[Webinar] Streamline your web hosting managementRegister Today







NetScaler is the industry’s leading web and application delivery controller that maximizes the performance and availability of all applications and data, and also provide secure remote access to any application from any device type. NetScaler products are easily selected by determining the edition providing functional needs and the appropriate physical or virtual appliance platform to fulfill performance needs.

Share tech news, updates, or what's on your mind.

Sign up to Post

We are on Xenapp 7.8.  I just found out that our Netscaler license did not belong to us, but to the company that set up Citrix.  Who is now gone.
I got a temporary Netscaler license.  When The Citrix rep called me to give me pricing, it is $7000.  

I spoke to the guy who set up Netscaler and he told me that the SSL certificate could be pointed to the Store Front, which would eliminate the need for Netscaler.

All we use Xenapp for is "Desktop".  We don't deploy any apps.   Is it OK to not use Netscaler?

When we are trying to connect to citrix we are getting

This site can’t be reached
citrix.ephs.ealing.sch.uk refused to connect.

Checking the connection
Checking the proxy and the firewall

It was working and since this weekend it is not working at all. How do I trace back where the problem is and where do i start?

I am new to this and I cannot figure out the life for me why this virtual is coming up as unregistered. I followed our KB - reinstalled VDA 7.6 rebooted and still nothing. Any experts in this area?
Are there major features missing for load balancing purposes? Throughput limits? High cost?
Running ldp.exe on domain controller using domain admin credentials and simple bind, I got the same error the first run. Now it gives me The token supplied to the function is invalid.

Running ldp.exe on a different domain controller on different domain/forest, the results are valid.

So something wrong on first domain controller. How/Where to find the problem?

Anyone could share the Basic Tutorial link\URL to learn NetScaler and its configuration/features.

Any help would be appreciated.

We are are looking into replacing our ADFS Proxy Servers with Citrix Netscaler (See link -> https://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/guide-to-deploying-netscaler-as-an-active-directory-federation-services-proxy.pdf)

We are also looking at buying Duo and using it for ADFS (Link->https://duo.com/docs/adfs-30)

We don't to make our network engineer go through all of the work switching ADFS proxy over to the Netscaler if will not work with Duo. Wanted to check to see if anyone here has or is doing this?

I have a load balancer with a public VIP. The partner can only get the site if they ignore that they perceive the site as unsafe.
I’m fairly the certain my very is valid because other VIPs use it. What are some reasons a client might not trust the cert? Brain storming question.
How do I get user report logs from XenDesktop 7.x? There doesn't appear to be a reporting tools in Studio or Director. Would this be available from the Netscaler? Please advise. Thanks
We have purchased a company (Microsoft Exchange 2010) and will be migrating them to our Microsoft Exchange 2013 environment. In that process, we will need to migrate their SMTP sending devices to our exchange environment. This process is:

- entering the devices' IP into our Exchange 2013 reinjection list
- updating that device with the new SMTP server address of our exchange server

Issue: previous exchange environment operated with an injection list of all IPs: so they did not maintain a list. They also operate with a Citrix Netscaler load balancing device which is what they advertise to their devices as the SMTP address.

Question is: how can we effectively find the devices in this Exchange 2010 environment that are using the exchange server to send email with. For example, scan to email printer.

Suggestions please?

I have a OID as below

Open in new window

I would like to know how can I convert it to it's name using python? I do not want to make any network or localhost call.

this OID is mapped to one of the VSERVER's Name in NetScaler.
Hi all,

After having a pen test we have report outlining a number of insecure ciphers that have been highlighted with our Netscaler 7500 appliances. I looking in Traffic managment / SSL/Cipher groups I can see there are 104 polices in here.

Are all these polices in use if they are in the list?
Hi all,

We are currently running a pair of Netscaler in HA mode running build 47.14.

I have found some guides on how to upgrade the them, i would like to know are we OK to jump to current build 53.11 as there have been several releases since we last updated our systems.

Version NS11.1 51.26.nc


We are in the implementation phase of the netscaler vpn solution and we have found the session establishes successfully. During the session internal DNS is able to resolve to the internal DNS server however not within the defined scope is unable to resolve. For example  O365 which is an external resource.

We do not  have split tunneling disabled and need this function disabled. We do have internal DNS servers and has ns servers in the netscaler network configuration .

Any ideas are appreciated
Hi Experts,

We have 2 sites with Separate SoreFronts configured. They are in separate locations and there is site to site VPN set up between them.
We have NetScaller set up in one of locations which is Gateway for both sites. When people connecting to netscaller and trying to access citrix which is other location than NetScaller, connection is slow but when they are accessing citrix in the same location as NetScaller connection is fine. I'm assuming that slowness is caused by all traffic routed through Netscaller and then Netscaller routing traffic through VPN link between 2 sites. Is it possible then to set up NetScaller so If user is trying to access citrix which is not on site with Netscaller, he will be still authenticated by Netscaller but then all traffic will be redirected directly to that citrix, instead going through Netscaller? Hope it makes sense😊

Kind Regards,

I've done this a few years back but can't remember the procedure. The cert request has been added to the server via iis

Why do we use this for Citrix Web Servers. It maybe on Web Interface, StoreFront
Can someone let me know
I need some guidance on Xenapp7.12 server installation.

I installed 2 servers one with storefront and one with other features (Delivery Controller, Licensing, etc)

Now I am stuck with configuartion.

Appreciate your help.
If you have a pair of Citrix Netscalers - is there a way to set a management IP address that stays with the active member of the HA pair?
What I want is for users on the laptops to "Not get the error message below"  when they login to Citrix through Netscaler.
Please see details below

Error message
Citrix Receiver

Unable to launch your application. Contact your help desk with the following
Cannot connect to the Citrix XenApp server.Network issues are preventing your
connection. Please try again. If the presists, please call your help desk.

I have laptops that are not joined to the domain.  This is the laptop environment, and this what happens.
1. Windows 7 Ultimate on two laptops and Windows 7 professional  on four laptops
2. Internet Explorer 11
3.Latest OS service packs for Windows 7 ultimate and professional
4. Citrix receiver 3.4 on three laptops and 4.6 on three laptops .
5. Access to Citrix is being done by using https://someserver.citrix.com
6. The laptops users are connecting to the internet using a Wireless Verizon jetpack, there own home wireless, or Verizon MiFi card.
    Then Login to Citrix from https://someserver.citrix.com.
7. After the users Login to Citrix they get the error message above. - If the users randomly try again they " sometimes " can login.
    But not without getting the error above.
8. I can add the Citrix link for Netscaler someserver.citrix.com to Internet Explorer 11 compatibility view, and Trusted Sites .
    However when you exist I.E 11 and go back in the trusted site I added disappears.
9. XenApp6.5 version
Hi Citrix experts

we just finished new insulation for xen-desktop 7.12 with latest  netscaler vpx 11.1

everything work very well internal access VIA web or VIA Citrix receiver work very well no issues

from outside also no issue to access the published Xen-desktops VIA web browser

from mobiles devices like iPhone and iPad using citrix receiver  no issue

but when i use Citrix reciver from outside we get this error (( please check the attached file

please advice what could be the reason
We have a NetScaler Loadbalancer NSMPX-5550, and unfortunately no one here is familiar with it. The initial setup was done by Citrix. I would like to load balance Exchange 2016 inbound traffic via the NetScaler. I may be asking a lot here, but can anyone point me in the right direction with clear instructions on getting this done. It will only load balance inbound traffic so that inbound emails can be spread across all the exchange 2016 servers. Since its inbound will it need certs installed on the NetScaler for Exchange or anything, and anything else such as inbound connection types or anything. Sorry to ask this but any help will be greatly appreciated. At first we planned on just having an inbound IP that's points to one of the internal Exchange server via the firewall, but I really don't want just 1 Exchange server receiving all the inbound traffic, i would like to for the NetScaler to balance this out across all the 3 Servers. Thanks in advance.
How you do configure the External and Internal certificates? Now let me state that when I am using .com for the internal domain, everything works, but when I try using a .local for the internal domain which most folks/companies would have in place, I run into all kinds of issues with the certs on the NetScaler and Storefront.
I purchased a wildcard cert from GoDaddy and installed in my Netscaler Access Gateway by the way I can hit my VIP, and it loads the older black web interface looking portal - that portion works.
When I attempt to log in, I get an HTTP 403 forbidden page right away. Now from the internal network I can navigation to my storefront site which is using a .local domain signed cert and can log in and display my resources with no issues.
After every login attempt from the external access gateway site, I get the following event error in the “Citrix Delivery Services” logs on my Storefront server -
Failed to run discovery
Citrix.Web.DeliveryServicesProxy.ConfigLoader.DiscoveryServiceException, ReceiverWebConfigLoader, Version=, Culture=neutral, PublicKeyToken=null
An error occured while contacting the Discovery Service

I tried binding the internal .local domain signed cert to my Access Gateway virtual server together with the GoDaddy wildcard .com cert but got an error indicating only one binding can be present
The same thing for my internal IIS binding for the Storefront server “Default Wed site” can only bind the …
We use our Netscaler with Radius authentication and Safeword OTP to enable the external access for our Citrix VDI.
Actual every user with a Token can access via Netscaler to our VDI.
The isse is now, the Safeword solution is also used to authenticate to OWA and we have to seperate these two possibilies.
We configured the the LDAP Server in NS the Base DN dc=**, dc=**.
Should we add there a CN=** which contains all useres who need the NS permission?
Do we need to change anything under other Settings?
Server Logon Name Attribute: sAMAccountName
Group Attribute: --<< NEW >>--
Sub Attribute Name:  cn

Thank you for your support.
If you have a have a service group member binding that was initially put in as disabled and now you want to enable it - what's the mojo?

bind serviceGroup pg-ord-http order14 8080 -state DISABLED

..and you wish to enable this binding later what's the command?

enable serviceGroup pg-ord-http order14


bind serviceGroup pg-ord-http order14 8080 -state ENABLED







NetScaler is the industry’s leading web and application delivery controller that maximizes the performance and availability of all applications and data, and also provide secure remote access to any application from any device type. NetScaler products are easily selected by determining the edition providing functional needs and the appropriate physical or virtual appliance platform to fulfill performance needs.