In the WAN Link Definition section, specify receive and send speeds for the WAN link in the respective fields. Citrix recommends values 10% lower than the WAN bandwidth, to avoid network congestion.
By default, WAN-side adapter settings are configured on the appliance. Accept the default settings.
Click Install. After the Installation process is complete, the appliance restarts.
As soon as the appliance restarts, the Dashboard page appears.
To configure the appliance to accelerate the network traffic, open navigate to the Configuration tab.
Note: Make sure that you have already applied the appropriate license to the appliance.
On the Network Adapters page of the Appliance Settings node, verify and, if necessary, assign IP addresses, subnet masks, and gateways to the accelerated bridges (apA and apB) to be used. Applying these changes restarts the appliance.
Note: You need to assign IP addresses to apA and apB adapters only if you intended to configure WCCP mode, virtual inline mode, or the Video Caching feature on the appliance.
The Initial Configuration is complete. Traffic now flows through the appliance. The Dashboard page shows this traffic.
You need additional configuration on the appliance if you intend to use some of the modes and features, such as, virtual inline mode, video caching, secure peering, high availability, encrypted CIFS/MAPI acceleration, AppFlow monitoring, or SNMP monitoring.
- Inline installations place the appliance between your LAN and WAN routers, using both ports of the accelerated bridge, such as ports LAN1 and WAN1 on a SD-WAN 1000 appliance with Window Server or ports 1/1 and 1/2 on SD-WAN 2000 appliance with Windows Server, for the apA accelerated bridge port.
- WCCP and virtual inline installations connect a single accelerated bridge port to your WAN router.
- Virtual inline installations require that you configure your router to forward WAN traffic to the appliance. See Router Configuration.
- WCCP installations require configuration of your router and the appliance. See WCCP Mode.