flexiWAN Release 6.3.3¶
Release 6.3.3 includes:
flexiManage release 6.3.37
flexiEdge release 6.3.40
Release Notes:¶
flexiWAN is the world’s first open source SD-WAN & SASE with a modular and open architecture offered as a cloud service in a SaaS business model.
Version 6.3.3 was released on March, 2024. This version introduces VRRP support, LAN NAT, Notifications & Alerts improvements, Device configuration enhancement and more.
There are three options for hosting flexiManage, each relevant for companies with a different set of requirements. All of these options come with support services and include multi-tenancy.
SaaS model in a shared environment - flexiManage is hosted by flexiWAN and includes the flexiWAN logo. This option is great for enterprise deployments and small to medium service provider deployments(Find this option in our pricing under Enterprise SaaS)
Dedicated environment - an isolated installation of flexiManage hosted by flexiWAN. In this case you can add your logo to the UI. This is the most popular option for MSPs, Service Providers and SIs
Self-hosting - self-hosting of flexiManage is typically best for very large telcos
Read this blog post to learn more about the different hosting options of flexiManage.
New in this release:¶
High availability using VRRP
LAN 1:1 NAT
Notification and Alerting system improvement
Device TABs UI improvement
IKEv2 PFS and Phase1 / Phase2 lifetime configuration
Role based access keys
Ability to modify the tunnel loopback range
DHCP options
BGP Multihop options
BGP Customization
Conditional static routes
Telit LTE support
Improving system scalability
Bug fixes
Supported and Planned Features¶
The list of supported and planned features description can be found in the Feature Overview page
Please send us your feature needs and prioritization.
REST API changes in this release¶
API |
Changes |
Backward Compatible? |
---|---|---|
GET/PUT /devices/{id} |
Add LAN NAT rules in firewall section |
Yes |
GET /devices/{id}/interfaces/{interfaceId}/status |
Add organization to filter by |
Yes |
ALL /devices |
BGP multiHop field added |
No - required field when using BGP |
PUT /devices/{id} |
New query field to allow LAN IP overlapping across devices |
Yes |
PUT /devices/{id} |
Allow to define routing customization in various routing sections |
Yes |
All /devices/{id} |
Add defaultLeaseTime, maxLeaseTime fields to DHCP section. Add useHostNameAsDhcpOption to DHCP mac assignment section |
Yes |
GET /devices/{id}/interfaces/{interfaceId}/status |
Remove the text field from LTE status |
No |
DELETE /devices, DELETE devices/{id} |
New query parameter: removeVrrp={true|false} |
Yes |
GET /devices/{id}/bgp/status |
New API for getting the device BGP status |
Yes |
POST /devices/{id}/staticroutes |
Adding conditonal static route section |
Yes |
All /devices, /devices/{id} |
Add custom advancedRouting section in main, ospf, bgp and routing filters sections |
Yes |
All /devices, /devices/{id} |
Add conditions to static routes section |
Yes |
GET /tunnels |
Add response type field detailed|summary |
Yes |
GET /jobs |
Device object with Name and Hostname added to request |
Yes |
ALL /peers |
ikeLifeTime, pfs added to peer configuration |
Yes |
GET/POST /vrrp, GET /vrrp/status, GET/PUT/DELETE /vrrp/{id}, GET /vrrp/deviceVrrpInterfaces |
New APIs to support VRRP |
Yes |
GET/PUT /notificationsConf, GET/PUT /notificationsConf/email, GET/PUT /notificationsConf/webhook, GET/PUT notificationsConf/default, PUT /tunnels/notifications |
New APIs to support notifications configuration |
Yes |
GET /notifications |
Add filtering parameters |
Yes |
GET/PUT /organizations |
Add tunnel range parameter |
No |
GET /accesstokens, POST /accesstokens |
Add role permission fields |
No |
GET /accounts |
Adding trial_end field to reflect when account trial ends |
Yes |
GET /appstore/purchased/{id}/action |
Allows to perform actions per application, such as updating certificates |
Yes |
Potential Backward Incompatible Changes¶
Title |
Description |
---|---|
fwdump path |
The default path for fwdump changed from |
Known Issues¶
Title |
Description |
---|---|
During login, the username email is case sensitive |
The email used in account creation and login is case sensitive |
Slow websocket connection during heavy load |
During heavy traffic load, device connection to flexiManage may be impacted, prioritize with QoS will avoid it |
Tunnel loss and RTT during heavy load |
During heavy traffic load, loss and RTT calculation might represent biased values, prioritize with QoS will avoid it |
On unstable/slow connections some jobs may be presented as failed on timed out although succeeded |
In most of the cases, the jobs have succeeded and the system recovers itself by re-syncing the configuration |
Switching WiFi from 2.4Ghz to 5Ghz doesn’t restart DHCP server |
To restart the DHCP server for the WiFi interface, stop and start the flexiEdge router |
Inbound WAN ICMP with small identifier is dropped |
Inbound WAN ICMP with Identifier smaller or equal to 1024 may be dropped |