We currently run a XenApp 6.5 farm for publishing apps & desktops to our users.
For External Access, we have the (free) Citrix Secure Gateway. It sits in our DMZ and passes on the requests to our Citrix Web Interface in our internal network.
Internally (between all the branch offices in the WAN), we are using Citrix Storefront 2.6.
I did attempt to reconfigure the CSG to pass on traffic to our Storefront web host rather than the Citrix Web Interface host. However Storefront is not compatible with CSG and that I needed the Netscaler before our Storefront will work with external requests also.
(the website launches, but you can't launch apps etc).
So we purchased an Enterprise VPX license.
Netscaler is obviously designed to do a gazillion other things than just perform the CSG role. However that's all I want it for.
Trying to find documentation on just that is difficult as Netscaler 10.5 seems to be only new.
What I would like to know is the best and easiest way to achieve this goal?
Considering the Storefront takes only a few minutes to setup, I am happy if the best solution requires deploying a 2nd Storefront in either the DMZ or internal.
These are the parts that I don't understand during my setup attempts.
When first deploying the VPX (from vSphere). It automatically adds 2 vNICs (one for our internal network and one for our DMZ). How many NICs does it need? 2 NICs = 1 in each network, 2 NICs = both in DMZ, or just 1 NIC = in the DMZ?
The CSG only has 1 NIC (in the DMZ). So if Netscaler needs 2, I will need to adjust the Firewall rules.
It then becomes more confusing later on when setting up the connection to the Storefront & XA Data Collectors.
I don't understand about the relationship between the NIC's we add to the VPX in vSphere as appose to NSIPs, SIPS, SNIPs, MIPs & any others I have missed. Are these more vNICs that the Netscaler creates itself when we assign an IP address?
Also, when initially configuring the VPX, I am asked to enter the DNS IP. This part I am unsure of as there is no DNS running in the DMZ. Should it be our internal DNS or the DNS of the ISP hosting the External public IP?
LDAP authentication. Is this needed? the old CSG just seemed to pass all the roles over to the Citrix Web Interface.
And lastly just some info around connecting the netscaler to the Storefront & XenApp.
Most documention online is for the previous netscaler & XenDesktop.