Citrix Gateway 21.9.1.2 Download
Manuel Sohne
I am trying to build a second Gateway on my Citrix VPX ADC. I have a working Gateway pointing to a single STA server and single StoreFront. This is working fine right now. I am trying to configure another gateway using a different public address and gateway address but the same wizard settings as the first e.g. storefront server, sta server. (Referring to Configuration > XenApp and XenDesktop > Create New Gateway).
When I get to the section about StoreFront when I put in the same Secure Ticket Authority URL* as my working configuration and try to test it I get DOWN when I try to test connectivity. I am to understand that this isn't a local firewall rule not a problem with our DMZ rules per our network admin. They don't see any dropped traffic to the STA server. I was asking them to monitor traffic from the new gateway address but that showed nothing. I think that the traffic is actually going to come from the SNIP address.
I looked at some documentation on firewall rules and it looks like communication to STA servers is on TCP80 via the SNIP address. I know that is already working on my production site so I am not sure what the problem is. The storefront server shows as up (same storefront used in both gateways as well). The only thing that is different is the virtual IP. I can find anything in the event logs pertinent to my problem.
The gateway is a necessary component for secure access when deploying Citrix products, including Citrix Virtual Apps (formerly XenApp), Citrix Virtual Desktops (formerly XenDesktop), Citrix Endpoint Management (formerly XenMobile), Citrix Content Collaboration (formerly ShareFile), and Citrix Workspace (all of the above and more). In addition to providing SSL/TLS encryption, the gateway controls remote access functionality. So, yes, you need it.
Can anyone help with the difference in use of Citrix gateway plug-in and citrix receiver. I understand that Citrix gateway plug-in is to be used to send traffic through VPN Tunnel. what i dont understand is when to use what? we can connect to citrix virtual apps and desktops both ways. So if it is possible then why after connecting through citrix receiver gives us the option to connect through Citrix gateway plug-in. What if we keep connecting to the gateway through citrix receiver or plug-in?
New ish to Citrix CVAD and am following the course on plural sight to learn it. It is very good and gets you to setup a lab with all of the internal servers on a bridged network with your internet connection and also a nat network simulating an external user on the internet. This is all done using VM workstation and works all OK but has left me wondering if I could test this actually over the internet and if so how. Appreciate this would be a lab environment and more security would be in place in the real world for production. The ADC (Netscaler) has 2 interfaces at the moment one on the bridged side and one on the NAT. Would I just need 2 interfaces on the Bridged side and then open 443 to the internal address of the gateway. I have an external domain name and have set up storefront.externaldomain.com to point to my external IP and then would forward 443 to the internal address of the citrix gateway
35fe9a5643