Citrix NetScaler EE Istruzioni operative e di manutenzione

© 1999-2017 Citrix Systems, Inc. All rights reserved. p.1https://docs.citrix.com
Overview
What's New
Release Notes
NetScaler SD-WAN 9.1.1 Release Notes
NetScaler SD-WAN 9.1.2 Release Notes
Before You Begin
System Requirements
Acquiring the NetScaler SD-WAN Software Packages
NetScaler SD-WAN Software Packages and Appliance Models
NetScaler SD-WAN Appliance Packages
Preparing for Your Deployment
Installation and Configuration Information Checklist
Deployment
Installing and Deploying a SD-WAN VPX Standard Edition on VMware ESXi
Setting up the Master Control Node (MCN) Site
Adding and Configuring the Branch Sites
Conﬁguration
Configuring Virtual WAN Service
Configuring the Virtual Path Service Between the MCN and Client Sites
NetScaler SD-WAN 9.1
Jun 13, 20 17
The NetScaler SD-WAN product was formerly called  "CloudBridge".  Refer to the links below to access CloudBridge
documentation.
CloudBridge
CloudBridge 9.0  CloudBridge 8.1  CloudBridge 8.0  CloudBridge 7.4  CloudBridge 7.4  CloudBridge 7.3
For information on NetScaler SD-WAN WO 9.1 installation, deployment, and  feature conﬁguration, please
refer CloudBridge 7.4 documentation.
NetScaler SD-WAN

© 1999-2017 Citrix Systems, Inc. All rights reserved. p.2https://docs.citrix.com
Enabling and Configuring WAN Optimization
Monitoring
Viewing Statistical Information
Viewing Flow Information
Viewing Reports
How-To-Articles
Virtual Routing and Forwarding
How To Configure Routing Domain
How To Configure Routes
How To Select Routing Domain for Intranet Service
How To Configure Interface Groups
How To Configure Virtual IP Addresses
How To Configure Virtual IP Address Identity
How To Configure GRE Tunnels
How To Configure Access Interface
How to Customize Classes
How to Add Custom Applications and Enable MOS
How to Create Rules
Use Cases
Dynamic Routing
OSPF
iBGP
eBGP
Standby WAN Links
Secure Web Gateway
Use Cases - Virtual Route Forwarding
Deploying SD-WAN in Gateway Mode
Deploying SD-WAN in PBR mode (Virtual Inline Mode)
Building a SD-WAN Network

© 1999-2017 Citrix Systems, Inc. All rights reserved. p.3https://docs.citrix.com
Dynamic Paths for Branch to Branch Communication
Configuring Static WAN Paths
Routing Support for LAN Segmentation
Utilizing Enterprise Edition Appliance to Provide WAN Optimization Services Only
Licensing
Provisioning Licensing
License Procedure
Upgrade
Upgrade to 9.1 With Working Virtual WAN Configuration
Upgrade to 9.1 Without Virtual WAN Configuration
Convert SD-WAN 1000 / 2000 WANOP Appliances to Enterprise Edition With USB
Converting Existing Appliance to Enterprise Edition Appliance
About SD-WAN VPX Standard Edition
NetScaler SD-WAN VPX-SE Installation Requirements and Prerequisites
Differences Between a VPX-SE and a WANOP VPX Installation
Overview of VPX Installation and Deployment Procedures
NetScaler SD-WAN VPX-SE Installation and Configuration Information Checklist
Getting Started
NetScaler SD-WAN Management Web Interface
Installing the SD-WAN Appliance Packages on the Clients
Preparing the SD-WAN Appliance Packages on the MCN
Connecting the Client Appliances to Your Network
Setting up the SD-WAN Appliances
Route Filtering
IPSec Tunnel Termination and Monitoring
How to Configure IPSec Tunnels for Virtual and Dynamic Paths
How To Configure IPsec Tunnel Between SD-WAN and Third-Party Devices
How To Add IKE Certificates
How To View IPSec Tunnel Configuration
IPSec Monitoring and Logging

DHCP Client and Server Management

Link State Propagation

Multiple Net Flow Collectors

Network Objects

QoS Fairness With RED

SNMP MIBs

MPLS QoS Queues

NetScaler SD-WAN Center 9.1

Overview

Oct 04, 20 16

The NetScaler SD-WAN product was formerly called "CloudBridge". Similar to the previous product portfolio, NetScaler SD-

WAN is available in three different editions, allowing you to deploy the features you need at each location with easy

upgrades, conﬁguration, and monitoring.

All references to the term “CloudBridge” is applicable to the new product term “NetScaler SD-WAN”.

For more information about the NetScaler SD-WAN platform editions, see the product datasheet and product portfolio at:

https://www.citrix.com/content/dam/citrix/en_us/documents/data-sheet/netscaler-sd-wan-datasheet.pdf and

https://www.citrix.com/products/netscaler-sd-wan/platforms.html.

NetScaler SD-WAN Platform Editions

There are three NetScaler SD-WAN Editions each with a different set or subset of NetScaler SD-WAN features.

NetScaler SD-WAN Enterprise Edition (EE) – This Edition includes both Standard Edition and WAN Optimization

features. Enterprise Edition Integrates WAN virtualization with WAN optimization capabilities to optimize branch and

mobile user experience and to achieve fully resilient applications regardless of network quality For release 9.1, Enterprise

Edition is available for the 1000-VW and 2000-VW branch hardware appliances, only.

NetScaler SD-WAN Standard Edition (VW/SE) – This Edition includes Standard Edition Virtual WAN features, only. It

supports software-defined WAN capability to create a highly reliable network from multiple network links and to ensure

that each application takes the best path to achieve the highest application performance.

NetScaler SD-WAN Optimization Edition (WANOP) – T his Edition includes WAN Optimization features, only. It

supports application acceleration, data reduction and protocol control to optimize applications across the WAN.

Optionally, it can include virtual Windows Server to simplify branch infrastructure and mobile PC plug-in capability.

Note

The WANOP Edition and Standard/Enterprise Edition are separate hardware platforms running different software.

In a data center, administrators can deploy one Standard Edition and one WANOP Edition to achieve Enterprise Edition capabilities. In

the branch ofﬁce, administrators can choose to deploy either a Standard Edition or WANOP Edition. Alternatively, the beneﬁts of

both Standard and WANOP Editions can be accomplished by deploying a single Enterprise Edition at the branch ofﬁce.

See the Licensing section, for more information about the license options available for using NetScaler SD-WAN platform

editions.

Release Notes

Oct 09, 2016

This release notes describes the new features, enhancements, known issues, and ﬁxed issues applicable to Citrix NetScaler

SD-WAN software release 9.1 for the SD-WAN Standard Edition and Enterprise Edition appliances.

For information about the previous product called CloudBridge Virtual WAN and CloudBridge Enterprise Editions, see the

CloudBridge Virtual WAN Administration Guide.

Aslo, for information about WAN OP edition, refer to the CloudBridge 7.4.x documentation.

Limitations

Enterprise Edition appliances cannot be joined to Active Directory Domains. To accelerate file or Microsoft Exchange

servers in a branch, a standalone WAN Optimization deployment is required.

Secure peering is required for WAN optimization of signed SMB or encrypted MAPI traffic. This is only supported on data

path IPs and is not supported over the management IPs.

Automatic Secure peering of an Enterprise Edition appliance from a standalone WAN Optimization appliance requires

that the datacenter side WAN Optimization appliance is running release 7.4.x or later.

Virtual WAN Enterprise Edition does not support WAN optimization of SSL traffic.

Known Issues

Release 9.1

We b Manageme nt Interf a ce

Issue ID 636005: Single bundle upgrade of NetScaler SD-WAN from release 8.1 or 9.0 to 9.1 fails if using Internet Explorer

version 11.0

If you use Internet Explorer version 11.0 to connect to the web management interface and navigate to

Conﬁguration > System Maintenance > Update Software, the following error message appears when you

attempt to perform a single bundle Virtual WAN or SD-WAN upgrade from release 8.1.x or 9.0.x to release 9.1.x:

An error occurred while transfer of software to change management system. No space ﬁle =

C:\Users\Administrator.NSLB1\Downloads\ CB-VW-PKG-9.1.0.114.upg

Workaround: Use a different web browser, such as Mozilla Firefox or Google Chrome.

Issue ID 659515: NetScaler SD-WAN web interface freezes at the Quick Install Wizard page.

Description: T he Quick Install Wizard page appears instead of the admin login page when a NetScaler SD-

WAN VPX WANOPT instance deployed on VMware (OVA template) or HyperV (XVA template) with the 9.1

software image is restarted. After the restart, the SD-WAN web interface freezes at the Quick Installation

page, and clicking the Skip Install button does not work. Also, the Install button on the Quick Installation

page is not enabled. The web interface stays frozen on the Quick Installation page.

Workaround: Skip the Quick Installation wizard by clicking the Dashboard tab, then the Monitoring tab, and then

the Conﬁguration tab in the web interface. Conﬁguration otherwise available through the quick install wizard has to

be performed manually through the web interface options available on the Conﬁguration page.

ICA Connectivity and Client Session

Issue ID 658696: LINUX VDA version field for ICA Session information on WAN OPT appliance is blank or empty

Description: In a LINUX VDA session on a WAN OPT appliance, the VDA version ﬁeld in the session information

table at ICA Advanced > Session/Conn is empty.

Issue ID 660501: Session Reconnection of NetScaler SD-WAN WAN OPT client fails with HTML5 Receiver version 2.1.

Description: When you attempt to reconnect to a NetScaler SD-WAN WAN OPT client session through

XenDesktop or XenServer with HT ML5 Receiver version 2.1, the session reconnect fails.

Steps:

1. In XenDeskop, click Launch application through the HTML5 Receiver.

2. In the storefront setting, select Always use HTML5 receiver.

3. Disrupt the connection for more than a minute, and they try to reconnect. The session reconnect fails and

the XenDesktop session closes with an error.

Licensing

Issue ID 659809: DBV check support for Remote Licensing Server configuration on Virtual-WAN and SD-WAN appliances

Description: T he DBV check fails and the appliance becomes unlicensed after an upgrade, if the Maintenance

date is expired, and when the customer has Remote License conﬁgured on the SD-WAN.

Workaround: Ensure that the Maintenance date in the license ﬁle is more recent than the Built date of the SD-WAN

or Virtual-WAN software image that is being upgraded.

Networking and Security

Issue ID 653039: IPsec Rekey based on Data (KB) not working properly

Description: In this release, NetScaler SDWAN does not support IPsec tunnel Rekey based on the assigned data

(Kilo Bytes). After the available data KB is exhausted, the IPsec tunnel is not brought down and rekeying does

not work. No data loss is observed.

Conﬁgure an IPsec Tunnel between the SD-WAN appliance Intranet and third-party appliance in the SD-WAN

network and set IKE and IPsec Lifetime in seconds to 3600 seconds, set IPsec Lifetime in KB to 500 KB. Use the

ping command to send basic ICMP trafﬁc (for example, ping 6.2.1.1 -I 5.2.1.1 -s 1000 – i 0.001). Generate enough

trafﬁc so that the IPsec SA lifetime in KB uses 500KB.

During this phase, the IPsec Rekey has to happen before expiration of Lifetime in KB, but the IPsec Tunnel is

deleted after data expiration and packets are dropped. The new IPsec tunnel is established after a few seconds.

Root Cause: All IKE/IPSec generated events are placed in an event queue with a timestamp attached to each entry

within the queue. When the queue timestamp expires, the queued event is processed, and the entry is removed from

the queue. In the case of data expiry, a duplicate entry already present in the event queue does not allow the rekey

to occur.

SNMP

Issue ID 655068: The SNMP MIB table entry query for the management interface returns incorrect values.

Description: In the management interface, the values of the SNMP query table ﬁelds for Bytes Sent, Packets

Sent, Bytes Received, Packets Received, and Bytes Dropped ﬁelds are zero (0). Only the Packets Dropped ﬁeld

has a larger value.

Workaround: Use the following command to obtain the table output:

snmptable -v2c -c public <ip> -Cb CITRIX-NetScaler-SD-WAN-MIB::sdWANStatsEthernetInterfaceTable

Issue ID 660821: The SNMP MIB table entry query for Dynamic WAN paths displays “0” instead of no entries when

Dynamic WAN Paths are not configured.

Description: Each ﬁeld of the Dynamic WAN Path snmptable -v2c -c public -Cb <ip> CITRIX-NetScaler-SD-WAN-

MIB::sdWANStatsDynamicWANClassTable displays a zero (0) instead of no entry.

Platf orm

Issue: On the 4000 Standard Edition appliances, the link state for 10G interface is not propagated when the 10G link

becomes inactive. The link states for all other 1G interfaces are propagated correctly.

SD-WAN Center

Issue ID 580103: E-Mail and Syslog event notifications not displayed for the PATH event type in SD-WAN Center.

Description: In the SD-WAN Center web interface, events raised for WAN PATH objects from the MCN are visible

in the Event Viewer, but the email or syslog notiﬁcations are not available.

Issue: Direct upgrade from previous releases to 9.1 is not supported for SD-WAN Center

Description: Upgrading SD-WAN Center from release 8.x or 9.0.x to 9.1 requires an intermediate upgrade to

Release 9.0.1 build 1000.

Workaround: T he intermediate upgrade is not required if you use a new software image of Release 9.1 SD-WAN

center.

Release 9.0.1

Issue ID 640507: Auto secure peering feature will not work over TLS1.2 until support is added to Data Path Access.

Currently TLS1.2 support is limited to Management Path Access only.

command COPY

- Workaround: Auto secure peering has to be performed over HTTPS conﬁguration using the default "Any

Protocol" and then the conﬁguration can be moved to "TLS1.2".

Issue ID 641505: Direct upgrade of MCN from version 8.1 to 9.0.1 on VPX on a VMware ESXi server fails.

- Workaround: Upgrade to version 9.0 ﬁrst and then to 9.0.1.

Release 9.0

Issue ID 608355 : When Citrix XenServer private networks are deployed for CloudBridge VW VPX along with CloudBridge

WAN Optimization VPX, the ‘Checksum.SendForceSW’ parameter available through the support.html page on the WAN

OPT web interface must be turned off.

Issue ID 580103: In Virtual WAN Center, events raised for WAN PAT H objects are visible in the Event Viewer, but are not

available for email or syslog notifications.

NetScaler SD-WAN 9.1.1 Release Notes

Dec 19, 20 16

These release notes describe the new features, enhancements, known issues, and ﬁxed issues applicable to Citrix NetScaler

SD-WAN software release 9.1.1. The list of known issues is cumulative, that is, it includes issues that are newly found in this

release and also issues from previous releases.

Note

This release note document does not include security related fixes. For a list of security related fixes and advisories, see the Citrix

security bulletin.

The [# XXXXXX] labels for issue descriptions are internal tracking IDs used by the SD-WAN support team.

What's New

The following new features and enhancements were introduced in NetScaler SD-WAN for Release 9.1.1.

New Appliance Support

Support for new Standard Edition appliance; 410-SE. 410-SE is a small, affordable 1U appliance suitable for smaller

branch ofﬁces. It supports WAN speeds of up to 150 Mbps.

For more information, see the SD-WAN 400 and 410 Standard Edition hardware documentation.

Licensing

Support for 300 Mbps SKU on 2000-SE appliance.

Enhancements

SNMP MIBs

ENH0655072 - Support for adding enterprise MIB object to provide Service Uptime and Appliance Uptime information

(values).

Fixed Issues

OSPF Neighbor relationship trafﬁc does not pass through the NetScaler SD-WAN 4000 appliance

Issue ID: 604657 - The multicast packets used for creating OSPF neighbor relationship between routers are not

observed when Virtual WAN service is enabled on SD-WAN 4000 appliance, but is working fine on the 2000 and VPX

appliances.

Workaround: None

Questo manuale è adatto per i seguenti modelli

Altri manuali Citrix Hardware di rete

Citrix

Citrix MPX 16000T Manuale utente

Citrix

Citrix ADC MPX 5550 Manuale utente

Citrix

Citrix ByteMobile T1010 Guida rapida

Citrix

Citrix NetScaler 9010 Platform Manuale utente

Citrix

Citrix SD-WAN WANOP 10.2 Manuale utente

Citrix

Citrix SD-WAN 110-WiFi-SE Manuale utente

Citrix

Citrix ADC MPX Manuale utente

Manuali Hardware di rete popolari di altre marche

Matrix Switch Corporation

Matrix Switch Corporation MSC-HD161DEL Manuale utente

B&B Electronics

B&B Electronics ZXT9-IO-222R2 Manuale utente

Yudor

Yudor YDS-16 Manuale utente

D-Link

D-Link ShareCenter DNS-320L Manuale utente

Samsung

Samsung ES1642dc Istruzioni per l’uso

Honeywell Home

Honeywell Home LTEM-PV Istruzioni per il montaggio

evertz

evertz 7700 Series Manuale utente

D-Link

D-Link ShareCenter DNS-343 Manuale utente

Asante

Asante AsanteBridge 1012 Manuale utente

FireBrick

FireBrick FB2700 Manuale utente

Audiovox Electronics

Audiovox Electronics ARWH2T Manuale utente

ADC

ADC DSX-1 Manuale

NetComm

NetComm NF2 Manuale utente

Alcatel-Lucent

Alcatel-Lucent 5620 Manuale utente

Dell EMC

Dell EMC XC6420 Series Manuale utente

Lanner

Lanner NCA-1020A Manuale utente

Allied Telesis

Allied Telesis AT-TN121-A Manuale utente

Arista

Arista CCA-ETM-Q12 Manuale utente