flexiWAN Release 6.3.2

Release 6.3.2 includes:

  • flexiManage release 6.3.34

  • flexiEdge release 6.3.35

Release Notes:

flexiWAN is the world’s first open source SD-WAN & SASE with a modular and open architecture offered as a cloud service in a SaaS business model.

Version 6.3.2 was released on Jan, 2024. This version introduces VRRP support, LAN NAT, Notifications & Alerts improvements, Device configuration enhancement and more.

There are three options for hosting flexiManage, each relevant for companies with a different set of requirements. All of these options come with support services and include multi-tenancy.

  • SaaS model in a shared environment - flexiManage is hosted by flexiWAN and includes the flexiWAN logo. This option is great for enterprise deployments and small to medium service provider deployments(Find this option in our pricing under Enterprise SaaS)

  • Dedicated environment - an isolated installation of flexiManage hosted by flexiWAN. In this case you can add your logo to the UI. This is the most popular option for MSPs, Service Providers and SIs

  • Self-hosting - self-hosting of flexiManage is typically best for very large telcos

Read this blog post to learn more about the different hosting options of flexiManage.

Contact us.

New in this release:

  • High availability using VRRP

  • LAN 1:1 NAT

  • Notification and Alerting system improvement

  • Device TABs UI improvement

  • IKEv2 PFS and Phase1 / Phase2 lifetime configuration

  • Role based access keys

  • Ability to modify the tunnel loopback range

  • DHCP options

  • BGP Multihop options

  • BGP Customization

  • Conditional static routes

  • Telit LTE support

  • Improving system scalability

  • Bug fixes

Supported and Planned Features

The list of supported and planned features description can be found in the Feature Overview page

Please send us your feature needs and prioritization.

REST API changes in this release

List of REST API Changes

API

Changes

Backward Compatible?

GET/PUT /devices/{id}

Add LAN NAT rules in firewall section

Yes

GET /devices/{id}/interfaces/{interfaceId}/status

Add organization to filter by

Yes

ALL /devices

BGP multiHop field added

No - required field when using BGP

PUT /devices/{id}

New query field to allow LAN IP overlapping across devices

Yes

PUT /devices/{id}

Allow to define routing customization in various routing sections

Yes

All /devices/{id}

Add defaultLeaseTime, maxLeaseTime fields to DHCP section. Add useHostNameAsDhcpOption to DHCP mac assignment section

Yes

GET /devices/{id}/interfaces/{interfaceId}/status

Remove the text field from LTE status

No

DELETE /devices, DELETE devices/{id}

New query parameter: removeVrrp={true|false}

Yes

GET /devices/{id}/bgp/status

New API for getting the device BGP status

Yes

POST /devices/{id}/staticroutes

Adding conditonal static route section

Yes

GET /tunnels

Add response type field detailed|summary

Yes

GET /jobs

Device object with Name and Hostname added to request

Yes

ALL /peers

ikeLifeTime, pfs added to peer configuration

Yes

GET/POST /vrrp, GET /vrrp/status, GET/PUT/DELETE /vrrp/{id}, GET /vrrp/deviceVrrpInterfaces

New APIs to support VRRP

Yes

GET/PUT /notificationsConf, GET/PUT /notificationsConf/email, GET/PUT /notificationsConf/webhook, GET/PUT notificationsConf/default, PUT /tunnels/notifications

New APIs to support notifications configuration

Yes

GET /notifications

Add filtering parameters

Yes

GET/PUT /organizations

Add tunnel range parameter

No

GET /accesstokens, POST /accesstokens

Add role permission fields

No

GET /accounts

Adding trial_end field to reflect when account trial ends

Yes

GET /appstore/purchased/{id}/action

Allows to perform actions per application, such as updating certificates

Yes

Potential Backward Incompatible Changes

List of Potential Backward Incompatible Changes

Title

Description

fwdump path

The default path for fwdump changed from /var/log/flexiwan/fwdump/ to the current folder

Known Issues

List of Known Issues

Title

Description

During login, the username email is case sensitive

The email used in account creation and login is case sensitive

Slow websocket connection during heavy load

During heavy traffic load, device connection to flexiManage may be impacted, prioritize with QoS will avoid it

Tunnel loss and RTT during heavy load

During heavy traffic load, loss and RTT calculation might represent biased values, prioritize with QoS will avoid it

On unstable/slow connections some jobs may be presented as failed on timed out although succeeded

In most of the cases, the jobs have succeeded and the system recovers itself by re-syncing the configuration

Switching WiFi from 2.4Ghz to 5Ghz doesn’t restart DHCP server

To restart the DHCP server for the WiFi interface, stop and start the flexiEdge router

Inbound WAN ICMP with small identifier is dropped

Inbound WAN ICMP with Identifier smaller or equal to 1024 may be dropped