[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x

NetScaler

428

Solutions

436

Contributors

NetScaler is the industry’s leading web and application delivery controller that maximizes the performance and availability of all applications and data, and also provide secure remote access to any application from any device type. NetScaler products are easily selected by determining the edition providing functional needs and the appropriate physical or virtual appliance platform to fulfill performance needs.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi,

When we are trying to connect to citrix we are getting

This site can’t be reached
citrix.ephs.ealing.sch.uk refused to connect.
Try:

Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_REFUSED

It was working and since this weekend it is not working at all. How do I trace back where the problem is and where do i start?

Thanks
Arpit
0
Are there major features missing for load balancing purposes? Throughput limits? High cost?
0
Hello,

We are are looking into replacing our ADFS Proxy Servers with Citrix Netscaler (See link -> https://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/guide-to-deploying-netscaler-as-an-active-directory-federation-services-proxy.pdf)

We are also looking at buying Duo and using it for ADFS (Link->https://duo.com/docs/adfs-30)

We don't to make our network engineer go through all of the work switching ADFS proxy over to the Netscaler if will not work with Duo. Wanted to check to see if anyone here has or is doing this?

Thanks!!!
0
We have one user that receives:   Error: not a privileged user when she attempts to connect through the web interface to our Netscaler for VPN access to our network.   Assuming this must be something incorrect with her local client software but can't figure out what or why?  We have tried re-installing it.   We have 200+ users using the same web url and method to connect from home and do not receive this error.  Can anyone help with some basic instructions?  We are not sys admins and they have not responded...we just need to get her working.   Thanks for any assistance.
netscaler_issue.png
0
Hello All,

I am about to implement Sharefile with Storage Zone Controllers on premises using the Setup Netscaler for Sharefile wizard.
In the first screen of the wizard in the "Load Balancing Virtual server configuration", there is a checkbox asking to configure Storage Zone Connectors for file shares. I am wondering if I will need to check this option since I will not be configuring any client or deploying XenMobile. What I want sharefile for is to be able configure users in the Sharefile control plane (Citrix Portal) and grant them access to upload documents through this portal. Also I will like to be able to share documents via an url sent in an email.
Would I need to check the connectors check box in my scenario?
0
We have a netscaler VPX allowing external access to our Citrix environment, we are using gateway direct authentication on the web interface site. the authentication policies on the netscaler are pointing to our ISE radius servers.
We have 2 x domains eame and mod, if an eame user logs in they can connect with no issues, if a mod user logs in they are authenticated but then get the 401 access denied error, i have gone through 100's of posts about this an everything looks fine and works for the eame users any help is appreciated
0
Hi all

We have recently implemented a pair of Citrix Netscaler VPX200 devices. Along with these we have setup Citrix Command Center to monitor the status/health of the devices and report back via e-mail.

Within the SSL VPN Session Profile configuration on the Netscalers we use an IP Pool which will assign an IP from a 10.51.254.0/24 range to be used to allow the client to talk to the internal network. This is due to our proxy servers ignoring requests if they are from a 192.168.x.x range, which most home networks are.

Whilst the reporting of the Netscaler from Citrix Command Center is working as it should, it is detecting the IP Pool assignments as seperate 'Entities' and therefore reporting on them. When a user logs off the VPN, it detects this entity as being down and sends out an alert. I can't change the severity of the 'Entity Down' alert as this will let us know if any loadbalancers or virtual servers go down.

Does anyone know a way around this, such as a rule which will ignore the VPN IP Pool from alerts, or something similar?

Many Thanks

Rich
0
Hi all
 
I have now successfully setup my Citrix Command Center to poll my 3 Netscalers, and send out alerts via E-Mail.
 
However we use an IP Pool of 250 IP's which will get assigned to users using our SSL VPN via Netscaler. When a user disconnects from the VPN, Citrix Command Center detects this under an EntityDown error and e-mails me.

I know I could change the severity of the EntityDown failure, however it does report on legitimate objects within Netscaler.

Does anyone know a way to keep the alerts of EntityDown, but exclude the IP Pool from it?

Many Thanks

Rich
0
We are in the process of migrating from XenApp 6.5 with Web Interface 5.0 to XenApp 7.x with Storefront 3.0. We've had RSA Risk-based authentication working on the Web Interface for years. Now, we are really struggling to get Storefront, Netscaler and RSA RBA working together. The documentation from RSA is pretty bad, and their support has been less than helpful so far.

Has anybody out there successfully configured this? Can you share some of your config files or other advice?
0
Hi Experts,

We are facing an issue with our netscaler environment as the state for 2 ADFS servers (internal) is showing as Down.  Because the ADFS servers are showing as down the requests are not redirecting causing issues with users accessing emails and SharePoint.

I have resolved this temporarily by redirecting traffic to our standby ADFS server , however, we need to get the production server up and running on netscaler. Both the servers are online and I can ping and RDP to these servers. Its a 2008 R2 server with ADFS 2.0 and I can access the management console for ADFS and no issues really there.

I have attached a couple of images to show what we are seeing in netscaler and hopefully this helps. It seems that it is trying to connect to the internal ADFS server on port 443 but unable to.

Hoping someone has come across these issues before and would be able to assist me.

Thanks for your help.

Regards,
Kaushik
ADFS_Down.png
ADFS_Down_2.png
0
After upgrading to citrix netscaler vpx to 11.0-66.11 from version 10.5 the Netscaler Gateway function was coming up as unlicensed.
This netscaler had been workign for more then a year.
So thinking that the license may have expired I went to mycitrix and allocated a license that was valid till 2017.
After applying the license the Netscaler was showing a licensed but the VIP was showing as down.
Upon checking the VIP it did not have a certificate assigned to it.
On going to manage certificates I could see the actual certificate there.
So I went to Traffic Management -> SSL -> Certificates and tried to install the certificate again.
On filling all the fields and clinking install I received the error - "Certificate with key size greater than RSA512 or DSA512 bits not supported".
Our certificate was generated with a key size of 2048 but had been working OK with netscaler OS version 10.5.
Please advise if anyone has seen this before and what can I do to resolve the issue.
0
We have an issue that we are trying to help a client resolve, unfortunately both of us don't know enough about this Citrix connection we inherited.  They have a Netscaler GW server on VPX that provides the portal for users incoming connections both on our internal LAN and through the firewall for external users.

We now have a point to point, Layer 2 connection with a separate VLAN.  We are able to ping the IP of our URL to the internal IP address but we don't get a return from the web server for the portal login page.  All our other traffic is routing fine between the two VLANS which makes us thing there is some additional firewall setting or issue within the Netscaler itself.
0
Is it possible to add the reCaptcha v2 widget into the logon page for NetScaler 11.x application gateway? Management would like to use reCaptcha in conjunction with AD auth as the initial part of login and then, based on client group, direct the user to the applications or to RSA for secondary auth for sensitive applications.
0
Hi, i have a website running IIS 8.5 (win 2012 R2) which runs over HTTP. i have a virtual directory within the same website which i want to secure over HTTPS.
i have both HTTP & HTTPS bindings for the website.

I have a citrix netscaler in front of the website which has been configured to perform SSL offload. the service on the netscaler which sends traffic to the website is both HTTP& HTTPS
I have disabled anonymous authentication and enabled basic authentication for the virtual directory, however i have not checked the 'Require SSL' box for the Virtual Directory.

When a client connects to the Virtual Directory via HTTP they get prompted for username & password and if they enter this, it lets them in, the same happens if the connct via HTTPS

What i need to do is redirecrt/ rewrite the HTTP connection just for the Virtual Directory so that it forces it to be a HTTPS connection. any ideas?

many thanks
0
Hello,

I am trying to figure out a piece of puzzle with my new Citrix Xenapp 7.6 installation (my first of this edition).

I have one Xenapp terminalserver, one storefront server and one Netscaler gateway.

I can input my information (link) into Citrix Receiver from outside my local network and be able to launch applications and desktops directly from within the Receiver. But when i try to do the same from inside my local network it will not work. It just refuses to accept the link/logon.

There is probably a simple resolution, and misconfiguration by me.

I appreciate any responses from you Citrix gurus :)
0
Hello all,

I have configured EPA using a preauthentication policy.  This works however mobile devices are unable to connect and I expect this to become a problem sooner rather than later so am working on a solution.  I configured the scan within the session action as suggested here by Punit:  http://discussions.citrix.com/topic/337423-mobile-devices-and-epa-on-netscaler-gateway-101/

This seems to work however Windows machines are able to skip check and still gain access rather than being denied.  And knowing that, on mobile devices I hit skip check to bypass.  I am not sure: should I be seeing the EPA prompt at all on mobile devices and, if I am, does that mean that the 'REQ.HTTP.HEADER User-Agent' check in the session policy expression is failing?

So i have two questions.  1. Is there a better way to enable EPA but provide a bypass for mobile devices?  and 2. how can I force a 'skip check' to = a failed scan and deny access?

Netscaler 10.5 52.11.nc
Xenapp 6.5
Session-Action.JPG
Session-Policy.JPG
0
I am currently using RNAT to grant our internal workstations internet access.

Is there a way to monitor/restrict these outgoing connections?

 

thank you.
0
I am building a Citrix 7.6 environment to host an application for external access. I am under the impression I need a Netscaler device (Which I've seen for like $15k) to make that happen. Can anyone please confirm this? Can I get external access without a Netscaler?
0
Hi all,
I have a Citrix XenApp 6.5 farm that has 26 Xenapp servers, 2 Data Collectors, 2 web servers and 2 storefront servers. Also using a Netscaler for Load balancing.

In the mornings between 7 - 8 some users are having a connection issue trying to log in. Not all users just some. And the ones that may have a problem today will not have the problem tomorrow but other users will.

Everyone comes in at 8:00 AM so that's high volume time, but I get the early birds that have trouble as well.

The exact error is when they type in their username and password to authenticate is the remote server failed to execute the application launch requested.

And yes I am running PRE_LAUNCH applications, however I disabled them this morning.
0

NetScaler

428

Solutions

436

Contributors

NetScaler is the industry’s leading web and application delivery controller that maximizes the performance and availability of all applications and data, and also provide secure remote access to any application from any device type. NetScaler products are easily selected by determining the edition providing functional needs and the appropriate physical or virtual appliance platform to fulfill performance needs.