- Release notes
- What's new
- Updating and Upgrading to NetScaler SD-WAN 9.3
- Single-Step Upgrade for SD-WAN Appliances
- Before You Begin
Getting Started by Using NetScaler SD-WAN
- NetScaler SD-WAN Management Web Interface
- One Touch Start
- Installing the SD-WAN Appliance Packages on the Clients
- Preparing the SD-WAN Appliance Packages on the MCN
- Connecting the Client Appliances to Your Network
Setting up the SD-WAN Appliances
- Setting up the Appliance Hardware
- Setting the Management IP Addresses for the Appliances
- Setting the Management IP Address for a SD-WAN Appliance
- Setting the Date and Time on an SD-WAN Appliance
- Setting the Console Session Timeout Interval (Optional)
- Uploading and Installing the SD-WAN Software License File
- Troubleshooting DHCP Management IP Address Configuration
- Configuring Alarms
- Configuration Rollback
- About SD-WAN VPX Standard Edition
- Installing and Deploying a SD-WAN VPX Standard Edition on VMware ESXi
Setting up the Master Control Node (MCN) Site
- Master Control Node (MCN)
- How to Switch the Management Web Interface to MCN Console Mode
- How to Add the MCN Site
- How to Configure Virtual Interface Groups for the MCN Site
- How to Configure Virtual IP Addresses for the MCN Site
- How to Configure GRE Tunnels for the MCN Site (Optional)
- How to Configure WAN Links for the MCN Site
- How to Configure Routes for the MCN Site
- How to Configure High Availability (HA) for the MCN Site (Optional)
- How to Enable and Configure Virtual WAN Security and Encryption (Optional)
- Naming, Saving, and Backing Up the MCN Site Configuration
Adding and Configuring the Branch Sites
- How to Add the Branch Site
- How to Configure Virtual Interface Groups for the Branch Site
- How to Configure Virtual IP Addresses for the Branch Site
- How to Configure GRE Tunnels for the Branch Site
- How to Configure WAN Links for the Branch Site
- How to Configure Routes for the Branch Site
- How to Configure High Availability (HA) for the Branch Site (Optional)
- How to Clone the Branch Site (Optional)
- How to Resolve Configuration Audit Alerts
- How to Save the Completed Sites Configuration
Deployment use Cases
- Deploying SD-WAN in Gateway Mode
- Deploying SD-WAN in PBR mode (Virtual Inline Mode)
- Building a SD-WAN Network
- Dynamic Paths for Branch to Branch Communication
- Configuring Static WAN Paths
- Routing Support for LAN Segmentation
- Utilizing Enterprise Edition Appliance to Provide WAN Optimization Services Only
- SD-WAN SE/EE Appliance in Hairpin Deployment Mode
- Two Box Mode
- SD-WAN Overlay Routing
- High Availability Deployment
- Basic Configuration Mode
Virtual Routing and Forwarding
- How To Configure Routing Domain
- How To Configure Routes
- How To Select Routing Domain for Intranet Service
- How To Configure Interface Groups
- How To Configure Virtual IP Addresses
- How To Configure Virtual IP Address Identity
- How To Configure GRE Tunnels
- How To Configure Access Interface
- How to Customize Classes
- How to Add Rule Groups and Enable MOS
- How to Create Rules
- How To Configure Firewall Segmentation
- Dynamic routing
- Route Filtering
- Network Objects
- Application Classification
- QoS Fairness With Random Early Detection (RED)
- Application QoS Rules
- MPLS QoS Queues
- Application Quality of Experience (QoE)
- Link State Propagation
- Metering and Standby WAN Links
- Multiple Net Flow collectors
- IPSec Tunnel Termination
- Stateful Firewall and NAT Support
- Configuring Multicast Groups
- NetScaler SD-WAN and Zscaler - Using GRE Tunnels and IPsec Tunnels
- Enabling FIPS Compliance Mode in NetScaler SD-WAN
- Configuring Virtual WAN IPsec for FIPS Compliant Operation
- Firewall Traffic Redirection Support by Using Forcepoint in NetScaler SD-WAN
- Internet Service
- DHCP Server and DHCP Relay Agent
- DHCP Client for Data Port (WAN Link IP Address Learning)
- Adaptive Bandwidth Detection
- Active Bandwidth Testing
- Diagnostic Tool
- Monitoring Your Virtual WAN
Auto Secure Peering and Manual Secure Peering
- Auto Secure Peering to an EE appliance from a Standalone WANOP / SDWAN SE/WANOP on the DC site
- Auto Secure Peering Initiated from EE Appliance at DC Site and Branch Site EE Appliance
- Auto Secure Peering Initiated from EE Appliance at DC Site and Branch with WANOP/SE Appliance
- Manual Secure Peering Initiated from EE Appliance at DC Site and Branch EE Appliance
- Manual Secure Peering initiated from EE appliance at DC site to Branch WANOP/SDWAN-SE Appliance
- Domain Join and Delegate User Creation
- SNMPv3 Polling and Trap Capability
- Zero Touch Deployment
- Configure 210-SE LTE
- NetScaler SD-WAN WANOP 9.3
The WANOP Client Plug-in
- Hardware and software requirements
- How the WANOP plug-in works
- Deploying appliances for use with plug-ins
- Customizing the plug-in MSI file
- Deploying plug-ins on Windows systems
- WANOP plug-in GUI commands
- Updating the WANOP plug-in
- Troubleshooting WANOP plug-in
- Configuring Service Class Association with SSL Profiles
- Standard MIB Support
- Best Practices - Security
- Reference Material
- Installing SD-WAN SE Virtual Appliances (VPX) in Linux-KVM Platform
- SD-WAN Standard Edition Virtual Appliance (VPX) HA Support for AWS
- SD-WAN Standard Edition Virtual Appliance (VPX) in Hypervisor on HyperV 2012 R2 and 2016
- SD-WAN Standard Edition Virtual Appliance (VPX) HA Support for Microsoft Azure
- XenServer 6.5 Upgrade for SD-WAN Standard Edition Appliances
Single-Step Upgrade for SD-WAN Appliances
Sep 27, 2017
To use single step upgrade feature, the MCN must run a version which supports single step upgrade. For example; SD-WAN 9.3.x.
In release 9.3, a single step upgrade package using the SD-WAN GUI change management option to upgrade non-SD-WAN components in the network for all applicable platform editions has been introduced. The MCN distributes all necessary software components to the sites (Branch) in the network.
After the branch receives the upgrade component files, these can be installed at scheduled time intervals as specified by the user. If the scheduled time is not specified, it uses the default time which is set by MCN for all branches.
The MCN also generates packages for sites on demand. Download the active package from the active hyperlink under the Download LCM package. You can bring or boot strap a new site into the network using this package. All software components will be installed using the Single Bundle Upgrade (.tar.gz) package. The MCN keeps a copy of the software.
Pre-requisites to Perform Single Step Upgrade
- Have the SD-WAN 9.3 Virtual WAN software installed. Use the existing upgrade procedure to upgrade from any previous release version to the current 9.3 Virtual WAN software version. Do not use SBU (single bundle upgrade) procedure to upgrade from an older Virtual WAN software version to 9.3 version.
- After the SD-WAN 9.3 Virtual WAN software is installed, follow the single step upgrade (.zip) procedure to upgrade WANOP components and XenServer supplemental software packages. You can use the SD-WAN GUI to schedule upgrade of these additional components through the Change Management Settings page. The above pre-requisite does not apply for upgrading from release version 9.3 to the 9.3.x latest build version.
Change management upload error occurs, if you attempt to perform single step upgrade (.zip file) from previous versions to 9.3.
It is recommended that you use build version 9.3.0.x and above to use the single step upgrade procedure.
Review the following upgrade procedures to upgrade to software release version 9.3.
Following are the supported upgrade and downgrade scenarios for SD-WAN SE and EE appliances. It is assumed that we are upgrading Virtual WAN software first and then upgrading the other components after the required software is staged at the branch sites or on the MCN.
Factory shipped appliances
You can download local change management package from MCN and apply it on the factory shipped appliance. After the local change management package is applied to the branch site boxes, all relevant components are upgraded immediately without waiting for maintenance window, if applicable.
Appliances with legacy Virtual WAN software
- The appliances currently in an active network with virtual paths up and running.
- In this case, the appliances receive packages from MCN. The components are installed all the files from MCN are received and it is in the scheduled time window.
2. The appliances are currently out of the network with virtual paths down.
- In this case, the process is similar to the appliances which are factory shipped. You need to download local change management from MCN and upload the package to the branch site appliances.
Appliances with single-step upgrade support
The appliance stages multiple files applicable at the branch site based on the appliance model and platform edition. The version information is reported by the branch site and/or configuration options, if applicable. The branch site appliances perform the upgrade utilizing the staged files. The non-Virtual WAN software components can be installed based on the preferences, manual and/or schedule.
Version switch or revert
Downgrading to a previous version of Virtual WAN software is supported. With single step upgrade process, you can install WANOP software packaged with a given Virtual WAN software version. You can only upgrade hotfix and/or SVM versions if the software versions in the packages are higher.
Single step upgrade to legacy Virtual WAN software support
You can re-install the legacy software with the required configurations (using tar.gz files).
Downgrading to previous software version
If you upgraded an existing software version to release version 9.3 using the tar.gz upgrade process, you can downgrade the software version to a previous software version.
If you used the .zip (single step upgrade) procedure to upgrade to version 9.3, you cannot downgrade the software version to a previous software version.**
Single Step upgrade in High Availability Deployment Mode
During single step upgrade if HA flip happens then, you need to switch back to the old primary appliance manually, or upload the single bundle package to the new primary appliance.