Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 421
  • Last Modified:

Netscaler Clientless VPN - Bookmark URL Masking

Hi

We have the following issue with users who connect to internal web pages/web applications via Clientless VPN Bookmarks.

When the user connects, the Netscaler masks the address, so instead of:

http://servername/sitename

it becomes:

https://netscalerexternal/cvpn/http/servername/sitename

Is there anyway to stop this behaviour whilst still allowing a user to access the site? I can apprecaite why it does it, however it is causing issues with a few of the Javascripts that run.

If anyone has any information on this, it would be greatly appreciated.

Many Thanks

Richard
0
Fletch_r21
Asked:
Fletch_r21
  • 2
2 Solutions
 
Dirk KotteSECommented:
With clientless-VPN you gon't get a real VPN.
If you access internal webpages you have to use the NetScaler as reverse-proxy (only for your session and secure) you should not get a Connection if you try to open internal server directly (http://servername/sitename)
Netscaler rewrites the Webpage content so all included links matching the reverse Proxy URL.
Possible this don't work with some special scripts.

Do you have examples for non working scripts?

Possible you need full-VPN with you web-site, so your users reach this page directly without rewrite.
0
 
btanExec ConsultantCommented:
I am thinking if this rewrite may help
You will need to define domains for clientless access in order to have it only re-write certain links. In the Access Gateway Global Settings, click the link for 'Configure Domains for Clientless Access'. Choose "Allow Domains", then type in the domains you want to have re-written. I don't know if you can specify individual sites (site.company.com) or if you can only do domains (company.com). If you did this and entered "company.com", then any links / bookmarks that ended with that would be re-written; anything not specified (like google.com) would not be.
https://discussions.citrix.com/topic/251028-url-rewriting-in-bookmarks-with-clientless-ssl-vpn/?p=1401049

Or maybe we can find the Published Applications section and click No Url to bind Bookmarks.
http://www.carlstalhood.com/netscaler-gateway-11-1-ssl-vpn/#bookmarks
0
 
btanExec ConsultantCommented:
As per advice on rewriting options
0
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now