-
Getting Started with NetScaler
-
Solutions for Telecom Service Providers
-
Load Balance Control-Plane Traffic that is based on Diameter, SIP, and SMPP Protocols
-
Provide Subscriber Load Distribution Using GSLB Across Core-Networks of a Telecom Service Provider
-
Authentication, authorization, and auditing application traffic
-
Basic components of authentication, authorization, and auditing configuration
-
Web Application Firewall protection for VPN virtual servers and authentication virtual servers
-
On-premises NetScaler Gateway as an identity provider to Citrix Cloud™
-
Authentication, authorization, and auditing configuration for commonly used protocols
-
Troubleshoot authentication and authorization related issues
-
-
-
-
-
-
Persistence and persistent connections
-
Advanced load balancing settings
-
Gradually stepping up the load on a new service with virtual server–level slow start
-
Protect applications on protected servers against traffic surges
-
Retrieve location details from user IP address using geolocation database
-
Use source IP address of the client when connecting to the server
-
Use client source IP address for backend communication in a v4-v6 load balancing configuration
-
Set a limit on number of requests per connection to the server
-
Configure automatic state transition based on percentage health of bound services
-
-
Use case 2: Configure rule based persistence based on a name-value pair in a TCP byte stream
-
Use case 3: Configure load balancing in direct server return mode
-
Use case 6: Configure load balancing in DSR mode for IPv6 networks by using the TOS field
-
Use case 7: Configure load balancing in DSR mode by using IP Over IP
-
Use case 10: Load balancing of intrusion detection system servers
-
Use case 11: Isolating network traffic using listen policies
-
Use case 12: Configure Citrix Virtual Desktops for load balancing
-
Use case 13: Configure Citrix Virtual Apps and Desktops for load balancing
-
Use case 14: ShareFile wizard for load balancing Citrix ShareFile
-
Use case 15: Configure layer 4 load balancing on the NetScaler appliance
-
-
-
-
Authentication and authorization for System Users
-
-
Configuring a CloudBridge Connector Tunnel between two Datacenters
-
Configuring CloudBridge Connector between Datacenter and AWS Cloud
-
Configuring a CloudBridge Connector Tunnel Between a Datacenter and Azure Cloud
-
Configuring CloudBridge Connector Tunnel between Datacenter and SoftLayer Enterprise Cloud
-
Configuring a CloudBridge Connector Tunnel Between a NetScaler Appliance and Cisco IOS Device
-
CloudBridge Connector Tunnel Diagnostics and Troubleshooting
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configure DTLS VPN virtual server using SSL VPN virtual server
You can now configure a DTLS VPN virtual server for a NetScaler appliance using the same IP and port number of a configured SSL VPN virtual server. Configuring DTLS VPN virtual servers enables you to bind the advanced DTLS ciphers and certificates to the DTLS traffic for an enhanced security. Also, DTLS 1.2 protocol is supported in addition to the earlier supported DTLS 1.0 protocol.
Note: By default, the DTLS functionality is set to ON for the existing SSL VPN virtual server. You must disable the functionality for the server before creating the DTLS VPN virtual server.
Points to note
-
Before you configure a DTLS VPN virtual server on a NetScaler appliance, you must have configured an SSL VPN virtual server on the appliance.
-
The DTLS VPN virtual server uses the IP address and the port number of the configured SSL VPN virtual server.
-
By default, the DTLS functionality is set to ON for the existing SSL VPN virtual server. You must disable the functionality for the server before creating the DTLS VPN virtual server.
-
SSL policy and SSL profile are not supported on a DTLS VPN virtual server. Also, binding of VPN virtual server policy is not supported.
- Following features are not supported for DTLS VPN virtual server:
- Unified Gateway with content switching virtual server
- UDP MUX
- UDP Video
- UDP Audio
- PCOIP
- The
stat vpn vservercommand related to the statistics for the DTLS VPN virtual server is not supported.
Configure DTLS VPN virtual server
To configure a DTLS VPN virtual server by using the NetScaler GUI
- On the Configuration tab, navigate to NetScaler Gateway > Virtual Servers.
- On the NetScaler Gateway Virtual Servers page, select the existing SSL VPN virtual server and click Edit.
-
On the VPN Virtual Server page, click the edit icon and clear the DTLS check box and click OK.
-
Click the back arrow icon on the VPN Virtual Server to navigate to NetScaler Gateway Virtual Servers page and click Add.
-
Under Basic Settings, enter the values for the following fields: Name - A name for the DTLS VPN virtual server; Protocol - Select DTLS from the drop-down list; IPAddress – Enter SSL VPN virtual server IP address; Port – Enter SSL VPN virtual server port number. Click OK.
-
On VPN Virtual Servers page, click arrow under Certificates to select the required cert key. You can use an existing SSL cert key or create one. Click the radio button next to the desired cert key and click Select.
-
Click Bind on the Server Certificate Binding page.
-
To use DTLS 1.2, enable the same. On the VPN Virtual Servers page, click the edit icon under SSL Parameters. Enable DTLS 1.2 check box and click OK.
DTLS VPN virtual server configuration is now complete.
To configure a DTLS VPN virtual server by using the command line interface, at the command prompt, type the following sets of commands:
set vpn vserver <ssl vpnvserver name> -dtls off
add vpn vserver <dtls vpnvserver name> dtls <ssl vpn vserver IP> <ssl vpn vserver port>
bind ssl vservser <dtls vpnvserver name> -certkeyName <existing ssl cert key or newly created cert key>
<!--NeedCopy-->
DTLS 1.0 works as usual, to use DTLS 1.2, type the following command:
set ssl vserver < dtls vpnvserver name > -dtls12 ENABLED
<!--NeedCopy-->
Example
set vpn vserver vpnvserver -dtls off
add vpn vserver vpnvserver_dtls dtls 10.108.45.220 443
bind ssl vservser vpnvserver_dtls -certkeyName sslcertkey
set ssl vserver vpnvserver_dtls -dtls12 ENABLED
<!--NeedCopy-->
The list of supported DTLS VPN virtual server parameters are as follows:
- Ipaddress
- Port
- State
- Double hop
- downstateflush
- Comment
- Appflowlog
- Icmpvsrresponse
To configure DTLS virtual server using XA/XD wizard
-
On the XA/XD setup wizard, select StoreFront and click Continue.
-
On NetScaler Gateway Settings page, enable Configure a DTLS Listener for this VPN VServer check box and click Continue.
-
Notice that DTLS Listener is now configured. Click Choose File to select server certificate and click Continue.
-
Specify certificate file and Key file name and click Continue.
-
Under the StoreFront™ section, provide the values for the required parameters as shown below and click Continue.
-
Provide the values for the required parameters as shown below and click Test Connection.
-
Ensure that the server is reachable, provide Time out value and Server Logon Name Attribute, and click Continue.
-
Finally, click Done to complete the configuration.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.