flexiWAN Release 6.3.3

Release 6.3.3 includes:

  • flexiManage release 6.3.37

  • flexiEdge release 6.3.40

Release Notes:

flexiWAN is the world’s first open source SD-WAN & SASE with a modular and open architecture offered as a cloud service in a SaaS business model.

Version 6.3.3 was released on March, 2024. This version introduces VRRP support, LAN NAT, Notifications & Alerts improvements, Device configuration enhancement and more.

There are three options for hosting flexiManage, each relevant for companies with a different set of requirements. All of these options come with support services and include multi-tenancy.

  • SaaS model in a shared environment - flexiManage is hosted by flexiWAN and includes the flexiWAN logo. This option is great for enterprise deployments and small to medium service provider deployments(Find this option in our pricing under Enterprise SaaS)

  • Dedicated environment - an isolated installation of flexiManage hosted by flexiWAN. In this case you can add your logo to the UI. This is the most popular option for MSPs, Service Providers and SIs

  • Self-hosting - self-hosting of flexiManage is typically best for very large telcos

Read this blog post to learn more about the different hosting options of flexiManage.

Contact us.

New in this release:

  • High availability using VRRP

  • LAN 1:1 NAT

  • Notification and Alerting system improvement

  • Device TABs UI improvement

  • IKEv2 PFS and Phase1 / Phase2 lifetime configuration

  • Role based access keys

  • Ability to modify the tunnel loopback range

  • DHCP options

  • BGP Multihop options

  • BGP Customization

  • Conditional static routes

  • Telit LTE support

  • Improving system scalability

  • Bug fixes

Supported and Planned Features

The list of supported and planned features description can be found in the Feature Overview page

Please send us your feature needs and prioritization.

REST API changes in this release

List of REST API Changes



Backward Compatible?

GET/PUT /devices/{id}

Add LAN NAT rules in firewall section


GET /devices/{id}/interfaces/{interfaceId}/status

Add organization to filter by


ALL /devices

BGP multiHop field added

No - required field when using BGP

PUT /devices/{id}

New query field to allow LAN IP overlapping across devices


PUT /devices/{id}

Allow to define routing customization in various routing sections


All /devices/{id}

Add defaultLeaseTime, maxLeaseTime fields to DHCP section. Add useHostNameAsDhcpOption to DHCP mac assignment section


GET /devices/{id}/interfaces/{interfaceId}/status

Remove the text field from LTE status


DELETE /devices, DELETE devices/{id}

New query parameter: removeVrrp={true|false}


GET /devices/{id}/bgp/status

New API for getting the device BGP status


POST /devices/{id}/staticroutes

Adding conditonal static route section


All /devices, /devices/{id}

Add custom advancedRouting section in main, ospf, bgp and routing filters sections


All /devices, /devices/{id}

Add conditions to static routes section


GET /tunnels

Add response type field detailed|summary


GET /jobs

Device object with Name and Hostname added to request


ALL /peers

ikeLifeTime, pfs added to peer configuration


GET/POST /vrrp, GET /vrrp/status, GET/PUT/DELETE /vrrp/{id}, GET /vrrp/deviceVrrpInterfaces

New APIs to support VRRP


GET/PUT /notificationsConf, GET/PUT /notificationsConf/email, GET/PUT /notificationsConf/webhook, GET/PUT notificationsConf/default, PUT /tunnels/notifications

New APIs to support notifications configuration


GET /notifications

Add filtering parameters


GET/PUT /organizations

Add tunnel range parameter


GET /accesstokens, POST /accesstokens

Add role permission fields


GET /accounts

Adding trial_end field to reflect when account trial ends


GET /appstore/purchased/{id}/action

Allows to perform actions per application, such as updating certificates


Potential Backward Incompatible Changes

List of Potential Backward Incompatible Changes



fwdump path

The default path for fwdump changed from /var/log/flexiwan/fwdump/ to the current folder

Known Issues

List of Known Issues



During login, the username email is case sensitive

The email used in account creation and login is case sensitive

Slow websocket connection during heavy load

During heavy traffic load, device connection to flexiManage may be impacted, prioritize with QoS will avoid it

Tunnel loss and RTT during heavy load

During heavy traffic load, loss and RTT calculation might represent biased values, prioritize with QoS will avoid it

On unstable/slow connections some jobs may be presented as failed on timed out although succeeded

In most of the cases, the jobs have succeeded and the system recovers itself by re-syncing the configuration

Switching WiFi from 2.4Ghz to 5Ghz doesn’t restart DHCP server

To restart the DHCP server for the WiFi interface, stop and start the flexiEdge router

Inbound WAN ICMP with small identifier is dropped

Inbound WAN ICMP with Identifier smaller or equal to 1024 may be dropped