Citrix Branch SD-WAN shows offline on SD-WAN Orchestrator

On SD-WAN Orchestrator, verify the Branch Serial number matching:

SD-WAN Orchestrator:

image.png

Branch:

Dashboard

image.png


If there is a Serial number mismatch, correct it on SD-WAN Orchestrator.

If the Branch continues to show offline on SD-WAN Orchestrator, please verify below:

a) Each SD-WAN appliance or virtual instance must have an IP address configured statically or via DHCP and must include DNS entry to resolve the Fully Qualified Domain Name (FQDN) to Citrix Cloud Services.

b) Each of the branch and DC sites must have Internet connectivity to access the Citrix SD-WAN Orchestrator service.

C) Appliances need access to the below-mentioned domain names. Citrix recommends whitelisting *.citrixnetworkapi.net:443. Here is a list of individual cloud service URLs that have to be whitelisted on the appliance firewall for zero-touch deployment:

    • Global endpoints:
      • trust.citrixnetworkapi.net:443
      • sdwan-home.citrixnetworkapi.net:443
      • sdwanzt.citrixnetworkapi.net:443
    • Region specific endpoints [where region is us1 or eu1]
      • download-region.citrixnetworkapi.net:443
      • sdwan-applmgr-region.citrixnetworkapi.net:443
      • sdwan-logging-region.citrixnetworkapi.net:443
      • sdwan-statistics-collector-region.citrixnetworkapi.net:443
      • sdwan-saasgw-region.citrixnetworkapi.net:443
      • sdwan-policy-region.citrixnetworkapi.net:443

Note: Always refer to the doc for the latest update: https://docs.citrix.com/en-us/citrix-sd-wan-orchestrator.html#prerequisites-for-citrix-sd-wan-orchestrator-service-usage

Related:

  • No Related Posts

Leave a Reply