Client

Full tunnel support.

Client

Generic Antivirus detection for Windows and Mac.

Client (145844)

Show registry and certificates in command history.

Client

Prevents the posture management from blocking link manager module.

Client (147146)

ICMP rules not shown in CLI.

Client

Fallback to sending push through backend, incase direct MQTT fails.

Client (151159)

Refresh TURN TCP allocation before expiration.

Client (149588)

Fix crash while removing link.

Client (151694)

Fix issue with timezone DB parsing.

Client (151550)

Prevent log upload from preventing server communications.

Linux

Detect disk encryption in Azure.

iOS

Improve login/logout and sleep/wakeup handling.

Client (148175)

Use one certificate for all links.

Client

Increase the maximum number of allowed FD on Linux.

Client (149849)

Fix network change handling on Linux.

Client (147878)

Removes all links when network goes down on Windows.

Client

Notify link down during connection.

Client

Use stored curr link id instead of accessing curr link again.

DNS (148391/148039)

Fix DNS deadlock in reset function.

DNS (148494)

Configure suffix only if suffix is enabled.

DNS( 147697)

Remove lock from resolve thread and lock only required sections in DNS.

DNS (147445)

Do not use libcurl internal DNS API.

DNS (147697)

Possible deadlock in Domain Name System (DNS) module.

Client

New contexts: Domain joined, registry, and certificate.

Client

Trusted network detection.

Client

Improved detection and handling of network change.

Client

Support sending messages to other clients directly through Message Queuing Telemetry Transport (MQTT).

Client

Support bulk sending of split push messages.

Client

Split link manager’s periodic task into multiple smaller periodic tasks.

Client

Check operating system when checking that a link context is valid.

Client

VMware by Broadcom rebranding and privacy policy link changes.

RESOLVED ISSUES

Client (139596)

Issues when switching between headless and regular user on the same machine.

Client (132471)

Improve detection of disconnected links.

Client (144798)

Sending disk encryption status to backend.

Client (138468)

Client hangs when link fails to establish during initial login.

Client (146324)

Fix endless loop during range cleanup when multiple Client Connectors share the same IP ranges.

Client (145463)

User Interface (UI) icon showing as A instead of actual username.

DNS (141049)

Block access control calls for IPs in DNS’s IP range.

DNS (143726)

Disable DNS module earlier in the logout process.

DNS (144736)

Improved locking in client connector’s asynchronous resolver.

DNS (143847)

Configure suffix only for domains starting with Astrix.

Windows (140164)

Fix issue retrieving screensaver settings.

Windows (143516)

Fix a failure to decrypt the secure storage values.

Windows (145681)

Error thrown during disk encryption status check.

Linux (143135, 143271)

Disk encryption check.

CLI (134323)

Add missing blocked-by-context in history CLI.

CLI (141615)

Differentiate between IPv4 and IPv6 ICMP pre-defined rules.

iOS (139252)

Links not clickable in policy screens.

iOS

Fix various log issues from inside the NE.

iOS (139715, 139714)

Fix showing popups in iPad.

iOS

Fix various application failures.

iOS (135492)

Logout when organization is deleted.

Android (141582)

Fix notifications not showing in Android 13 and above.

Android (142532)

Logout when there is a failure to refresh the token.

Client (144689)

Improve suspend resume handling.

Client (144025)

Improve re-establishing connections to Client Connectors after network connections are resumed.

Client (144870)

Improve long polling connections between User Interface (UI) and service.

Client (144689)

Fix issue with refreshing an expired token.

Client

Crash in Proxy Auto-Configuration (PAC) file.

Client (142784)

Fix installing Proxy Auto-Configuration (PAC) certificate in Mac Operating System.

Client (129038)

Proxy Auto-Configuration (PAC) files are supported for Windows and Mac

A PAC file defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL. The Client checks for a PAC file configuration to determine if it is present on the device, and then acts based on the received configuration. If the configurations match, it keeps the existing one and if they differ, the new configuration is stored and replaces the older file making the needed changes. The Client regularly checks to ensure the configuration is set and, if a user removes it, restores the configuration.

RESOLVED ISSUES

Client (132471)

Client should not failover to a link which is in a connecting state for a long time.

Client (139169)

Customer users may have difficulty logging into the client when it is woken up from sleep mode, including having the client return to the login screen after a successful logging in, and may also display a 001 or 003 error. The fix for this issue improves login refresh during the wake-up from computer sleep.

Client (139843)

Improved detection of TCP relay link disconnection to ensure that if a TCP link goes down, the entire tunnel would be torn down and rebuilt as needed.

Client (137501)

Filter the current Client Connector’s IP address ranges from the ranges of other Client Connectors in the organization. This resolves the issue where if a Client Connector is set to be part of its own IP range, then those IP addresses are mapped to the device's own interface and packets matching those IP addresses do not reach their destination.

Client (137520)

Retry on 504 responses.

Client (138003)

Check for a version update during login instead of waiting for few minutes.

Client (138468)

Fix crash when terminating link is destroyed during creation.

DNS (137081)

Fix DNS PTR support and various crashes.

DNS (138593)

Add missing auth0 domain to allow list.

DNS (137887)

Fix race condition in resolver.

OSX (132774)

Change write permission on client’s internal configuration files.

Windows (132772)

Use full path when executing system apps.

Windows (138607)

Add WSA Startup when client first launches.

CLI (134322)

Fix showing context of connected tunnels.

Client (121379 / 126266)

SD-WAN adds the ability to configure a DNS suffix to the suffix configuration field for a Client Connector. For LAN hostname resolution, customers typically use only the prefix of the hostname, while the operating system automatically adds the suffix of the local domain/s. Previously, when SD-WAN Client received these DNS requests, it only received the prefix and the request was dropped. Now a user can add a *.suffix domain to the suffix configuration.

Client (116311)

SD-WAN Client adds asynchronous DNS resolution. Asynchronous DNS resolution is a technique that allows a program to perform DNS queries without using too many resources, and improves the performance and responsiveness of this service when dealing with multiple or slow DNS servers which results in improved page loading speeds.

Client (131158)

Add disk encryption.

Client (129206)

DNS answer handling issue when a Tunnel is disabled and the first attempt fails to connect with a Client Connector domain.

Client (132024)

If a user changes the target domain from a root domain configuration (in other words, "*") to a specific hostname, browsing may fail. The resolution restores the DNS configuration following a root domain configuration.

iOS (132126)

If the NE process fails, users do not have access to logs to troubleshoot the issue. The resolution adds an independent logger for the iOS application.

iOS (133112)

Resolves both an iOS logging failure and the Tunnel printing logs without any debugging information.

iOS (133858)

Resolves logging failure encountered during the production build.

iOS (133744)

Resolves an iOS logout issue encountered when disabling an organization client.

iOS (134459)

Updates the iOS build version # on the CI version.

Client (133902)

Users may experience failure with their traffic including a loss of access to shared drives along with difficulty loading applications which require access to their network which can be temporarily remediated by logging out and back into SD-WAN Client.

UI (122308)

Adds a privacy policy agreement where a user needs to explicitly click consent to be directed to the main application page. If a user clicks that they do not consent to the privacy policy they will be redirected back to the login page.

Client (128350)

Multi-thread HTTP requests to improve responsiveness and prevent congestion that can occur in a single-threaded implementation of HTTP requests.

Client (128924)

Do not print passwords and tokens to a log.

Client (128928)

Use absolute paths for Windows system executables to prevent a separate instance from being spawned each time that process is invoked.

iOS (122561)

App gets crashed when opening the Global Privacy Policy page.

iOS (124497)

Connection View, when left opened for some time, does not reflect the changes in connection and latest notifications are not displayed and this prevents a user from having the most current information for connections and notifications.

iOS (124500)

auth0 fails to renew the auth token and requires re-login.

iOS (122198)

Inconsistency of colors reflecting in the main button.

iOS (123220)

In some situations, colors of the main button does not reflect the current state.

iOS (126023)

Edge case prevents application usage during onboarding and does not permit push notifications.

iOS (125593)

Apple code failure during onboarding.

iOS (125580)

Connection View does not update on moving from background to foreground.

iOS (123218)

Operating System does not connect or ping when initiating from iOS device.

iOS (126626)

Onboarding does not create tunnel manager on macOS M1.

iOS (127731)

CI build fails during macOS update.

iOS (127716)

Network Extension Tunnel Provider is left open after long sleep or when login session have expired.

iOS (118451)

Update Xcode and build SD-WAN Client using Xcode 15.

iOS (118438)

viewIsAppearing is the correct timing to add layers of other vc subviews. This needs to be part of the transition to iOS 17 and Xcode 15.

iOS (127716)

Network Extension tunnel is left open when login session expires.

UI (121531)

Remove SD-WAN Client hostname.

Client (128063)

Status check is not be affected by load.

Client (125521)

Users cannot connect to a Client Controller if the DNS queries and responses use capital letters. This fixes that issue by ensuring that DNS queries using capital latters are properly handled.

Android

Adds a privacy policy disclaimer as required by Google for an application using a VPN Service. The user must explicitly acknowledge this disclaimer prior to using the service on an Android device.

Android

Adds a Firebase crashlytics opt-in disclaimer.

Client (121554)

Link performance events to backend should not exceed the maximum size.

Client (118883)

Fix liveness messages not being sent.

Client (123277)

Fix handling of expired login responses from the backend.

Client (123250)

Filter local default Gateway, IP addresses, and DNS servers from client connector mapped ranges. This prevents incidents where a device cannot access the network if the Client Connector IP range includes the devices own default gateway.

DNS (123420)

Fix DNS SRV record parsing.

DNS (124067)

Improved handling of CNAME responses.

IOS (121868)

Improve sleep/resume handling.

IOS (122536)

Make menu item format more consistent.

IOS (123219)

Fix issue with multiple running instances of VPN Manager.

CLI (121530)

Do not show SD-WAN Client host name.

iOS (122305)

The VPN Applications in iOS must present a disclaimer to the user on any application launch (Guideline 5.4). If a user clicks Cancel, they exit the application and are brought back to the login screen.

Client (118844)

This ticket corrects two related issues related to a link disconnect: Prevents a link disconnect from freezing the entire client, and ensures all threads close when the link disconnects.

Client (120368)

Client is slow to detect a link speed connection error.

Client (120510)

The internal HTTPS server might stop working when connecting to many other clients.

Client (120865)

It takes an unexpectedly long time to login into a Windows client.

Client (120907)

A link disconnect may cause the client to fail and need to be restarted.

DNS (120882)

DNS does not handle domains that include one or more upper case characters.

Android (120961)

When the application is loading there may be an issue that causes the application to fail and need to be restarted.

Android (121376)

If the server returns an HTTP Error 401, the login token does not refresh which causes the application to fail to reconnect.

Android (121382)

Notifications do not show.

IOS (115469)

When the user cancels the login status, does not show the login error.

IOS (120958)

IP Address not showing up after login.

Client

Support for IPv6 DNS queries.

Client

There is now a flag in the Portal for the Client Connector not to set NAT rules.

UI

Console log errors are now written to UI log files.

Windows

There is now an option to pass the server token during the silent install process to avoid having end users manually insert the token on tablets. To add the token parameter for silent install, perform the following command where YYYY is the server token: SDWANClientInstaller.exe /serverKey=YYYY /verysilent

Android (115394)

An Android user may not be able to log into the UI, which can be temporarily resolved only by rebooting the device.

Android (115592)

Android client application may experience a fatal exception when creating a pending intent.

Android (117853)

Android client application may experience a failure after initial installation related to the handling of auth0 errors.

Android (120621)

Android client may experience a failure when there is no network. This caused by an issue with DNS Server detection that delivers an empty DNS list when there is no network.

CLI (116832)

The Help Menu incorrectly labels the executable name as "sdwan-cli" when it should read "sdwan-client-cli".

Client (115392)

Client sends link data events for a link which did not transfer any data.

Client (117313)

Client may experience a failure when it is flooded with IP address packets that fill up the queue and result in the Client memory becoming full. The fix drops IP packets if the queue is full.

Client (117986)

Client tries to repeatedly connect to a peer with push registration issues.

Client (118456)

Client does not properly handle a 403 response for a login from a suspended account.

Client (118844)

Tunnel disconnects are not handled properly.

Client (119344)

If the peer side is lost on the network, it takes up to 10 seconds for the TCP vlink to disconnect.

IOS (110417)

When attempting to log out of an IOS Client, a message pops up that allows the user to continue or cancel and if the user clicks cancel, the application is stuck in a loading animantion.

IOS (113451)

When on the Connections screen, the user is presented with an IP address listed as "(null)".

IOS (115393)

Link remains up despite the addition of a network context that should result in a disconnection.

Linux (111569)

SD-WAN Client allows a connection when the lock screen is configured with a screensaver password context that should force a disconnect.

Ubuntu (117166)

Uninstalling the Client with the apt-get --purge command does not work.

UI (117124)

Support email address is not correct.

UI (118157)

Third party SAML libraries not fully supported for SAML login pages.

UI (117750)

List of available devices is missing in the OSX tray icon.

UI (118526)

The Connection page shows upload/download values in GB starting at 10MB and above with the result that the user would see a upload or download value of 0.0 GB because the UI does not output values beyond one decimal point. The fix adds 2 decimal places (in other words, 0.000) so that a user may see these smaller values.

Client (111326)

Devices using Microsoft Windows may experience slower than expected initialization while establishing connections to DNS Client Connectors.

iOS (115474)

When logging on the SD-WAN Client application and navigating to the VPN Configuration page, a user would observe the name "Ananda" where it should read "SD-WAN Client".

FEATURES

UI

The Electron software framework is upgraded to version 22.

UI

The SD-WAN Client login page is now consistent in appearance with other VMware services.

RESOLVED ISSUES

UI (115704) 

Customer may not be able to use Cisco Duo multi-factor authentication (MFA) for logging into the SD-WAN Client.

UI (108722)

When a user logs in using an incorrect SAML configuration, the UI will indicate a successful login but the screen will be stuck in "Working". The fix for this now shows a notification reading "Please check your SAML configuration", so that the user knows they need to correct the configuration.

UI (109355)

When a user logs into the SD-WAN Client application, they may observe an error pop-up screen: "Failed to perform -getDevices". However, when the user opens the Devices list the devices are present.

Android

SD-WAN Client application released to the Google Play Store.

iOS

SD-WAN Client application released to the App Store.

CLI

Expose DNS Allow List: The allow list contains the domains that are always resolved locally and never sent to the client connector. Previously this list was not exposed to users and should have been.

CLI

Expose Connected Networks Context Policy

DNS

Add Support for Ubuntu 22.04

RESOLVED ISSUES

DNS

Linux adds a default DNS server in case none are detected

DNS (108690)

Handle client connector being created before creating a network

DNS

Return empty answer for unhandled PTR requests

Context (109480)

Fix network context parsing

Context (109477)

Fix OPSWAT antivirus detection

Context (109496)

Fix Windows Defender antivirus detection. Previously if Windows Defender endpoint posture check is enabled, the posture check test fails on all versions of Windows running core version of Defender.

Apple iOS

Handle additional login errors

Apple iOS (110076)

Fix the application menu after terminating the application

Apple iOS (110444)

Fix the handling of a cancelled login

Apple iOS (112756)

Fix login flow for M1 Macs

Android (112757)

Fix handling * DNS configuration

Android (109811)

Must always enable local DNS resolution even if no DNS configuration is available.

Windows (112352)

Improve TUN down detection

Client

Measure HTTPS times and output these to a log.

Client

Resolve several memory leaks.

Client

DNS detects all failed and blocked events which cause a tunnel-to-client connector to disconnect and retries to establish the connection.

Client

Resolve an issue with running reliable VLink test in Windows, and stop the test and debug prints as soon as test the fails.

Client

DNS adds CNAMES to allow lists for internal domains.

Client

DNS returns both IPv4 and IPv6 for hostname requests.

CLI

Fix restarting the service in Windows.

Apple iOS

Clear tokens and logout if there is a login error.

Apple OSX

Set/restore DNS configurations on all interfaces (active and not active).

Apple OSX

Stop service after application has been uninstalled. Previously the SD-WAN Client service would continue on a device even after the application had been removed from the device.

Microsoft Windows

Login with client connector token should not fail and lead to a login failure.

Portal/Backend (115927/146057/146056)

Add free-text antivirus.

Portal/Backend (104645/147884/146059)

Add full tunnel config for Network Resource.

Portal (141056)

Block in portal according to permissions.

Portal (147349)

Remove domain name from portal org settings.

Backend (147139)

Consider network topology in gateway IP ranges list.

Backend (11745/11750)

EU env. adjustments.

Backend

Resolve snyk vulnerabilities.

Portal (150879)

Trusted Network Space is not allowed in name field.

Portal (150875)

Network resource name is not trimmed for whitespaces.

Backend (144057)

Migrate lifecycle events to rabbitmq.

Backend

Double number of deployed replicas for login/auth services.

Backend

Deprecate and hide from swagger VCO mgmt login api.

Backend

Return 504 on AWS IOT rate limit.

Portal/Backend (124986)

Add new global settings for Trusted Network Detection.

Portal/Backend (140929)

Device posture–join domain.

Portal/Backend (140938/141464/144466)

Device posture–certificate.

Portal/Backend (140924)

Device posture–registry check.

Backend

Increase push memory to treat duplication of senders (device/mgmt).

Backend

Extract common users/servers/gateways functionality to nodes REST API.

Backend

System for Cross-domain Identity Management (SCIM): remove groups members by value in PATCH operation.

Portal (146703)

Accounts filtering does not work.

Backend (146641)

IDP group synchronization removing the group from all users.

Backend (146385)

Email is not sent to invited System for Cross-domain Identity Management (SCIM) user.

Backend (139477)

Fix SCIM sync for unmatched username and email.

Portal (140759)

VMWare by Broadcom rebranding.

Portal (142937)

Add User Interface (UI) indication for a context that is being active.

Portal (143701)

Decrease grace period of deletion for SCIM-disabled users to 1 day.

Portal (135850)

Handle in portal User Interface (UI) new Client Connector (CC) parameters from the Orchestrator.

Portal (140211)

Block Manage Service Provider (MSP) organization modifications for Orchestrator-managed organizations + improve appearance of name and email, keep one liner (use ellipsis) + tool tip on hover.

Portal (141055)

Remove API token from Orchestrator-logged in users.

Portal (143411)

Show Warning: SAML domain unmatched on user invite/re-invite.

Portal (143224)

Handle errors for SAML domain configuration.

Portal (145866)

Email logo change to Broadcom.

Backend (143272)

The user's email domain does not match the SAML domain of the same organization.

Backend (143226)

Handle conflicts between owner/user creation and SAML domains from other organizations.

Backend (132681)

Orchestrator token parsing and validation in authentication flow.

Backend (144057)

Add delayed messages implementation in RabbitMQ.

Backend (138622)

Add bulk API for device push sending.

Backend ()

Add direct-push support for devices.

Backend (142497)

Allow clients to re-register push with policy update only, without the need of certificate reissuing.

Backend (135849)

Handle externally-managed (edge-originated) Client Connector (CC) creation.

Backend (139405)

Handle externally-managed organizations and Client Connectors, block their modification for portal-originated calls.

Backend (139636)

Adjust API to rest best practices.

Backend ()

Upgrade third parties to resolve Snyk vulnerabilities.

Backend (139071)

Upgrade Alpine Linux OS version to 3.19.1.

Backend (145816)

Migrate to SendGrid email service.

Backend

Upgrade docker OpenSSL to resolve Snyk vulnerabilities.

Backend

Upgrade to Java 21.

Portal (143139)

On the SD-WAN-Portal UI, the SSE Proxy does not show the proper warning message. The UI shows the message "Please ensure all fields are provided", when it should show "Invalid PAC File URL".

Portal (144043)

SCIM group should display source=scim.

Portal (141625)

On the SD-WAN-Portal UI: Monitoring > Connections > Dat(DL/UL) is a type of error data.

Portal (145559)

On the SD-WAN-Portal UI: There is a typographic error in the Warning Message.

Portal (145478)

Error message "Something went wrong" is seen when SD-WAN Client terms are accepted for the first time.

Portal (141631)

Part of the configure SCIM dialog overflows outside of the dialog borders.

Portal (143046)

Need to disable Progressive Web App (PWA) for the SDWC portal.

Portal (143119)

Newly created group not listed in SSE proxy group selection list.

Portal (142080)

Support new status types for network table row.

Backend (145779)

Send network invalidate device message for changes in OS and locations.

Backend (143505)

Enable readiness when push returns back after disabling.

Backend

Send bcc in emails.

Backend (139474)

Handle patch emails with filter (SCIM).

Backend (139475)

Sync name formatted attribute (SCIM).

Backend (139477)

Handle case that principal username does not match with primary email (SCIM).

Backend

Fix cleanup of invited owners/admins on SAML creation.

Backend

SCIM should use both endpoints: /ServiceProviderConfig and /ServiceProviderConfigs, Errata ID: 4978 of https://www.rfc-editor.org/errata_search.php?rfc=7644 1802

Portal (140913)

Fix error message when trying to define on SAML existed domain.

Portal (140947)

Disable users edit in SCIM group and disable roles edit for SCIM invited user.

Backend/Portal

Single Client Connector for multiple networks.

Backend/Portal

Proxy Auto Configuration (PAC) file.

UI

The UI adds new visualizations of network resources so that a user can better understand how these are being used.

Backend

Add the ability to delete a partner for the Maestro API.

Portal (137539)

Client Connectors - adds an expand row option.

Portal (138730)

For configuration fields where a value can be entered, the Portal now includes an 'X' clear indicator to select inputs (single/multiple).

Portal (137601)

Resolves an issue on the View/Edit Network page where the Client Connector Configuration field is stuck in a "Loading" state.

Portal (137417)

Adds useful clarifying text for both Create a New Client Connector and Create a New SSE pages.

Portal (137931)

On the Settings > Administrators page, an Administrator Source shows as internal even though it is SCIM and shows as SCIM on the Nodes view.

Portal (116612)

Corrects an issue with a side bar not expanding back to its original width.

Portal (109351)

In Delete SCIM dialog the Cancel button is grayed out and not clickable.

Portal (109604:)

Adds a tooltip for the Keep Connected checkbox.

Portal (139494)

On the Nodes > Users > Edit User page: Roles drop down, and hovering over a role shows a blue highlight on both User and Admin. 

Portal (139605)

Enhance the Connection > Network > Expand page to show more information with an improved tooltip.

Portal (139547)

Improve how user is marked as SCIM Disabled in portal.

Backend (129910)

Resolves an issue where the broker restarts and the deleted queues are not recreated. 

Backend (137381)

Fix deletion/update of registrations for client notification service. 

Backend (138623)

Upgrade to MQTT 5.0.

Backend (139070:)

Add trust certificate validation for Advanced Message Queuing Protocol (AMQP).

Backend (137084)

Resolves an issue where Firebase (Android notifications service), is deprecating their multi-cast asynchronous message sending, which needs to be replaced with an alternative.

Backend

Use v1.3 as the default Transport Layer Security (TLS) protocol.

Backend

Resolves an issue where the Portal sends pushes management to unavailable devices.

Backend

Upgrade 3rd parties to resolve vulnerabilities found during a SNYK security scan.

UI

Under Accounts > Manage Accounts, a new toggle button is added so a user can easily enable or disable a organization.

UI (132226)

After the service triggers an "HTTP 401 Unauthorized" response status code for an expired token, it then resends the same invalid JSON and refresh token, which prevents the user from accessing the page.

UI

Network policy is now adjusted to contain a source context instead of a list of contexts; and a single rule instead of a list of rules.

UI

Added a new 'Set it Later' button to the Default Network IP Range screen during customer on-boarding in case the customer is not certain what IP range they want to configure.

UI

Validation API added for when a user configures a Client Connector and throws an error if one or more Target Domains are invalid along with specifying which ones are invalid.

UI (133080)

Under Accounts > Manage Accounts, the word 'Active' is removed from the Total Accounts widget because Total Accounts shows the sum of all Organizations regardless of their status, and is not limited to just active ones.

UI (133580)

Users no longer able to jump into a disabled organization.

UI

User is no longer required to have a unique organization domain.

UI

Service now properly handles duplicate domains when SAML objects are created or updated.

RESOLVED ISSUES

Portal (110958)

The service now only accepts the first click on the 'Create' button for Create Server, Client Connector, and Network and ignores additional clicks.

Portal (132830)

If a user attempts to login into a disabled organization, the notification is vague and does not clearly state the reason their login fails.

Portal (132829)

Under the Accounts tab, when a user enables or disables an account, they get a combined enable/disable confirmation notification that does not make it clear if their effort was successful. Users now get a separate notification for enable and disable actions.

Portal (133077)

Under the Accounts tab, a user can create a sub-organization under a disabled parent-organization.

Portal (109861)

Under the General tab, the Auth Token > Generate button does not have a tool tip to clarify what this option does. Users now have a clickable tool tip for this option.

Portal (131006)

Host name validation could use an IP address for validation, but could not use a wildcard domain host name validation. The fix prevents the use of an IPv4 address and adds validation for domain names and wildcard domain names (for example, * or *.domain).

Portal (132603)

The Events page does not properly handle extended device names resulting in display issues. In addition, the device name is listed by its FQDN instead of by the email address of the user. With this release, the device FQDN is built by the email address for user devices and by device name for servers and client connectors.

NEW FEATURES

UI

Improved wording on the Settings tab.

UI

In the API Credentials added the ability to manage multiple tokens.

UI

When deleting an organization account, the UI adds the organization name to the confirmation message to ensure the user fully understands which one they are deleting and prevent inadvertent deletions.

RESOLVED ISSUES

Portal (118289)

Source Node is incorrectly listed as a mandatory field when configuring a network with a Mesh topology.

Portal (126467)

Fixes an issue where the Disable DNS settings throws an exception on DNS entity creation for Server and Client Connector entities. 

Portal (126528)

Can create sub-accounts is disabled even for a parent account that has access to create a child account.

Portal (127022)

A user logging into the Staging portal would observe an issue with the device posture when sorting for contexts.

Portal (130345)

SD-WAN Client Portal now automatically detects an Orchestrator environment inside of its code to ensure a user does not need to re-authenticate on a different Orchestrator instance. This replaces the cookie method.

Portal (130450)

A Client Connector or server is not added to the group on a Client Connector or server creation.

Portal (130910)

If a user using SAML authentication has their role changed to Owner, they cannot login to the SD-WAN Portal.

Portal (131187)

Server Domain dialog improperly handling character limitations.

Backend (128630)

Bypass v2lan Connection is no longer handled during push status.

Backend (130307)

Portal moves to using actions for authentication in place of hooks due to hooks approaching its end of life.

Backend (130308)

Multiple devices can be registered cause errors during connection establishing.

Backend (130466)

Cleans up Message Queuing Telemetry Transport (MQTT) push registrations (in external services) on an instance deletion.

Backend (130638)

SD-WAN Client Administrator cannot log in even though they have an Administrator role.

UI

Network IP Range is now configurable for SD-WAN Client IP Range and DNS Response IP Range:

• Upon initial account setup, the account owner can modify the SD-WAN Client IP Range and DNS Response IP Range.

• The configured Network IP Ranges can be viewed under Settings > General in the SD-WAN Client Orchestrator.

UI

Portal Version is now viewable by clicking on the upper right user menu.

UI

When a user is on the Forgot Password page, they now have the option of navigating back to the login page without resetting their password.

Backend

When a user logs out, devices are now immediately marked as inactive, ensuring the proper status is reported when an active device attempts to connect to one that is inactive.

UI

The Monitoring tabs Connections, Events, Statistics, and Connection History are relocated to the left tab bar and always exposed to the user.

UI

For improved clarity the following fields are renamed:

• Domain is now SD-WAN Client Domain

• Hostname is now FQDN (Fully qualified domain name)

For both fields, a new tooltip is added to better guide a user in their use.

UI

There is now a consistent error message format and display across all configuration screens.

UI

On the IDP Configuration screen, the SAML certificate information is now populated as Certificate Information and includes fields for Metadata and Expiration Date.

UI

On the Monitor screen, the user now has a more focused To/From date range that begins with 2001-01-01 versus the previously unlimited date range.

Portal (110956) 

On the MSP tab, the License Type Filter now works as intended.

Portal (111074)

When logging into the Portal on Safari and navigating to the Accounts page and applying multiple filters a user observed poor field alignment and multiple display styles.

Portal (112940)

Partners/MSP users can create sub-accounts when that is not the expected behavior. This update prevents that from happening.

Portal (114714)

On the Nodes > Servers page, users observes an error status messages (for example, "No Devices are logged in") that are misleadingly in green text when they should be in red to properly alert the user.

Portal (115916)

Users on the SD-WAN Client Web Application could not reset their password.

Portal (115879)

Server/Client Connector reset tokens have correct URL and ensure user password reset works correctly.

Portal (116198)

When a user dialog is opened and closed, a horizontal bar would appear at the bottom of the page.

Portal (116330)

Creating and applying a filter did not work correctly in the following places:

• Connections > Contexts

• Connections > Rules

• Nodes > Servers

• Nodes > Groups

Portal (116626)

When on the Configure SCIM page, the DELETE button overlaps with the SCIM URL fields.

Portal (117755)

The Events page, when configuring a date range, the user could select a From date later than the To date.

Backend (117958)

When an Organization is created, the email subject includes the phrase "Action required" even though no action is required, it is just a notification email.