NetScaler is the industry’s leading web and application delivery controller that maximizes the performance and availability of all applications and data, and also provide secure remote access to any application from any device type. NetScaler products are easily selected by determining the edition providing functional needs and the appropriate physical or virtual appliance platform to fulfill performance needs.

Share tech news, updates, or what's on your mind.

Sign up to Post

How can I view logging regarding state changes of NetScaler Gateway Virtual Servers? After upgrading to the latest version
sometimes user are getting to the proper login page and desktop and other times they redirected to a default site.

NetScaler (11515)
 NS11.1: Build 57.13.
We are researching dual factor authentication for our Citrix users and Citrix NetScaler nFactor seems very easy to use, from a client perspective.

According to this will work with "Google reCAPTCHA" (

I am not sure about the System requirements.  Will this nFactor work for client devices that use a web portal to access the pubclished Apps/Desktops from Citrix NetScaler?  My understanding is that nFactor  will work when entered from a  web page; but, not from Citrix Receiver.  I just want to verify this.  CAN someone explain to me what the system requirements are for nFactor?

Question1:  What is the difference between the a browser client and a native client.

According to web page:   "First and foremost: nFactor is built on web technology – similar to how SAML web forms work. That means that each ‘factor’ is meant to be displayed in a web browser or frame – things that don’t natively support this may not work. The most common scenario here is Citrix Receiver – it does not (currently) support this type of authentication, but that does not mean that you cannot use nFactor authentication on a gateway vServer "

Question2:  If we wish to use nFactor at my company then what will we require for client access success?
When I look at the elliptic curve information for some VIPs in my Netscaler Load Balancer - I see
that there might be four or five lines dedidicated to elliptic curves. I forget the numbers
but one might be 128, 164, then 256, then 324 - let's say. Now I understand the larger the
number the higher the encryption level. But why would a vip have several elliptic curves
associated with it instead of just one?
Citrix Licensing Models: Apart below licenses, do we need any other software licenses for Citrix XenApp XenDesktop 7.x deployments?
Especially, VMWare licensing details required for XenDesktop SBC/VDI deployments.

Model 1: Rich Model

Citrix XenAppXenDesktop Platinum Edition
NetScaler MPX
Microsoft CIS Datacenter (Included RDS and Hyper-V VMs OS)  OR  VMWare ESXi with VCenter
MS SQL Server (Enterprise) AllwaysON

Model 2: Economic Model
Citrix XenAppXenDesktop Enterprise – Limited Director reports (31 days of historical analytic data), No Comtrade SCOM pack.
NetScaler VPX Model
MS SQL Server (Standard) without AllwayON
Microsoft CIS Datacenter (Included RDS and Hyper-V VMs OS)  OR Citrix XenServer

Microsoft License :
Hyper-V, Server OS, Desktop OS : Data Center Edition will cover Hyper-V, Server OS and Desktop OS on the Host server.
Extra Windows Desktop OS license for XenDesktop
I’m buying VDI software from VMware/Citrix/another vendor. Do I still need Windows VDA?
Yes. If you are accessing a Windows client OS as your guest operating system in the datacenter from a thin client, Windows VDA is the appropriate licensing vehicle regardless of the VDI software vendor you choose. The only scenario where you would not need Windows VDA is if you were using PCs covered under Software Assurance as the access devices, since …
How do i restrict access to a vServer on a netscaler based on which user tries to login.
Citrix NetScaler VPX 12.0 Configuration for StoreFront Loadbalance in Intranet 7.15 CU2 environment.
1. SSL certificates requirement - PFX/CRT/PEM, How to generate required SSL certificate?
2. SSL Certificates required for StoreFront, DDC, and NetScaler? How to generate?
Windows 2016 Certificate Authority role required to generate these certificates? If yes, How to generate?
If we can generate through IIS, How to generate?
3.  Service Accounts requirement for LDAP authentication.
4.  STA Authority URL (SF or DDC)?
5.  How many IPs required for SF LB? i.e NS IP, SNIP, SF LB VIP, so on...

Please provide  a complete Citrix NS 12.0 SF LB configuration guide with all prerequisites.
Citrix XenDesktop 7.12 connection interrupted, between the session and sometimes while logout

XenDesktop 7.12
Storefront 3.8
Profile AppSense
Receiver 14.7
NetScaler VPX 12.0

If we check At the same time in-studio session was logoff automatically

Tested with below settings, but no luck

Netscaler 12.1, it's a known issue. Netscaler will hang and it will restart itself. We have one more environment which is already in production with NetScaler 12.0 configuration without issues.
Tried  private fix LC6761, but no luck

Please suggest.
Has anyone used the Netscaler content switching to have information from an internal server get published on an external hosted ERP Website?
Basically I am trying to take an internal Tableau Server to Netsuite.
Citrix Netscaler 12.0 ReWrite Policy


I am currently implementing a rewrite policy on my Netscaler testing environment to be able to insert a footer on the login page to inform users of anything they need to be aware of. The policy is working as expected, however when making a change to the policy, it is not reflecting the change on the logon page. It seems to be cached, but I am unsure where. I have tried 2 different browsers and also re-creating the Virtual Server and re binding the policy. I am following this guide:

Any help would be appreacited.


I'm unable to launch Citrix XenDesktop from outside my network. It gives me protocol driver error when launched from store front. Has anyone seen this error message before?

P.S I do not have a netscaler gateway in between. Currently using my firewall for port forwarding.



How can I create URL redirection on Netscaler

I need to redirect https://cportal/sites/NCSC/rfpanswers/*    to Document Database

please advise.
Good day. I am busy configuring my first netscaler gateway for Xenapp 7 but i am not seeing the VPN tab on the web interface. Any ideas why?
Hi EE,

If I wish to forego Citrix Netscaler , can I then simply create a virtual server load balancing port 443 with SSL offload on my F5 Big IP device using the traffic manager ? I tried searching the F5 and Citrix  knowledge base with no luck. Looking for any persons experienced in this area.
Hello.  Running Citrix Secure Gateway, 3.3.4, Web Interface and XenApp 6.5.  We have 11 different servers running CSG/WI that point to the same XenApp 6.5 farm.

While investigating why we are seeing an increase in client connections drop, I noticed that our CSG logs are only showing that STA's are coming from 1 server instead of the 5 that are defined.  There are actually more in the server farm, so we were just using a subset.  I confirmed through logs and pulled that particular server from the server configuration and at that point, no one could execute apps in Citrix.  I need to remove this single point of failure.

I have confirmed that the webinterface.config reflect all the systems that are in the Web Interface and CSG.  The Citrix XML Service is running on all XenApp systems.  How can I force CSG to use more than a single CTXSTA?

Thanks in advance for your help.

And yes - we are in the process of moving to Netscaler, however; that is not in place quite yet.


I am a Citrix novice, so I will certainly fill in any gaps that I can when trying to frame the situation and additional information needed.

I have a few users who are getting the error message "Unable to connect to the server. Contact your system administrator with the following error SSL Error 4 The operation completed successfully" when attempting to log into their environment.

Some information I have retrieved:

We are running: NetScaler VPX (50) - NS10.1: Build, Date: Oct 18 2013

These are a couple of errors from the logs:

Mon Jan 22 07:09:32 'server_svc_internal_NSSVC_SSL_TCP_192.168.100.6:3008(nsrpcs-' DOWN
Mon Jan 22 07:09:32 'server_svc_internal_NSSVC_SSL_192.168.100.6:443(nshttps-' DOWN
Mon Jan 22 07:11:01 MonServiceBinding_192.168.100.204:80_(tcp-default)(internal): DOWN; Last response: Failure - TCP syn sent, reset received
Mon Jan 22 07:11:02 MonServiceBinding_192.168.100.204:443_(tcp-default)(internal): DOWN; Last response: Failure - TCP syn sent, reset received

This occurs with varying versions of the Citrix Receiver. I was able to replicate the issue with the latest and greatest version.

This is something that just started happening about 18 hours ago.

I am in a position to reboot the Netscaler appliance, but didn't want to do so during a time which we still have a few people working and having someone provide some initial feedback.

Any assistance is greatly appreciated.

We are looking to implement Windows Hello for Business in our environment.

On Citrix Environment:

XenApp 7.16
Windows 2016 Backend and VDA
Netscaller VPX NS11.1
Azure MFA (On-Prem) Radius
StoreFront 3.13
On AD side we meet all the requirements for Windows HFB

We introduced MS AD FS On-Prem as part of the Hello For Business prep.


Since Windows HFB works using Hardware TPM( or Software Substitute), curious how Citrix will handle that with a XenApp shared Desktop environment.


Any Thoughts, Links for Citrix+ Hello For Business, guidance, etc are welcomed.

We are on Xenapp 7.8.  I just found out that our Netscaler license did not belong to us, but to the company that set up Citrix.  Who is now gone.
I got a temporary Netscaler license.  When The Citrix rep called me to give me pricing, it is $7000.  

I spoke to the guy who set up Netscaler and he told me that the SSL certificate could be pointed to the Store Front, which would eliminate the need for Netscaler.

All we use Xenapp for is "Desktop".  We don't deploy any apps.   Is it OK to not use Netscaler?

When we are trying to connect to citrix we are getting

This site can’t be reached refused to connect.

Checking the connection
Checking the proxy and the firewall

It was working and since this weekend it is not working at all. How do I trace back where the problem is and where do i start?

I am new to this and I cannot figure out the life for me why this virtual is coming up as unregistered. I followed our KB - reinstalled VDA 7.6 rebooted and still nothing. Any experts in this area?
Are there major features missing for load balancing purposes? Throughput limits? High cost?
Running ldp.exe on domain controller using domain admin credentials and simple bind, I got the same error the first run. Now it gives me The token supplied to the function is invalid.

Running ldp.exe on a different domain controller on different domain/forest, the results are valid.

So something wrong on first domain controller. How/Where to find the problem?

Anyone could share the Basic Tutorial link\URL to learn NetScaler and its configuration/features.

Any help would be appreciated.

We are are looking into replacing our ADFS Proxy Servers with Citrix Netscaler (See link ->

We are also looking at buying Duo and using it for ADFS (Link->

We don't to make our network engineer go through all of the work switching ADFS proxy over to the Netscaler if will not work with Duo. Wanted to check to see if anyone here has or is doing this?

I have a load balancer with a public VIP. The partner can only get the site if they ignore that they perceive the site as unsafe.
I’m fairly the certain my very is valid because other VIPs use it. What are some reasons a client might not trust the cert? Brain storming question.
How do I get user report logs from XenDesktop 7.x? There doesn't appear to be a reporting tools in Studio or Director. Would this be available from the Netscaler? Please advise. Thanks






NetScaler is the industry’s leading web and application delivery controller that maximizes the performance and availability of all applications and data, and also provide secure remote access to any application from any device type. NetScaler products are easily selected by determining the edition providing functional needs and the appropriate physical or virtual appliance platform to fulfill performance needs.