NetScaler Gateway with XenDesktop 7.1

Posted on 2014-07-18
Medium Priority
Last Modified: 2016-10-25
I am trying to get my NetScaler configured so my users can securely access my Citrix StoreFront.  Right now I am trying to do this all on one subnet to simplify configuration.  The NetScaler, clients and XenDesktop server are all on the same network.  I have been reading "Implementing NetScaler VPX" by Marius Sandbu, specifically section 2.  It is a good book but I still don't have a working solution.  I seem to be stuck setting up the virtual server.  I can't get the state to change from down.
Question by:kferreira
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 24

Expert Comment

by:Dirk Kotte
ID: 40206633
which license do you install?
check/post system/licensing
LVL 12

Accepted Solution

Daniel Borger earned 2000 total points
ID: 40208834
If you setup storefront with HTTPS the virtual server would need a Certificate to be shown as up.  It should also be networking.  Netscaler?system/diagnostics/ping and try to ping storefront from Netscaler.  This may be helpful...http://blogs.citrix.com/2012/04/10/netscaler-for-the-xendesktopxenapp-dummy/

Author Comment

ID: 40212208
@dkotte I am running the demo version of VPX (1000).  

> show license
      License status:
                         Web Logging: YES
                    Surge Protection: YES
                      Load Balancing: YES
                   Content Switching: YES
                   Cache Redirection: YES
                        Sure Connect: YES
                 Compression Control: YES
                   Delta Compression: NO
                    Priority Queuing: YES
                      SSL Offloading: YES
        Global Server Load Balancing: YES
                      GSLB Proximity: YES
                 Http DoS Protection: YES
                     Dynamic Routing: YES
                   Content Filtering: YES
                  Integrated Caching: YES
                             SSL VPN: YES  (Maximum users = 5)  (Maximum ICA users = Unlimited)
                                 AAA: YES
                        OSPF Routing: YES
                         RIP Routing: YES
                         BGP Routing: YES
                             Rewrite: YES
           IPv6 protocol translation: YES
                Application Firewall: YES
                           Responder: YES
                      HTML Injection: YES
                      NetScaler Push: YES
                 Web Interface on NS: YES
                             AppFlow: YES
                         CloudBridge: YES
                        ISIS Routing: YES
                          Clustering: NO
                            CallHome: NO
                              AppQoE: YES
                     Appflow for ICA: YES
                               Vpath: NO
                     Model Number ID: 1000
                        License Type: Platinum License
LVL 12

Expert Comment

by:Daniel Borger
ID: 40212309
Some notes from a build sheet, hard to find anything that doesn't have customer info.  

   Go to Access Gateway, Virtual Servers
      Create new virtual server Storefront External 443/SSL
      Enter DMZ IP address (NATED IP from external IP)
       SSL protocol port 443  

     Max users- enter # of users listed in licenses "maximum ICA Users Allowed (10000)
      Published Applications Secure Ticket Authority click add
      URL http://citrixservername.domain.com
      Enter 2 STA servers from Citrix farm
      Verify servers are reporting in (save refresh and open vip_external_access/ published applications
Add Certificate
Add Policies – These depend on what you want.

Add Authentication Policies

      Published Applications  TAB Secure Ticket Authority click add
      Enter 2 STA servers from Citrix farm
      Verify servers are reporting in (save refresh and open vip_external_access/ published applications
      Create new virtual server vip_ext_authentication

Author Comment

ID: 40212330
@dborger I did not have a DNS server setup under Traffic Management.  I just added it.  I also turned off the Windows Firewall for domain networks on the store front server.  After that I was able to ping the Storefront server using the full name.  Strange it could not assume the domain.  

I am just starting to go through the "Netscaler for Dummies" link you left.  It looks like that could be helpful.

Author Closing Comment

ID: 40373976
The info provided was helpful.
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenDesktop 7.6 Citrix Policies Disable Peripherals
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question